Security Operations Center Analyst - Tier 2

About the role

The Security Operations Center (SOC) Analyst – Tier 2 is responsible for deep investigation of security incidents, proactive threat hunting, and supporting advanced forensic investigations. This role bridges initial detection performed by Tier 1 analysts and specialized response actions, helping to improve the overall security posture of our customers.

Key responsibilities

• Conduct thorough investigations of incidents escalated from Tier 1, including log and network traffic analysis.
• Perform containment, eradication, and recovery actions, and document detailed incident reports.
• Develop and execute proactive threat‑hunting campaigns, creating detection rules and playbooks.
• Support Tier 3 analysts with digital forensic investigations on compromised systems.
• Collaborate with customer IT and security teams to enhance security controls, policies, and procedures.
• Mentor Tier 1 analysts, share new detection techniques, and contribute to continuous SOC training.

Required profile

• Proven experience in a SOC environment, preferably at Tier 2 level.
• Strong analytical and investigative skills with the ability to perform root‑cause analysis.
• Excellent communication skills to coordinate with internal teams and customers.
• Willingness to stay updated on emerging threats and security technologies.

Required skills

• Log analysis
• Network traffic analysis
• Digital forensic investigation
• Threat hunting
• Incident response
• Detection rule creation
• Playbook development