L2 SOC Analyst

Level 2 CyberSOC Analyst

Title:                                                                     Level 2 CyberSOC Analyst

Job type:                                                              Full-Time Permanent

Salary:                                                                  Negotiable / DOE

About Us

Integrity360 is the largest independent cyber security provider in Europe, with a growing international presence spanning the UK, Ireland, mainland Europe, Africa and the Caribbean. With over 700 employees, across 12 locations, and six Security Operations Centres (SOCs)—including locations in Dublin, Sofia, Stockholm, Madrid, Naples and Cape Town—we support more than 2,500 clients across a wide range of industries. 

Over 80% of our team are technical experts, focused on helping clients proactively identify, protect, detect and respond to threats in an ever-evolving cyber landscape. Our security-first approach positions cyber resilience as a business enabler, empowering organisations to operate with confidence.

At Integrity360, people come first. We invest heavily in learning, development and progression, fostering a dynamic culture where innovation, collaboration and continuous growth are at the heart of what we do. If you're ready to take your cyber security career to the next level, we’d love to hear from you.

Job Role / Responsibilities

In this role you will be expected to analyse a range of alerts and incidents, identifying threats and attacks performed by Threat Actors ranging from cyber criminals, ATPs, and Nation States. You will leverage various threat intelligence streams to enhance your understanding of emerging threats and vulnerabilities used by Threat Actors, providing customers with your insight and experience. You will act as a core investigator for security incidents and alerts, escalating to senior SOC staff when a true positive has been identified. A successful security analyst will verify security events as security incidents; correlate and collate the information; and effectively escalate their findings and recommendations internally, or to the customer.

The role requires flexibility and the ability to work as part of a wider shift pattern, additionally, there may be an on-call aspect required. A good knowledge of Information Security is required for this role. Proactive client services, such as compromise assessments and evaluating and recommending tools and technology for incident response are also in scope. Demonstration of a strong comprehension of malware, emerging threats and adversary TTPs will be critical to success.

Primary Duties/Responsibilities include:

• Analyse security alerts and incidents, following defined investigation processes to determine the risk they present and impact to customers.
• Perform ad-hoc analysis of varied logs, identifying anomalies in customer environments.
• Perform in-depth investigation on confirmed security incidents, assisting senior SOC analysts to mitigate threats.
• Identify threats, perform mitigating actions to contain and eradicate threats in the environment.
• Identify and document tuning opportunities for senior SOC analysts to perform
• Assist in the report creation process, performing enriching queries and investigations to help produce a high quality incident report for core stakeholders.
• Assist in development of varied customer reports such as Emerging Threat reports, Incident Response reports, consistent MDR reports.
• Assist in CSOC continuous improvement and development initiative to maintain and improve core processes, SOPs, and documentation.
  

Desired Skills

• Experience working with security event detection tools like IPS, SIEM, DLP, Anti-virus, etc.
• Ability to perform event correlation, host/ network threat analysis.
• Ability to manage multiple incidents and make effective decisions under high pressure environment.  
• Experience in performing analysis on network pcaps and documents for malicious activity or codes.  
• Conceptual knowledge in Networks and Network Security.
• Understanding of Network infrastructure hardware and protocols (TCP/IP, switches, bridges, routers, proxy servers, VPN concentrators).
• Understanding of Security protocols (IPSec), and encryption technologies (3DES, AES, SHA2, TLS).
• Understanding of basic security principles such as Confidentiality, Availability, Integrity.
• Familiar with security best practices.
• A process of on-going certification for the benefit of the business and for self-development is encouraged .
• Review the adequacy of the security controls and their ability to protect the information system and its information.
• Experience with Splunk is a plus.
• Experience using SIEM & IPS solutions is a plus.
• Strong Microsoft Word & Microsoft Excel skills required.

Certifications/Qualifications

• Security industry certifications: SEC+, CYSA+, Net+, SC-200,AZ-500,AZ-900,Splunk Power user
• A working knowledge of Intrusion Prevention System (IPS), SIEM, SOAR & DLP is a nice to have.
• Experience working with threat hunting tools is nice to have.