Job Description

:We are looking for an experienced SOC Analyst L2 to join our Security Operations Center (SOC) team. In this role, you will monitor, analyze, and respond to security incidents, ensuring the protection of organizational assets. The SOC Analyst L2 will work closely with other teams to investigate potential threats, escalate incidents, and continuously improve the overall security posture.Key Responsibilities:

• Security Monitoring & Incident Analysis:

• Monitor and analyze security events and s generated by Splunk SIEM, Proofpoint Email Defense, and CrowdStrike EDR to identify potential threats.
• Investigate and triage security incidents escalated from Level 1 analysts, including phishing attempts, malware infections, intrusion attempts, and other security breaches.
• Add context to security incidents by analyzing data from multiple tools and data sources to understand behavior and impact.
• Incident Response & Root Cause Analysis:

• Perform in-depth analysis of security events, network traffic, system logs, and other data to determine the root cause, scope, and impact of security incidents.
• Proactively conduct threat hunting to identify indicators of compromise (IOCs) and suspicious activities within the network infrastructure.
• Reporting & Documentation:

• Develop and maintain comprehensive incident reports and documentation, including incident response plans, standard operating procedures (SOPs), and post-incident reviews.
• Track trends and produce regular metrics and reports on security incidents.
• Create visualizations of security attacks for clarity and ease of understanding.
• Collaboration & Team Support:

• Collaborate with cross-functional teams (e.g., network administrators, system admins, incident responders) to ensure effective incident response and remediation activities.
• Assist the L3/Engineering team in developing new use cases for detection and prevention.
• Train and mentor junior team members on SOC toolsets and processes.
• Process Improvement & Security Enhancements:

• Provide recommendations for improving security controls, detection capabilities, and incident response processes based on the analysis of security incidents and emerging threats.
• Maintain the detection rules database and work on reducing false positives to improve SOC efficiency.
• Shift Work:

• Willingness to work in shifts as part of a 24/7 operation to ensure continuous security monitoring and response.

Position Requirements:Education & Certifications:

• Bachelorxe2x80x99s degree in Computer Science, Information Security, or a related field (or equivalent work experience).
• Relevant certifications such as:

• Certified Ethical Hacker (CEH)
• Certified SOC Analyst (CSA)
• Splunk Certified Admin
• EC-Council Certified Security Analyst (ECSA)
• Other IT security qualifications from recognized bodies.

Knowledge & Experience:

• 4-6 years of proven experience as a SOC Analyst or in a similar role focused on incident monitoring and response.
• Strong hands-on experience with Splunk SIEM, Proofpoint Email Defense, and CrowdStrike EDR.
• Familiarity with security operations and incident response frameworks such as NIST, MITRE ATT&CK, and ISO 27001.
• Experience with log types, log parsing, and network protocols (TCP/IP, SMTP, HTTP, FTP, POP, LDAP).
• Ability to prioritize and manage multiple tasks and incidents simultaneously.

Skills:Splunk Enterprise, SOC, EDRAbout Company:UST is a global digital transformation solutions provider. For more than 20 years, UST has worked side by side with the worldxe2x80x99s best companies to make a real impact through transformation. Powered by technology, inspired by people and led by purpose, UST partners with their clients from design to operation. With deep domain expertise and a future-proof philosophy, UST embeds innovation and agility into their clientsxe2x80x99 organizations. With over 30,000 employees in 30 countries, UST builds for boundless impactxe2x80x94touching billions of lives in the process.

UST