SOC Analyst (Level 2)(m/w/x)

Beschreibung

As a senior technical lead, you will drive complex investigations and incident response while mentoring junior analysts and refining detection logic to secure cloud-first digital assets.

Anforderungen

• •2–5+ years of SOC or incident response experience
• •Strong investigation skills in cloud and network security
• •Proficiency with SIEM and common SOC tooling
• •Ability to write clear incident documentation
• •Comfort in on-call or shift environments
• •Detection engineering and SOAR automation experience
• •Knowledge of DFIR fundamentals and artifact analysis
• •Container and Kubernetes runtime security exposure
• •Practical Python or Bash scripting skills
• •Familiarity with digital-asset ecosystems and trading operations
• •Relevant security certifications or equivalent

Aufgaben

• •Investigate complex escalations and multi-signal alerts
• •Analyze logs across SIEM, EDR, and cloud platforms
• •Build incident timelines and scope assessments
• •Lead technical triage and containment for high-severity incidents
• •Execute and refine response playbooks for key scenarios
• •Coordinate evidence collection for legal and compliance needs
• •Enrich investigations with threat intelligence and ATT&CK mapping
• •Maintain watchlists and detection logic for priority threats
• •Tune correlation rules and policies to reduce false positives
• •Implement new detections for emerging cloud and identity attacks
• •Automate enrichment steps using SOAR workflows and scripts
• •Mentor Level 1 analysts through coaching and feedback
• •Manage shift handovers and document active cases
• •Drive continuous improvement of SOC performance metrics
• •Recommend IAM hardening to prevent incident recurrence

Tools & Technologien