IPV7

SOC Security Analyst – Level 2, Investigation and Response

IPV7

full-time

Posted on:

Location Type: Remote

Location: Brasil

Visit company website

Explore more

AI Apply
Apply

Tech Stack

CloudFirewalls

About the role

  • Perform advanced investigations of complex alerts, correlating logs from multiple sources such as endpoints, firewalls, network devices, and cloud environments.
  • Manage the incident response lifecycle, from technical containment to recommending eradication measures.
  • Execute threat hunting activities, proactively searching for threats that did not trigger automated alerts.
  • Administer and configure next-generation firewalls (NGFW), including access control lists (ACLs), IPS/IDS policies, content filtering, and SSL inspection.
  • Manage endpoint protection platforms (EDR/XDR), including alert analysis, creation of exclusion policies, and performing remote scans.
  • Analyze security logs and events in SIEM tools, creating queries and dashboards to identify attack patterns.
  • Provide technical support to the Level 1 team, refining playbooks and correlation rules to reduce false positives.
  • Document incidents, investigations, evidence, and post-incident technical reports (post-mortems).

Requirements

  • Minimum 2 to 3 years of experience in security operations or incident response.
  • Knowledge of network infrastructure, including routing protocols, VLANs, and security-focused network segmentation.
  • Experience administering firewalls (Fortinet, Palo Alto, Check Point, or similar) and VPNs.
  • Proficiency with EDR/XDR platforms (CrowdStrike, SentinelOne, Microsoft Defender, Trend Micro, Bitdefender, or similar).
  • Experience in log analysis and SIEM usage, including creating queries and dashboards (KQL, SPL, or Lucene).
  • Ability to analyze traffic and reconstruct attacks using PCAPs and Proxy/WAF logs.
  • Knowledge of the MITRE ATT&CK framework for identifying adversary tactics and techniques.
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
incident responsethreat huntinglog analysisnetwork segmentationtraffic analysisPCAP analysisMITRE ATT&CK frameworkfirewall administrationEDR/XDR proficiencySIEM usage
Soft Skills
technical supportdocumentationcommunicationproblem-solvingcollaboration