Job Description

Job Advertisement - L2 SOC Analyst (Level 2)
Location: Qatar
Duration: 3 Years
Salary: Based on merit
Role Summary:
The L2 SOC Analyst serves as the second line of defense, conducting in-depth investigation, analysis, and response to escalated security incidents. This role ensures proper containment, remediation, and detailed reporting of threats.
Key Responsibilities:
Investigate escalated incidents from L1 Analysts.
Perform root cause analysis and recommend corrective actions.
Conduct malware analysis, threat hunting, and log correlation.
Fine-tune SIEM rules and detection use cases to minimize false positives.
Coordinate with IT/security teams for incident containment and remediation.
Mentor and support L1 Analysts with technical expertise.
Prepare detailed incident reports and contribute to incident response planning.
Requirements:
2-4 years of SOC or cybersecurity operations experience.
Strong knowledge of cybersecurity concepts, attack techniques, and mitigation strategies.
Hands-on experience with SIEM, IDS/IPS, firewalls, and EDR tools.
Skilled in log analysis (network, system, application) and threat intelligence usage.
Familiarity with MITRE ATT&CK, NIST, and ISO 27001 frameworks.
Proficiency in scripting (Python/PowerShell) for automation and hunting.
Excellent analytical, communication, and report writing skills.
Advanced Skills Preferred:
Threat hunting and digital forensics (memory, disk, or packet analysis).
Malware reverse engineering and detection engineering.
Experience with SOAR platforms, Wireshark, and YARA/Sigma rules.
Applying threat feeds (VirusTotal, AlienVault OTX, MISP).
Certifications (at least four required):
CEH, OSCP, CySA+, GCIH, ECIH, CASP+, CISSP, Splunk/Microsoft Sentinel, GCFA, GREM, GCTI, or equivalent.

Job Type: Full-time

Application Question(s):

How many years of experience do you have working in a Security Operations Center (SOC) role? Do you have hands-on experience with SIEM platforms (e.g., Microsoft Sentinel, Splunk, QRadar)? Which cybersecurity tools and technologies have you worked with? (Please specify)
? Endpoint Detection & Response (EDR)

? IDS/IPS

? Firewalls

? Vulnerability Management tools

? SOAR platforms

? Threat Intelligence feeds

Are you proficient in log analysis (network, system, application) and correlating events for incident investigations? Do you have experience in threat hunting, digital forensics, or malware analysis? Do you hold at least four relevant security certifications (e.g., CEH, OSCP, CySA+, GCIH, ECIH, CASP+, CISSP, Splunk/Microsoft Sentinel, GCFA, GREM, GCTI, etc.)? Are you skilled in scripting/automation (e.g., Python, PowerShell) for incident response or threat hunting? * What is your current and expected monthly salary (QAR)? Notice Period?