L2 SOC Analyst (SO2)

IT And Software Development National Capital Region


Description

The Level 2 SOC Analyst performs individual tasks consistently and at an exemplary standard and is able to mentor Level 1 SOC Analysts in SOC processes and procedures.
 
Responsibilities 
 
  • Deliver security-based operational support for clients, in line with documented process and timeframe
  • Classify and prioritize incidents based on established criteria
  • Review the collected data and additional requested log sources then provide tactical recommendations
  • Escalate any potential high visibility incident
  • Handle communication to a mix of technical and non-technical client audience
  • Research Threat or Security related news that could potentially impact a client
  • Proactive hunting for threats in large volumes of data
  • Generate scan schedules for vulnerability management and contribute to risk adjusted assessments
  • Create custom reports based on the data gathered on a weekly/monthly basis
  • Knowledgeable in updating a use case or playbook
  • Document processes and process improvements
  • Provide analytical and technical support to solve a wide range of complex security issues
  • Raise support tickets and take ownership of issues through to completion
  • Participate in open communication between team members
  • Additional tasks will be given as the individual grows their skill
 
Key Competencies & Experience:
  • Degree in computer science or equivalent certifications/qualifications.
  • Minimum 2 years of cyber security operations experience.
  • Understanding of the different occurrences of incidents, scenarios and situations, including an understanding of evolving threat tactics, techniques and procedures.
  • Good understanding and experience in either Incident Response, Vulnerability Management, Security Operations or Cyber Threat Intelligence.
  • Good understanding of the cyber security landscape and security concepts.
  • Good understanding of common protocols
  • Good understanding of security event triage and incident handling processes
  • Good understanding of packet analysis
  • Foundational understanding of malware analysis
  • Foundational understanding of vulnerability management, including scanning and reporting Foundational understanding in security architecture.
  • Good understanding in the use of Security Information and Event Management and Endpoint Detection and Response tools is highly desirable.
 
Skills and Attitudes:
  • Willing to work in 24 x 7 environment.
  • Commitment to continual improvement, education, personal development and a willingness to learn.
  • Strong troubleshooting skills and ability to manage issues through to resolution.
  • Maintains strong attention to detail in high-pressure situations.
  • Ability to explain in written and spoken English.
  • Strong ambition and ability to develop and expand cyber security services and product support.