qcs2026

Managed Services SOC Incident Analyst L2/ Senior Security Analyst

Managed Services SOC Incident Analyst L2/ Senior Security Analyst

Apply

Closing Date: October 31, 2025

Expectation from candidate:

The Cyber Security Operation Centre (SOC) Security Specialist is the second level for security investigations within the SOC. Your background should include exposure to security technologies including firewalls, IPS/IDS, logging, monitoring and vulnerability management. You should have an understanding of network security practices. Excellent customer service while solving problems should be a top priority for you.

Core Responsibilities:

  • The security specialist is responsible for conducting information security investigations as a result of security incidents identified by the tier 1 security analyst who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone),
  • Act as a point of escalation for tier 1 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques
  • Act as the lead coordinator for QCS`s response to individual information security incidents
  • Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks in support of technologies managed by the Security Operations Centre
  • Document incidents from initial detection through final resolution
  • Participate in security incident management and vulnerability management processes
  • Participate in evaluating, recommending, implementing, and troubleshooting security solutions and evaluating IT security of the new IT Infrastructure systems.
  • Works as part of a team to ensure that corporate data and technology platform components are safeguarded from known threats
  • knowledge of SOAR and automated response concepts (FortiSoar, XSOAR, or equivalent)
  • Hands-on experience with threat hunting and creating detection rules.
  • Communicate effectively with customers, teammates, and management
  • Prepare Monthly Executive Summary Reports for managed clients and continuously improve their content and presentation
  • Provide recommendations in tuning and optimization of security systems, SOC security process, procedures and policies.
  • Define, create and maintain SIEM correlation rules, customer build documents, security process and procedures
  • Follow ITIL practices regarding incident, problem and change management
  • Staying up-to-date with emerging security threats including applicable regulatory security requirements.
  • Other responsibilities and additional duties as assigned by the security management team

Technologies Experience:

  • Security monitoring experience with one or more SIEM technologies IBM QRadar, LogRhythm, ArcSight or Splunk and intrusion detection and prevention technologies
  • Experience with web content filtering technology policy engineering and troubleshooting
  • Strong understanding of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP
  • Understanding of programming and scripting such as Python, Perl, Bash, PowerShell, C++
  • 4-6 years previous Security Operations Centre Experience in conducting security investigations
  • Demonstrated skills in digital investigations including: computer forensics, network forensics, malware analysis and memory analysis
  • Ability to analyze data, such as logs or packets captures, from various sources within the enterprise and draw conclusions regarding past and future security incidents

Education:

  • A Bachelor’s Degree / Diploma in a relevant area of study with a preference for Information Security, Computer Science or Computer Engineering
  • Excellent English written and verbal skills.