Senior Specialist - Security Operation Analyst (L2)

Job Purpose:

• The Level 2 Analyst is responsible for conducting in-depth investigations of escalated alerts and events, as well as incidents reported manually by users. This role is crucial in enhancing data accuracy, performing detailed research, and categorizing complex cases to ensure effective incident response and management.

• The Level 2 Analyst plays a vital role in safeguarding the organization's information security by identifying threats, analyzing attack methods, and providing actionable insights for mitigation and prevention. Through meticulous analysis and data enrichment, the Level 2 Analyst significantly contributes to the overall efficiency and effectiveness of the security operations team. Must be willing to work shift to cover APAC hours (9AM to 6PM) and NY hours (10PM to 7AM).

Key Activities:

Escalated Case Analysis:

• Perform comprehensive analysis of escalated cases from Level 1 Analysts to identify root causes and potential threats.

Threat Identification:

• Identify malicious activities from legitimate file, email, user, or network activity, distinguishing between benign and harmful elements with precision.

Threat Intelligence Research:

• Conduct manual research to gather threat intelligence and analyze attack vectors. Identify potential threats, study their behavior and techniques, and assess the methods used by attackers to provide actionable insights.

Event Assessment & Categorization:

• Assess and categorize events that have been manually reported. Review the details of each event thoroughly to determine its significance and severity, classifying it according to predefined criteria to ensure accurate prioritization and responses.

Detailed Documentation:

• Thoroughly document every step of the analysis process, including initial observations, methodologies, tools used, findings, and conclusions. Ensure all relevant details are captured in a structured format to provide a clear.

Formal Education:

Bachelor’s degree or higher in Information Security, Computer Science, Computer Engineering, or a related field.

Specialist knowledge (work experience, further qualification):

• More than 4 years of relevant experience in cybersecurity —preferably within the Banking and Finance industry.
• Proven experience in cybersecurity analysis and threat intelligence.
• Strong analytical skills and attention to detail.
• Proficiency in using cybersecurity tools and methodologies.
• Deep understanding of operational threat defense, including frameworks and methodologies such as the Cyber Kill Chain, Diamond Model, and MITRE ATT&CK.
• Professional certifications such as GCIH or related to Advanced Incident Response, Threat Hunting, and Digital Forensics are preferred.