SOC Analyst L2

OculusIT is seeking a proactive Senior SOC Analyst (Level 2) to contribute to our 24x7 Security Operations Center (SOC). This role is pivotal in advanced security monitoring, incident triage, analysis, and coordinating response efforts across enterprise environments. The position also involves providing essential support for Windows (Wintel) and network security operations.

Key Responsibilities:

• Conduct continuous monitoring and respond to security alerts within a 24x7 SOC setting.
• Perform Level 2 triage, validation, and in-depth analysis of security incidents.
• Investigate security events utilizing SIEM, EDR, and other monitoring tools.
• Conduct comprehensive incident analysis to determine scope, impact, and root cause indicators.
• Escalate complex incidents to Level 3 teams, providing thorough documentation and evidence.
• Support Windows Server security operations, including troubleshooting Active Directory, GPO, DNS, and DHCP.
• Assist with network security operations, such as firewall rule verification, VPN troubleshooting, and IDS/IPS monitoring.
• Collaborate effectively with network and infrastructure teams for threat containment and remediation strategies.
• Engage in threat hunting and proactive security monitoring initiatives.
• Analyze logs, endpoint behaviors, and network traffic for suspicious activities and anomalies.
• Support vulnerability management processes and patch coordination efforts.
• Maintain accurate incident records, timelines, and comprehensive shift handover documentation.
• Ensure strict adherence to established security policies, frameworks, and compliance standards.

Required Skills:

• Demonstrated experience in SOC, Security Operations, or Command Center environments.
• Proficient hands-on experience with Windows Server and Active Directory (GPO, DNS, DHCP).
• Solid understanding of network security tools, including firewalls, proxies, IDS/IPS, and VPNs.
• Experience with SIEM platforms such as Microsoft Sentinel, Wazuh, or Seceon.
• Familiarity with EDR tools for endpoint monitoring and response capabilities.
• Knowledge of incident response frameworks (e.g., NIST, SANS).
• Strong analytical skills in log analysis and security event investigation.
• Capability to perform effectively in a 24x7 high-pressure operational environment.

Qualifications:

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related discipline.
• Previous experience in SOC, Security Operations, or IT Security Command Center roles.
• Substantial hands-on experience with Windows Server administration, including Active Directory, GPO, DNS, and DHCP.
• Practical experience utilizing SIEM tools such as Microsoft Sentinel, Wazuh, or Seceon OTM.
• Exposure to EDR platforms for endpoint monitoring, detection, and response.
• Good working knowledge of network security components including firewalls, proxies, IDS/IPS, and VPNs.