Senior Security Analyst

Job Description●As a Level 2 Cyber Defense Operations Center (CDOC) Senior Analyst , you will work in advanced security operations with a focus on SIEM and SOAR technologies, driving detection and response. You’ll be responsible for helping L3 in optimizing detection rules and managing high-severity incidents from triage to resolution. ● Your primary responsibility will be helping Level 1 analyst in analysis of incidents and assisting Level 3 on day-to-day operation. ● This role r equires medium level technical expertise, team player quality, and a proactive approach to evolving threats. Qualifications & Experience ●Bachelor's degree in computer science, Information Technology, Cybersecurity, or a related field. A Master's degree or relevant certifications (e.g., SANS/GIAC, ECIH, GCIH, CEH, DFIR) may be preferred. ●4-7 years of total experience in SOC in a large multi-national organization or in a known MSSP. In addition, candidate should possess at least 2 years of working experience on SOAR solutions. Responsibilities ●Run daily SOC operations including SIEM/SOAR tuning, alert triage, and coordinated incident response to ensure effective real-time threat monitoring. ●Handlle end-to-end security incident analysis, containment, mitigation, and reporting, leveraging SIEM/SOAR insights and cross-team coordination for swift resolution. ●Work on high priority incidents or escalated incidents from L1 ●Assist L3 in any adhoc investigation, fine-tuning security solution. ●Continuously enhance SIEM/SOAR/XDR alert use cases and threat detection capabilities. ●Research emerging threats, vulnerabilities, and attack techniques to improve defenses. ●Document incident response activities and produce detailed reports for stakeholders. ●Conduct post-incident reviews to drive improvements in tools, processes, and readiness. ●Maintain detailed incident records, contribute to reporting, and support audit readiness. ●Guide and train junior analysts, promoting best practices and continuous improvement within the SOC. ●Stay up to date on emerging threats and technologies to continuously evolve SOC capabilities. ●Support comprehensive asset inventory and ownership mapping to ensure full monitoring coverage. Technical & Soft Skills: ●Deep hands-on experience with technologies like SIEM, SOAR, XDR such as Google Chronicle, Crowdstrike Logscale, Splunk. ●Strong working knowledge of endpoint security tools and concepts, including EDR (CrowdStrike, Defender, Cortex), DLP, and MDM. ●Strong knowledge of MITRE ATT&CK, NIST CSF frameworks, and cyber kill chain concepts. ●Good understanding of network security, operating systems, and hybrid cloud environments (Cloud, On-Prem, VDI). ●In-depth knowledge of threat landscapes and technical security concepts. ●Strong grasp of network protocols, OS internals, and security technologies. ●Familiar with compliance standards such as NIST CSF and ISO 27001. ●Ability to work under pressure, especially during critical security incidents. ●Ability to conduct independent research and analysis, identifying issues, formulating options, and making conclusions and recommendations. ●Skilled in developing professional documentation and detailed reporting (including PowerPoint presentations), including policies, standards, processes and procedures ●Very high attention to detail, with strong skills in managing/presenting data and information. ●Demonstrable conceptual, analytical and innovative problem-solving and evaluative skills. ●Good communication and interpersonal skills to effectively collaborate with stakeholders, and internal teams. Array