We are looking for a skilled SOC L2 Analyst to join our Security Operations Center team. You will serve as the escalation point for L1 alerts, conduct deeper investigations, lead incident response activities, and proactively hunt for threats across our environment.

Key responsibilities

• Triage, investigate, and respond to escalated security alerts from L1 analysts
• Perform in-depth analysis of security events using SIEM (Splunk, Qradar, or equivalent)
• Lead containment, eradication, and recovery activities during active incidents
• Conduct proactive threat hunting using frameworks such as MITRE ATT&CK
• Analyze malware, phishing campaigns, and suspicious network/endpoint activity
• Develop and tune detection rules
• Produce clear, detailed incident reports and post-incident reviews
• Mentor and guide L1 analysts in day-to-day operations
• Collaborate with IT and other teams

Required qualifications

• 1–3 years in a SOC or IR role
• Strong SIEM hands-on experience
• Knowledge of TCP/IP, network protocols
• Proficiency in log analysis & forensics
• Familiarity with MITRE ATT&CK
• Ability to read & understand scripts (Python, PowerShell or Bash)
• EDR platform experience (CrowdStrike, Cortex XDR)
• Experience with ticketing (Jira, ServiceNow)

Personnel specifications:

• Diploma: Bachelor’s degree in computer science or a related technical field.
• Experience: 2-3 years of experience in an IT or security-related role
• Previous experience in a SOC environment is a plus.
• Hands-on experience with security monitoring tools is advantageous.

Conditions:

• Work schedule: 5 days/week (09:00 – 18:00)
• Employment type: Full-time
• Salary: 2000-3000 AZN

Interested candidates can send their CV to the e-mail address in the Apply for job button. Please specify your desired position in the email subject.