What you will be doing:

• Keep a close eye on and investigate security alerts from different sources, like SIEM, Defender for Endpoint, Mimecast, and firewall logs.
• Dig deep into security incidents and come up with practical solutions for incident response.
• Create and improve SOC automation playbooks within our SOAR to make things faster and more efficient.
• Work with threat intelligence teams to connect the dots between Indicators of Compromise (IOCs), Tactics, Techniques, and Procedures (TTPs), and attack patterns.
• Tweak SIEM rules and detection logic to reduce false positives and improve detection accuracy.
• Coach and mentor L1 SOC Analysts, helping them develop their technical and analytical skills.
• Create SOC reports for internal and external stakeholders to keep everyone in the loop and maintain accountability in security monitoring.

What our client is looking for:

• Relevant certifications would be highly beneficial – Certified Ethical Hacker (CEH), GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Analyst (GCFA), Offensive Security Certified Professional (OSCP), etc.
• 3+ years experience in SOC operations, cybersecurity analysis, or threat detection.
• Strong SIEM (Graylog preferred), EDR (Defender for Endpoint, SentinelOne), SOAR (FortiSOAR), and firewall security expertise.
• Hands-on MITRE ATT&CK framework, threat hunting, and digital forensics experience.
• Skilled in writing correlation rules, detection tuning, and scripting (Python, PowerShell, or Bash preferred).
• Strong analytical and problem-solving skills for high-pressure SOC environments.
• Excellent written and verbal communication skills for collaboration, reporting, and customer engagement.