Key Responsibilities

• Investigate and respond to security incidents escalated from SOC Level 1.
• Monitor and analyze logs, alerts, and suspicious activity using SIEM and security tools.
• Support containment, remediation, and recovery efforts during incidents.
• Escalate complex cases to SOC Level 3 or Incident Response teams when needed.
• Contribute to tuning detection rules and improving SOC processes.
• Document findings and prepare clear incident reports.

Qualifications

• 2–4 years of experience in cybersecurity or SOC operations.
• Good knowledge of networking, operating systems (Windows/Linux), and security practices.
• Hands-on experience with SIEM tools (e.g., Splunk, QRadar, Sentinel, etc.).
• Relevant certification preferred (CEH, CySA+, Microsoft SC-200, Splunk Certified, etc.).
• Strong analytical and problem-solving skills.
• Willingness to work in a 24/7 SOC shift environment.