SOC Analyst (L1/L2) – Cybersecurity Operations

About the role

The SOC Analyst (L1/L2) joins a 24x7 security operations center to monitor, detect, analyze, and respond to cyber threats across enterprise environments. You will work with a range of security tools, follow established runbooks, and ensure incidents are handled efficiently according to SLAs.

Key responsibilities

• Monitor and analyze alerts from SIEM, SOAR, EDR and other tools to identify potential threats.
• Perform timely triage, validation and investigation of alerts following priority matrices.
• Execute containment, response and remediation actions using defined runbooks.
• Manage incidents through the full lifecycle, documenting status updates and closures.
• Maintain communication channels, coordinate escalations and ensure stakeholder notifications.
• Ensure SLA compliance, perform shift handovers and report operational issues.
• Support continuous improvement by identifying gaps in detection, logging and automation.

Required profile

• Bachelor’s degree in Computer Science, Information Security, IT or related field.
• 1–3 years experience in security operations, IT security or a similar role.
• Strong analytical and problem‑solving abilities with attention to detail.
• Good written and verbal communication skills for documentation and handovers.
• Relevant certifications (e.g., Security+, CISSP, or similar) are a plus.

Required skills

• Understanding of cybersecurity fundamentals and threat frameworks such as MITRE ATT&CK.
• Working knowledge of Windows and Linux/Unix operating systems.
• Networking concepts including TCP/IP, OSI model, DNS and HTTP/S.
• Experience with SIEM, SOAR and EDR platforms.
• Familiarity with firewalls, security monitoring tools and log analysis.
• Ability to analyze network traffic and endpoint telemetry.
• Exposure to cloud security concepts (Azure, AWS, GCP) is advantageous.