Job description

We are looking for an experienced Cyber Security Incident Response Analyst / SOC L2 Analyst to join our Security Operations team. The successful candidate will be responsible for investigating escalated security alerts, leading incident response activities, performing threat analysis, and supporting continuous improvement of SOC processes. This role requires strong hands-on experience in security monitoring, incident investigation, log analysis, threat hunting, and response activities across enterprise, cloud, endpoint, and network environments.

Key Responsibilities:

• Investigate security alerts escalated from L1 analysts and determine the scope, impact, and severity of potential security incidents.
• Lead incident response activities, including containment, eradication, and recovery, in accordance with established playbooks, procedures, and escalation processes.
• Correlate logs and security data from SIEM, EDR, network security tools, cloud platforms, and other monitoring sources to identify malicious activity and determine root cause.
• Assess threats, vulnerabilities, and exploits affecting the organizations environment, and recommend timely containment, remediation, and mitigation actions.
• Develop scripts or use automation tools to improve investigation, enrichment, triage, reporting, and response workflows.
• Prepare clear and complete incident documentation, including investigation timelines, supporting evidence, impact assessment, response actions, and post-incident findings.
• Use threat intelligence to enrich investigations, map attacker behavior to MITRE ATT&CK, and identify potential threat actor tactics, techniques, and procedures.
• Perform targeted IOC-based threat hunting in support of ongoing investigations, emerging threats, or proactive security monitoring activities.
• Work closely with L1 analysts, CSOC teams, IT teams, and other stakeholders to provide technical guidance, escalate complex incidents, and improve SOC processes.
• Support continuous improvement of detection rules, investigation playbooks, escalation procedures, and SOC operational effectiveness.

Requirements, Technical Skills and Knowledge:

• Minimum 6 years of experience in a Security Operations Centre, Computer Emergency Response Team, Cyber Incident Response Team, or similar incident response function.
• Strong understanding of security incident investigation, including log analysis, event correlation, alert triage, root cause analysis, and evidence handling.
• Good ability to assess the scope, impact, and severity of incidents, and recommend appropriate containment, mitigation, and remediation measures.
• Hands-on experience responding to incidents such as phishing, malware infections, credential compromise, system misconfiguration, suspicious network activity, and unauthorized access attempts.
• Good working knowledge of network protocols, system logs, Windows and Linux operating environments, endpoint behavior, and common attack techniques.
• Experience working with SIEM, EDR, and SOAR platforms, with the ability to tune detection rules or write basic scripts to improve investigation workflows.
• Familiarity with industry frameworks and standards such as MITRE ATT&CK, Cyber Kill Chain, CVSS, and OWASP Top 10.
• Basic scripting capability in Python, Bash, Power Shell, or similar languages is preferred.
• Ability to perform IOC-based threat hunting using logs, endpoint telemetry, network data, and threat intelligence sources.
• Ability to document investigations clearly and support evidence collection when required.

Shift Requirement:

• Able to work 12-hour shifts, with shift patterns subject to change based on operational and business requirements.

To apply,simply click the "Apply" button or send your updated profile to recruit@percept-solutions.com 

EA Licence No.:18S9405 / EA Reg. No.:R1330864

Percept Solutions is expanding and actively seeking talented individuals. We encourage applicants to follow Percept Solutions on LinkedIn at https://www.linkedin.com/company/percept-solutions/to stay informed about new opportunities and events.