· Investigates deeper on the detected behaviours when an incident is escalated by the SOC level 1 analyst

· Add context to the incident to understand the behaviour, analysing data from multiple tools and data sources

· Maintain SIEM and HIPS security sensors and tools

· Monitor security sensors and review logs to identify intrusions

· Escalate security incidents using established policies and procedures

· Perform initial analysis of security events, network traffic, and logs to engineer new detection methods, or create efficiencies when available

· Work directly with threat intelligence analysts to convert intelligence into useful detection

· Identify incident root cause and take proactive mitigation stepa

· Provide analysis of security log data from a large number of heterogeneous security devices

· Review vulnerabilities and track resolution

· Review and process threat intel reports

· Leads and participates to the continuous improvement of the service (detection level, process, operational procedures, service efficiency, service reporting)

· Implement detection use cases

· Liaise with customers on security intrusions and provide swift and accurate remediation

· Supports the SOC manager for the reporting of the activity.

· Diploma/Degree in Information System/Information Security from a recognized institution.

· 2+ year of working experience in a security operations environment.

· Basic, yet sound knowledge of network routing and switching fundamentals

· Basic, yet sound technical understanding of operating systems, network architecture and design

· Proven ability to plan and prioritize work, both their own and that of project team.

· Sound understanding of organizational issues and challenges. Able to work effectively with participants at all levels in an organization

· Ability to analyze problems and determine root causes, generating alternatives, evaluating and selecting alternatives and implementing solutions.

· Possess excellent writing skills and the ability to communicate to teammates as well as technical and executive level staff

· Results Oriented

· Professional information technology/security certifications such as ITIL, CCNA and CEH will be preferred but related qualification (i.e. GCIA, CISSP etc.) will be an advantage