SOC Tier 2 Security Analyst

Job Description

SOC - IT Infra Analyzer & Designer - Level 2 (Process Improvement and Development);

Overview:

We seek a skilled and experienced SOC Analyst Tier 2 to join our dynamic cybersecurity team. In this role, you will be pivotal in our Security Operations Center (SOC), focusing on data gathering, incident analysis, and process development to enhance our security posture. If you have a passion for cybersecurity and are ready to take on challenging responsibilities, we encourage you to apply.

Responsibilities:

• Gather and analyze data from IT infrastructure, networks, applications, and APIs to improve security.
• Recognize and identify IT assets and application logic.
• Serve as an escalation point for Tier 2 analysts.
• Perform threat hunting and develop use cases as needed.
• Define and enhance playbooks for responding to cyber threats.
• Develop security analysis processes.
• Provide teaching and mentoring to both experienced and junior analysts.
• Execute additional tasks as assigned by the SOC Head of Department.پ

Work Location:

• Fully on-site;

Working Hours:

• Day shift;
• On-call availability (some nights, weekends, and holidays);

Requirements:

• 6 years of experience in roles such as CIRT, CERT, CSIRC, or SOC.
• Bachelor’s degree in Computer Science, Information Technology, or a related technical field.
• Experience with SIEM systems, antivirus solutions, intrusion detection systems, firewalls, and large enterprise or cloud environments.
• Proficient in incident response, network traffic analysis, and log analysis.
• Familiarity with NIST Incident Response Lifecycle, Cyber Kill Chain, or ATT&CK framework.
• Experience with XDR/EDR, deep packet and log analysis, and basic forensic/malware analysis.
• Skills in cyber threat intelligence gathering and analysis.

Skills:

• Willingness to learn, adapt, and innovate.
• Strong critical thinking and analytical skills.
• Excellent written and verbal communication skills.
• Great interpersonal and teamwork skills.
• Proficiency in incident management and response.
• Experience with security device management and SIEM.
• Knowledge of cyber-attack techniques, threat vectors, and risk management.
• Familiarity with various operating systems (Windows, Linux, Unix).
• Understanding of applications and databases to address security threats.
• Proficient in preparing reports, dashboards, and documentation.