Soc L2

Job Title: SOC Analyst – L2

Location: On-site – Ahmedabad

Shift: 24x7 Rotational Shifts

Experience Level: 2–3 Years

About the Role

We are seeking a skilled and analytical SOC Analyst L2 to join our growing 24x7 Security Operations Center. As an L2 Analyst, you will be responsible for conducting in-depth investigations on alerts escalated from L1, improving detection capabilities, and supporting incident response efforts. This role is critical in enhancing threat detection, optimizing security operations, and ensuring a proactive defense posture for our clients.

Key Responsibilities

• Investigate and analyze security alerts escalated by L1 analysts
• Perform deep-dive investigations using SIEM logs, network traffic, endpoint data, and threat intelligence
• Escalate confirmed security incidents to L3/IR teams with detailed analysis and context
• Identify security gaps and provide recommendations for control enhancements
• Contribute to use case creation and tuning of SIEM rules for improved alert quality
• Assist in developing and maintaining playbooks, SOPs, and incident response processes
• Collaborate with internal and client teams to understand business context and improve detection logic
• Ensure timely documentation and closure of incidents in the case management system

Required Skills & Knowledge

• Solid understanding of cyber threats, TTPs, and incident lifecycle
• Hands-on experience with SIEM platforms (Wazuh preferred)
• Strong log analysis and threat investigation skills
• Familiarity with MITRE ATT&CK framework and threat intelligence integration
• Knowledge of use case development, fine-tuning, and event correlation
• Experience with creating playbooks and process documentation
• Ability to interpret network, endpoint, and application-level events