Job Description
Job Summary: We are seeking a skilled and motivated SOC L2 Analyst with Microsoft security experience to join our dynamic team. As a SOC L2 Analyst, you will be responsible for managing and responding to security incidents, investigating threats, and providing timely mitigation solutions. Your experience with Microsoft security tools and platforms such as Microsoft Defender, Sentinel, and Azure Security Center will be key in enhancing the security posture of the organization.
Key Responsibilities:
Monitor, analyze, and respond to security events and incidents in real-time, leveraging Microsoft security tools (e.g., Microsoft Defender, Sentinel, Azure Security Center).
Conduct detailed investigations of security alerts, analyzing and correlating data from various sources, including network logs, endpoint detection systems, and cloud security platforms.
Identify, triage, and escalate critical security incidents to senior SOC team members or management as needed.
Collaborate with IT and network teams to mitigate threats and implement security improvements across the organizationโs systems.
Perform root cause analysis and provide recommendations to improve the organizationโs security posture.
Conduct regular security assessments and vulnerability management activities.
Stay up-to-date with the latest Microsoft security developments, emerging threats, and cybersecurity best practices.
Develop and maintain documentation for incident response, security analysis, and best practices related to Microsoft security platforms.
Required Qualifications:
Min 4 yrs exp is Required
Proven experience working in a SOC environment, preferably with L2 level experience.
Strong working knowledge of Microsoft security tools, including:
Microsoft Sentinel
Microsoft Defender for Endpoint, Identity, and Office 365
Azure Security Center and Azure Sentinel
In-depth understanding of network protocols, system vulnerabilities, and attack vectors.
Strong experience in incident detection, triage, and response using security information and event management (SIEM) systems.
Hands-on experience with security incident analysis, threat hunting, and remediation techniques.