S

SOC Analyst L2

icon building Company : Staff4me
icon briefcase Job Type : Full Time

Number of Applicants

 : 

000+

Click to reveal the number of candidates who applied for this job.
icon loader
Apply Now
icon loader Apply Now

Let AI Supercharge Your Job Hunt!

JobCopilot scans 500,000+ company career sites daily to find jobs for you

Never miss an opportunity Save hours by auto-filling applications forms Land more interviews with tailored applications
happy man
thunder iconActivate JobCopilot

Job Description - SOC Analyst L2

Description

As a SOC Analyst L2, you will lead deeper investigations of escalated cases, confirm incidents, determine scope and impact, drive containment actions with internal teams, and produce high-quality technical communications and post-incident outputs. You will also contribute to detection improvement (tuning, new detections, playbook updates).

Responsibilities:

  • Take escalations from L1 and perform in-depth investigations: hypothesis-driven analysis, evidence validation, scoping, impact assessment, and timeline building.
  • Correlate telemetry across endpoint (EDR), Windows/Linux, AD, firewall/proxy/DNS/IDS, and (when applicable) cloud logs.
  • Recommend and/or coordinate containment actions (host isolation, credential resets, IOC blocks, temporary control changes) following change control and governance.
  • Determine severity and communicate clearly in English to technical stakeholders; provide concise executive-style updates when required.
  • Identify detection gaps and drive improvements: reduce false positives, close false negatives, propose new rules/use cases.
  • Ensure evidence integrity and proper documentation, coordinate handoffs with IR, IT Ops, Network, and Cloud teams.
  • Produce post-incident deliverables: probable root cause, lessons learned, and preventive actions.


Requirements
  • 2–5 years in SOC/IR/Blue Team (or equivalent demonstrated incident-handling experience). Solid fundamentals in networking: TCP/IP, DNS, HTTP/S, VPN, NAT.
  • EDR investigations (process trees, persistence, LOLBins behavior, containment workflows).
  • Windows/AD triage (authentication patterns, suspicious logon behavior, account activity) and Linux triage.
  • Network analysis and security controls (firewall/IDS/proxy/DNS), recognizing anomalous patterns.
  • Proven ability to produce defensible scoping and timelines based on evidence.
  • High documentation standards and the ability to perform under pressure.
  • Threat hunting experience and MITRE ATT&CK mapping.
  • Detection engineering exposure (Sigma/YARA at a basic/intermediate level), use-case design, and SIEM correlation strategy.
  • Basic forensics capabilities (acquisition concepts, triage artifacts, memory/disk fundamentals).
  • Certifications aligned to Blue Team / IR (e.g., GCIH/GCIA, BTL2, SC-200, etc.).
  • Strong spoken and written English (B2-High/C1 preferred) — able to lead technical calls, write incident summaries, and investigation notes.
Original job SOC Analyst L2 posted on GrabJobs ©. To flag any issues with this job please use the Report Job button on GrabJobs.
Apply Now
Share Job
Share Job

Auto-Apply to SOC Analyst L2 Jobs with your AI JobCopilot

thunder icon Auto-Apply with AI

Similar SOC Analyst L2 Jobs in the Philippines

GrabJobs is the no1 job portal in the Philippines, connecting you to thousands of jobs fast! Find the best jobs in the Philippines, apply in 1 click and get a job today!

Mobile Apps

Copyright © 2026 Grabjobs Pte.Ltd. All Rights Reserved.