Security Operations Analyst responsible for developing security processes and incident response. Collaborating with multiple teams for security best practices in a hybrid work environment.
About the role
- Senior SOC Analyst leading advanced security monitoring and response across various platforms. Collaborating with teams to strengthen security posture and mentor junior analysts.
Responsibilities
- Perform advanced L2/L3 alert triage and investigations across endpoint, network, cloud, and edge security platforms
- Lead investigations using SIEM tools to validate incidents, reduce noise, and determine impact
- Analyze and respond to edge security events including WAF, DDoS, bot activity, and Zero Trust alerts
- Act as an escalation point for confirmed incidents and support containment and response actions
- Conduct root cause analysis and threat investigations, identifying attacker behavior and scope of impact
- Design, tune, and maintain detection rules and logic across SIEM platforms
- Improve detection coverage by aligning rules with the MITRE ATT&CK framework
- Mentor and guide junior SOC analysts and contribute to skill development across the team
- Help build and maintain investigation playbooks and incident response runbooks
- Collaborate with SOC leadership, Cloud Security, and DevOps teams to improve security controls and visibility
Requirements
- 5+ years of experience as a SOC Analyst (L2/L3)
- Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or equivalent experience
- Hands-on experience with SIEM platforms (Splunk, Graylog, or similar)
- Experience performing alert triage, incident investigation, and escalation
- Strong knowledge of networking protocols (TCP/IP, DNS, HTTP/HTTPS, BGP)
- Experience analyzing AWS security logs (CloudTrail, CloudWatch, VPC Flow Logs)
- Experience with container and Kubernetes runtime security (Kubernetes, Amazon EKS)
- Hands-on experience with Cloudflare security tools (WAF, DDoS, Bot Management, Zero Trust)
- Strong understanding of IDS/IPS, firewalls, proxies, and DLP technologies
- Experience conducting root cause analysis and post-incident reviews
- Familiarity with MITRE ATT&CK framework and NIST incident response standards
- Experience developing and tuning SIEM detection rules
- Knowledge of scripting or automation (Python, PowerShell, or Bash)
- Foundational understanding of AI/ML security concepts and LLM-related risks
- Strong analytical, investigation, and incident handling skills
- Ability to communicate technical findings to non-technical stakeholders
- Relevant certifications preferred (GCIA, GCIH, CompTIA CySA+, AWS Security Specialty)
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Security Manager leading IAM and SecOps at fintech solutions provider in Brazil. Developing and implementing information security programs aligned with best practices and compliance requirements.
Security Engineer enhancing cybersecurity tools and solutions for The Walt Disney Company. Performing system analyses and developing security configurations for improved protection against cyber threats.
Security Operations Lead responsible for security operations aligning with policies and compliance. Handling incident response, vulnerability management, and supporting IT teams with security expertise.
SOC L2 Analyst responsible for security monitoring and incident investigation. Analyzing escalated alerts, conducting correlation with SIEM, and executing response actions.
Cyber Security Specialist protecting digital estate from threats at the University of Edinburgh. Focused on identifying and mitigating cyber risks while supporting teaching and research services.
Lead Specialist in Security Operations, enhancing detection engineering and incident response at Pearson. Collaborate with teams and drive process improvements in a high - paced environment.
Cybersecurity Incident Response Analyst detecting and responding to cyber threats at NOV. Collaborating using AI tools to enhance cybersecurity operations across IT, cloud, and OT environments.
Security Engineer II at AvidXchange enhancing security operations and incident response. Collaborating with teams to develop, tune and improve security monitoring and automation capabilities.
Director leading security operations strategy and overseeing investigations at Ford Motor Company. Responsible for global investigations, crisis management, and team leadership.