onsite

L2 Security Analyst - Accesa & RaRo

Security Engineer

Senior SOC analyst focused on deep investigation, incident validation, and response recommendation. Drives targeted hunting, escalates complex incidents, and mentors junior analysts while leveraging SIEM, malware analysis, and network forensics to protect client environments.

About the role

About the Team & Culture

You will be joining a team that operates as consultants and partners to our clients, helping them innovate their existing processes and tools. We are focused on efficiency, strong communication, and sustainable learning paths. You will have an impact on the project’s evolution and the chance to contribute your own ideas to build successful client relationships.

The Role

We are looking for a SOC Analyst - Level 2 with strong experience in deeper investigation, incident validation, response recommendations, targeted hunting, and hands-on guidance for the analysts around them.

This is the escalation and deeper-investigation analyst lane. It is expected to take technically demanding cases further than the Level 1 lane, improve case quality across the team, and help shape practical service improvements. It is not a baseline architecture role, and it is not the default owner of recurring detection content or day-to-day platform administration.

This role includes scheduled weekly on-call escalation coverage outside normal working or rota hours, according to the agreed service process.

Key Responsibilities

Operations (Threat Detection & Incident Response)

Lead the investigation of higher-severity, ambiguous, or fast-moving incidents across available security telemetry and case evidence
Determine likely root cause, affected identities and assets, probable scope, and the next actions that matter most
Use targeted hunting and hypothesis-testing workflows to validate suspicious activity and uncover related activity that is not obvious from the initial alert
Produce clear investigation records and evidence-based response recommendations that support timely decision-making through the customer approval path
Support clear customer-facing incident handling by turning technical findings into usable evidence summaries and next-step recommendations within the defined case path
Review escalations from Level 1 analysts and help move difficult cases forward without unnecessary reinvention
Provide scheduled weekly on-call escalation support according to the agreed service process • identify visibility gaps, weak alert context, and recurring investigative friction that should feed into detection tuning, playbook refinement, or workflow improvement
Propose practical automation ideas where repetitive investigation work can be made faster or more consistent
Support the technical growth of other analysts through case guidance, review, and operationally useful feedback

Required Skills:

Strong hands-on experience in SOC, MDR, or incident-response work
Practical depth in investigation across endpoint, identity, email, cloud, network, and case evidence
Strong analytical skills for investigation, hunting, and valid