Security Analyst

Junior SoC Engineer

CMB ATC

Key responsibilities & Accountabilities

Advanced Incident Response & Threat Investigation
Investigate and remediate escalated security incidents involving advanced attack techniques.
Perform detailed forensic data collection, root cause analysis, and system restoration.
Lead incident response efforts, ensuring proper containment, eradication, and recovery.
Engage in post-incident reviews, identifying gaps in security controls and recommending improvements.
Mentorship & Knowledge Sharing
Provide guidance and mentorship to L1 analysts on investigation techniques, escalation workflows, and threat
mitigation strategies.

Work alongside IT, engineering, and compliance teams to enhance security workflows and response plans.
Develop training materials and process documentation to support cross-functional security initiatives.
Maintain and improve the SOC knowledge base, ensuring documentation aligns with best practices and emerging
threat intelligence.
Advanced Security Stack Management & Optimization
Conduct advanced tuning of security detection tools to enhance accuracy and reduce false positives.
Address complex tuning requests escalated from L1 analysts.
Validate and refine detection logic, ensuring continuous improvement of threat detection capabilities.
Threat Hunting & Proactive Security Analysis
Perform in-depth analysis of suspicious activities to uncover and mitigate hidden security threats.
Develop detection rules and mechanisms to address network and host-based threats.
Leverage indicators of attack (IOAs) and indicators of compromise (IOCs) to enhance detection efficacy.
Security Tools Proficiency & Continuous Improvement
Utilize and manage SIEM, EDR, XDR, vulnerability scanners, firewalls, and email gateways at an intermediate level.
Stay informed about new attack methods, evolving threat vectors, and cutting-edge mitigation strategies.
Participate in red team/blue team exercises to enhance security defense capabilities.
Reporting, Documentation & Stakeholder Communication
Create detailed security reports on incidents, emerging threats, and SOC operational performance.
Maintain operational readiness in a 24/7 SOC environment, ensuring effective incident management and response
during all shifts.