SOC Engineer (L2)

Key Responsibilities

Perform L2 analysis of security alerts and incidents in a 24x7 SOC environment.

Investigate, triage, and respond to security incidents; escalate to L3 teams as required.

Analyze daily and shift-based security reports and identify potential threats.

Conduct proactive threat hunting to detect abnormal or malicious activities.

Support security incident response activities, including containment and remediation support.

Troubleshoot issues with log sources, SIEM integrations, and event correlations.

Analyze and support remediation of findings from Red Team / Purple Team exercises.

Maintain continuous awareness of evolving threats, vulnerabilities, and attack techniques.

Technical Skills & Experience

Hands-on experience with SIEM platforms (e.g., Splunk, Sentinel, QRadar).

Strong understanding of infrastructure technologies including Active Directory, ADCS, DNS, web technologies, TLS, firewalls, and networking.

Familiarity with security monitoring across on-prem, cloud, and hybrid environments.

Required Qualifications

4 5 years of experience in SOC, security operations, or incident response roles.

Experience working in shift-based / 24x7 SOC operations.

Strong analytical, troubleshooting, and incident documentation skills.

Good oral and written communication skills for clear handovers and escalations.

Preferred Qualifications

Experience supporting 24x7 SOC handover processes.

Exposure to Red Team / Purple Team exercises and threat intelligence.

Relevant security certifications (Security+, CEH, GCIA, or similar).