Security Analyst L2

Responsibilities

• Monitor client environments using SIEM platforms to detect, triage, and respond to cybersecurity threats in accordance with agreed SOPs and industry best practices
• Analyse and investigate security alerts; perform deep-dive log analysis across system and OS layers to establish baselines and identify anomalous behaviour
• Map threat tactics, techniques, and procedures (TTPs) to the MITRE ATT&CK framework and construct plausible attack-path hypotheses to inform containment actions
• Produce escalation reports and notes; manage triage workflow and identify improvements to automation playbooks
• Conduct IOC-based reactive threat hunts against limited TTPs
• Operate SIEM, SOAR, EDR, and wider security tooling within the scope of the service engagement
• Perform indicator of compromise (IOC) searches and triage incoming threat intelligence to assess relevance to client assets
• Coordinate with vendors,...