Senior Security Engineer

The primary objective of the Level 2 SOC Analyst is to monitor and defend the organization against cyber threats by identifying, analyzing, and responding to security incidents. The analyst escalates incidents from Level 1 analysts and employs more advanced strategies to mitigate and prevent security breaches. Key Responsibilities:  Incident Handling and Response: Investigate and analyze complex security incidents escalated from Level 1 analysts. Develop and implement strategies for containment, eradication, and recovery from security incidents. Coordinate with other teams for incident resolution. Threat Intelligence: Utilize threat intelligence to identify and mitigate potential threats before they impact the organization. Share actionable intelligence with relevant stakeholders. Security Monitoring: Perform advanced monitoring of security events from various sources including SIEM (Security Information and Event Management) systems, endpoint detection and response platforms, and network security devices. Forensic Analysis: Conduct detailed forensic analysis of digital information and gather evidence related to security incidents. Utilize forensic tools and techniques to uncover the root cause of cyber attacks. Vulnerability Management: Participate in vulnerability assessments and penetration testing activities. Analyze results and recommend remediation actions to improve the organization's security posture. Security Tools and Technologies: Administer and fine-tune security tools and technologies to enhance the detection and response capabilities of the SOC. Documentation and Reporting: Prepare detailed incident reports and documentation. Develop and maintain SOPs (Standard Operating Procedures) for incident response and other SOC processes. Security Awareness and Training: Contribute to security awareness programs and provide training to Level 1 analysts and other stakeholders within the organization. Continuous Improvement: Continuously improve the security posture of the organization by staying updated on the latest cybersecurity trends, tools, and best practices. Recommend improvements to SOC processes and technologies.