Level 2 (L2) SOC Analyst

 

Job Summary: 

The role will monitor cybersecurity consoles, dashboards, and/or feeds and perform alert triage and analysis, initial incident scoping and documentation, ticket escalation, and attack disruptions for pre-defined/approved conditions

 

Key Responsibilities:

• Monitor SOC mailbox, IT ticketing system, hotline, threat intelligence feeds, endpoint/data loss prevention consoles, and other security tools for alerts
• Collect forensic artifacts on suspicious workstations and analyze with Forensic Analysis tools
• Identify and propose areas for operational improvement within the SOC
• Coordinate internal response coordination
• Provide feedback on security control capability gaps based of security intrusion trends
• Develop and maintain analytical procedures to improve security incident identification efficiency
• Triage and validate alerts, and if warranted, escalate to Level 3 analysts or Team Lead
• Support incident response activities, as needed
• Adhere to approved SOC documentation e.g., processes and procedures
• Assist in developing, coordinating, and implementing SOC documentation
• Provide input to SOC operation metrics and reports
• Provide input to SOC shift change reports to maintain continuity of operations

 

Knowledge, Skills and Experience Requirements:

• Minimum of 3 years of professional experience in operating, managing, designing, implementing, maintaining, or supporting cybersecurity technology
• Minimum of 3 years of professional experience in SOC operations and/or incident response
• Understanding of technologies and solutions utilized in cybersecurity and networks (SIEM, SOAR, Firewalls, IAM, IDS/IPS, End Point Protection, Threat Management/Intelligence.)
• Strong understanding of intrusion detection concepts and information security defense
• Knowledge of current hacking techniques, vulnerability disclosures, data breach incidents, and security analysis techniques
• Experience in SOC documentation development
• Understanding of Incident Response analysis skills e.g., SURGE Collect
• Forensic artifact examination with Volatility
• Proven experience with multiple security event detection platforms
• Thorough understanding of TCP/IP
• Understand basic IDS / IPS rules to identify and/or prevent malicious activity
•  

 

Soft Skills:

• Full professional proficiency in English, especially in technical writing and verbal
• Demonstrated integrity in a professional environment
• Completed technical higher education in the field of computer science or related field
• Possession of certificates or education related to cybersecurity, information technology, or engineering
• Possession of cybersecurity certifications e.g., CISSP, GCIH, GMON, GSOC

 

What working at EY offers:

• Skills development in the cybersecurity domain
• Executive communication skills
• Opportunities for professional development at EY
• Certifications via external and internal training 
• Conference attendance