Tier 2 SOC Analyst

We are seeking an experienced Tier 2 SOC Analyst to join a Security Operations Centre (SOC), taking ownership of escalated cyber security incidents and leading advanced investigation and response activities.

This is a technically hands-on role where you will perform deep-dive incident analysis, identify root causes, tune detection tools, and work directly with clients during active threats. You will also contribute to SOC automation, playbooks, and continuous improvement initiatives.

• Lead investigation and response to escalated incidents from Tier 1 SOC Analysts
• Conduct root cause analysis across malware, phishing, network, and endpoint incidents
• Coordinate containment, eradication, and recovery activities
• Communicate directly with clients during live security incidents
• Develop and maintain SOC playbooks and automation workflows
• Analyse firewall alerts and support configuration troubleshooting
• Tune SIEM, EDR, XDR, and SOAR tools to reduce false positives
• Maintain detailed incident documentation and lessons learned
• Provide mentoring and technical guidance to Tier 1 analysts

• Proven experience working in a SOC or security operations environment
• Strong understanding of cyber threats, attack techniques, and defensive controls
• Hands-on experience with SIEM, EDR, XDR, and SOAR platforms
• Solid networking knowledge (TCP/IP, firewalls, common protocols)
• Strong analytical and problem-solving skills
• Excellent written and verbal communication skills
• Ability to manage multiple incidents effectively

• Blue Team Labs Level 1
• Microsoft SC-200 (or equivalent)
• CompTIA Security+
• Check Point CCSA
• Fortinet NSE4 (or equivalent)