Job Description

The Role
The Security Analyst - SOC Operations (Level 2) is responsible for advanced monitoring, investigation, and response to cybersecurity incidents within a Private 5G Security Operations Center. This role performs in-depth analysis of incidents escalated from Level 1, leads root cause investigations, and supports the continuous security and resilience of 4G/5G RAN and Core networks. The position plays a critical role in strengthening detection capabilities, improving response processes, and ensuring uninterrupted and secure network operations.
Duties and Responsibilities
Conduct detailed analysis of security incidents escalated by L1 SOC analysts.
Perform root cause analysis and advanced investigations to determine scope, impact, and threat vectors.
Respond to, contain, and remediate security incidents while minimizing operational and service impact.
Utilize advanced security tools and techniques to analyze, investigate, and mitigate threats.
Collaborate with internal and external teams to implement corrective and preventive security controls.
Document incident findings, actions taken, and lessons learned in accordance with SOC procedures.
Provide recommendations for improving incident response playbooks and 5G-specific security procedures.
Maintain strong working knowledge of 4G/5G protocols, signaling flows, and architectures for RAN and Core.
Provide technical guidance, mentoring, and on-the-job training to L1 SOC analysts.
Monitor evolving threat landscapes, vulnerabilities, and technologies impacting 5G environments.
Support and maintain the 5G SOC operations lab.
Ensure the ongoing integrity, availability, and security of 5G RAN and Core network environments.
Requirements
Bachelors degree in Computer Science, Information Security, or a related discipline.
Strong understanding of TCP/IP, OSI Seven Layer Model, and diverse network architectures.
Strong knowledge of cybersecurity principles and 4G/5G technologies.
Hands-on experience with security tools including SIEM, SOAR, IDS/IPS, and forensic analysis tools.
Proven ability to conduct advanced investigations, including malware analysis and threat containment.
Experience working in 4G/5G Security Operations environments.
Experience in ISP or telecom environments is a strong advantage.
Hands-on experience with Splunk and Microsoft Sentinel.
Experience across IT and OT environments.
Strong analytical, problem-solving, documentation, and communication skills.
Ability to work under pressure and respond effectively to security incidents.
Industry certifications are preferred, including CompTIA Security+, CSA, CCNA CyberOps, CySA+, GCIH, BTL1, MITRE ATT&CK Defender (MAD), and Splunk / Microsoft Sentinel certifications.

Skills Required