We are seeking a skilled Cyber Security Analyst Level 2 to enhance our security monitoring, incident response, brand protection, and threat intelligence capabilities under 24x7 SOC operations. The Level 2 Security Analyst will play a critical role in identifying and mitigating potential threats through advanced monitoring, data analysis, and collaboration with various stakeholders. This role involves leading complex investigations, mentoring junior analysts, and developing advanced threat detection techniques.
Key Responsibilities:
Advanced Security Alert Monitoring:
Lead the monitoring, triaging, and remediation of security alerts within SLA, providing guidance to L1 analysts.
Incident Management:
Manage and respond to complex security incidents, coordinating with relevant teams for effective resolution.
Threat Detection and Hunting:
Develop and implement advanced analytical methods to detect sophisticated threat actors using emerging tactics and techniques. Conduct proactive threat hunting to identify and mitigate potential threats.
Data Analysis:
Analyze and correlate large data sets to uncover novel threats and attack techniques, providing insights and recommendations.
Collaboration:
Work closely with the cyber defense center team and other stakeholders to develop and refine hunt strategies and analytics.
Incident Response:
Recognize and respond to attacker activity, implementing remediation plans and improving incident response processes.
Communication:
Investigate and communicate root cause findings to stakeholders, including technical staff and leadership. Provide detailed incident reports and recommendations.
Documentation:
Author and maintain Standard Operating Procedures (SOPs) and generate comprehensive end-of-shift reports for knowledge transfer.
Reporting:
Prepare and review daily, weekly, and monthly reports, ensuring accuracy and completeness.
Health Checks:
Oversee daily health checks of security components and solutions, ensuring optimal performance.
Mentorship:
Mentor and train junior analysts, fostering a culture of continuous learning and improvement.
Shift Work:
Be comfortable with 24x7 SOC services, including night shifts, and provide leadership during critical incidents.
Qualifications:
1.) Education:
Bachelor's degree in information technology, Computer Science/Engineering, or equivalent.
Desirable certifications: Security+, CEH, GCIH, GCIA, GSEC, CISSP, CISM.
2.) Experience:
Minimum 3+ years in SOC monitoring and incident management.
Extensive experience in Security Operations, Incident Response, Detection Engineering, Offensive
Security/Red Team, or Cyber Threat Intelligence.
Proficiency with SIEM processes and products (e.g., Microsoft Sentinel SIEM, EDR, CSPM).
Experience analyzing systems, network, and application logs for advanced attack techniques.
Experience consuming and analyzing Cyber Threat Intelligence for actionable insights.
Skills:
1.) Technical Skills:
Advanced deep packet and log analytics.
Proficiency in forensic and malware analysis.
Expertise in cyber threat and intelligence gathering and analysis.
2.) Analytical Skills:
Ability to analyze large and complex data sets to identify sophisticated threats.
3.) Communication Skills:
Effectively communicate complex findings to technical staff and leadership.
4.) Collaboration Skills:
Work effectively across a complex, geographically dispersed organization, leading cross-functional teams.