Search Jobs
Search by job, company or skills
Search by job, company or skills
SOC Analyst L2/RE is an operational role, focusing on ticket quality and security incident deeper investigation and will be responsible to handle the escalated incidents from Level 1 team within SLA.
Responsibilities:
. SOC Analyst L2 would work closely with SOC L1 team, L3 team & customer and responsible for performing deeper analysis and need to interact with client in daily calls and need to take the responsibility of handling the True Positive incidents on time.
. Handle escalated incidents and coordinate with client when required.
. Work closely with Client Duty Officers on any ad-hoc operational requests.
. Collaborate with the Exabeam, Splunk, and Log Source teams to resolve issues as needed.
. Take appropriate action on IOCs received from client when required.
. Fine-tune and create new detection rules based on client requests.
o Create and manage the Incident handling playbook, process runbooks and ad-hoc documents whenever needed
o Recommend finetuning for client with logic and threshold, and possibly the query as well for the SIEM
o Recommend new use cases with logic and threshold, and possibly the query as well for the SIEM
. Provide data from Splunk/Exabeam during client audit activities.
. Share monthly data to client for internal IMM meetings.
. Share top user-reported malicious emails from Abnormal Security for reward and recognition programs.
. Prepare RCA report when required
. Share knowledge to other analysts in their role and responsibilities
. Provide knowledge transfer to L1 such as advance hunting techniques, guides, cheat sheets etc
Job Requirements
SOC, SIEM Platforms, Splunk, Exabeam, SOAR platform, Google SecOps, Log Source, Security Operations
Job ID: 141151169
