SOC Analyst L2
Client of emploipartner
صاحب عمل نشط
نشرت قبل 16 ساعة
أرسل لي وظائف مثل هذه
الجنسية
أي جنسية
جنس
غير مذكور
عدد الشواغر
1 عدد الشواغر
الوصف الوظيفي
الأدوار والمسؤوليات
Advanced monitoring and detection:
- Monitor and utilize alerts from security tools (SIEM, EDR, NDR, Firewall, sandbox, etc.).
- Ensure the quality and relevance of the reported events (logs, correlation, use cases).
- Identify detection gaps and propose improvements.
Analyse & investigation
- Conduct thorough investigations into security incidents.
- Analyze suspicious behavior and identify attack techniques (TTP).
- Correlate multi-source events to reconstruct attack chains.
- Perform detailed analyses (full timeline, pivoting, IOC/IOA).
- Validate or invalidate alerts raised by L1 analysts.
Incident Response
- Manage level 2 security incidents.
- Define and recommend appropriate remediation actions.
- Supporting technical teams in resolving incidents.
- Escalate critical incidents to L3 or SOC manager.
Threat Intelligence & Threat Hunting
- Leveraging Threat Intelligence sources to enrich analyses.
- Participate in Threat Hunting activities (proactive threat search).
- Identify new indicators of compromise (IOCs) and attack scenarios.
- Monitor the evolution of threats and adapt detection capabilities.
Continuous improvement
- Actively participate in the tuning of SIEM rules (reduction of false positives, improvement of detection).
- Develop and optimize detection use cases.
- Contribute to the writing and improvement of SOC playbooks.
- Propose areas for improvement in SOC processes and tools.
Coordination & support
- Provide technical support to L1 analysts.
- Participate in handovers and incident coordination.
- Collaborating with IT teams (network, systems, cloud, dev).
- Contribute to the upskilling of teams (knowledge sharing).
Reporting
- Document investigations and incidents in detail.
- Produce clear and actionable incident reports.
- Ensure full traceability of actions performed.
الملف الشخصي المطلوب للمرشحين
Bac+5 (Master 2) in cybersecurity or equivalent field.
- Minimum 1 to 4 years of experience in cybersecurity, including experience in a SOC.
- Solid understanding of information systems and network architectures.
- Excellent log analysis capabilities (Windows, Linux, security solutions).
- Good command of the MITRE ATT&CK framework.
- Advanced experience with SIEM, EDR/XDR, and NDR tools.
- Good knowledge of attack techniques (lateral movement, persistence, privilege escalation).
- Proficiency in network protocols: TCP/IP, DNS, HTTP, SMTP.
- Experience in security investigation and incident response.
- Knowledge of Threat Hunting and behavioral analysis.
- Certifications: GCIA, GCIH, CEH, Security+, or equivalent.
- Scripting skills (Python, PowerShell, Bash).
- Knowledge of Cloud and Datacenter environments.
- Experience with SOAR tools.
- Technical English (written and read).
- Analytical mind and ability to conduct thorough investigations
- Autonomy and initiative
- Ability to manage complex incidents
- Team spirit and teaching
- Rigour and a sense of responsibility
- Organisation
- Rotating (shift) position, which may include on-call duty, nights, weekends and public holidays depending on the SOC organization.
القطاع المهني للشركة
- تقنية المعلومات- هاردوير و التشبيك
المجال الوظيفي / القسم
- سوفت وير تقنية المعلومات
الكلمات الرئيسية
- SOC Analyst L2
تنويه: نوكري غلف هو مجرد منصة لجمع الباحثين عن عمل وأصحاب العمل معا. وينصح المتقدمون بالبحث في حسن نية صاحب العمل المحتمل بشكل مستقل. نحن لا نؤيد أي طلبات لدفع الأموال وننصح بشدة ضد تبادل المعلومات الشخصية أو المصرفية ذات الصلة. نوصي أيضا زيارة نصائح أمنية للمزيد من المعلومات. إذا كنت تشك في أي احتيال أو سوء تصرف ، راسلنا عبر البريد الإلكتروني abuse@naukrigulf.com
Client of emploipartner
وظائف مماثلة
مهندس تقنية المعلومات
Confidential Company
- 2 - 3 سنوات
- الشارقة - الإمارات العربية المتحدة