Job Description

Job Overview: As a L2 SOC Engineer, you will be responsible for monitoring, analyzing, and responding to security incidents detected by our security tools and systems. You will play a critical role in identifying and mitigating potential security threats to our clients' environments, ensuring the integrity and confidentiality of their data. Key Responsibilities: Monitor security alerts and events generated by security information and event management (SIEM) systems and other security tools. Analyze and investigate security incidents to determine the root cause and impact. Conduct in-depth analysis of network traffic and logs to identify indicators of compromise (IOCs) and potential security threats. Coordinate incident response activities with internal teams and external stakeholders to ensure timely resolution of security incidents. Escalate incidents to appropriate teams or management based on severity and impact. Develop and maintain standard operating procedures (SOPs) and runbooks for incident detection and response. Provide recommendations for improving security controls and mitigating security risks. Stay updated on emerging threats, vulnerabilities, and attack techniques to enhance incident detection and response capabilities. Participate in security incident response exercises and tabletop simulations to test and validate incident response procedures. Qualifications: Bachelor's degree in Computer Science, Information Security, or related field. Minimum of 3 years of experience working in a security operations center (SOC) environment. Hands-on experience with security information and event management (SIEM) tools such as Splunk, ArcSight, or QRadar. Strong understanding of common security technologies and controls, including firewalls, intrusion detection/prevention systems (IDS/IPS), endpoint protection, and network security monitoring. Knowledge of security frameworks and standards such as NIST, ISO 27001, and CIS Controls. Excellent analytical and problem-solving skills with the ability to analyze and interpret large datasets. Effective communication skills with the ability to articulate technical concepts to non-technical stakeholders. Relevant certifications such as CompTIA Security+, GIAC Certified Incident Handler (GCIH), or Certified Information Systems Security Professional (CISSP) are a plus. Vertical: Technology