Role Overview

The SOC L2 Analyst is responsible for in-depth security investigation, incident analysis, and response coordination across enterprise environments. This role focuses on correlating multi-domain telemetry (SIEM, EDR/XDR, Cloud, DLP, DAM, Email Security) to determine root cause, assess impact, and recommend containment actions. The analyst acts as a technical escalation point for L1 and contributes to improving detection use cases and SOC maturity.

Key Responsibilities

• Perform deep-dive investigations on alerts from across SIEM, EDR/XDR, Cloud, DLP, DAM, and Email Security tools
  
• Correlate logs and telemetry to reconstruct attack timelines and identify root cause
  
• Investigate advanced threats such as lateral movement, privilege escalation, account compromise, and malware activity
  
• Conduct endpoint analysis (process injection...