L2 OT​/IT SOC Analyst; Nazoomi + Palo Alto Cortex

Role

Title:

L2 OT/IT SOC Analyst Role Summary

The L2 SOC Analyst will provide advanced monitoring, investigation, threat hunting, and platform management across OT/IT environments, acting as the escalation point for L1 and coordinating with L3 when required. The role supports detection and response to information security threats to protect systems, networks, applications, and operational technology where applicable.

• Nazoomi (OT security monitoring / detection support)(client requirement)
• Palo Alto Cortex (XDR and/or XSOAR)(client requirement)
• Strong SOC investigation experience (L2) including SIEM/EDR alert triage and validation tools
• Threat hunting using IOCs and Threat Intelligence

• Investigate and qualify L2 incidents escalated from L1; perform contextual investigation and analysis
• Proactively monitor and hunt through customer environments; manage security platforms to detect/respond to threats
• Provide recommendations and required mitigation; support client incident notification as needed
• SIEM use-case support: correlation rule design, deployment, and fine-tuning; maintain/update SOC knowledge base
• Escalate to Level 3 when required and support major incidents with assigned tasks
• Contribute to periodic reporting (weekly/monthly/quarterly, etc.) and monitoring for attacks/intrusions/unusual activity

• Proven experience in SOC operations with L2 incident handling and escalation management
• Experience with alert monitoring, incident response, and threat detection across enterprise environments
• Ability to work in a KPI-driven, 24x7 SOC environment

• Correlation rules/detection engineering exposure
• Experience collaborating with Vulnerability Management and broader security stakeholders