Job Description
SOC Analyst – Level 2
Location: Cork
Type: Full-Time
Working Model
Salary: €45,000 – €60,000
A large-scale security operations environment is expanding its SOC capability and is adding a Level 2 Analyst to strengthen detection, investigation, and response operations. The role sits between frontline monitoring and advanced operations, supporting escalation handling, threat hunting, and platform tuning across a high-volume environment.
This is a technically active SOC with real exposure to live incidents, complex environments, and continuous operational pressure.
The Role
You'll operate as a Tier 2 escalation point within the SOC, handling advanced triage, investigations, and response activity across SIEM, EDR, SOAR, and vulnerability platforms. You'll support junior analysts, validate detections, refine alert quality, and contribute directly to improving detection logic and operational maturity.
The role blends investigation, threat hunting, engineering support, and customer-facing incident handling.
Key Responsibilities
* Handle escalations from Tier 1 analysts
* Perform advanced triage and incident investigation
* Conduct threat hunting across SIEM and EDR platforms
* Validate alerts, detections, and correlation logic
* Support tuning of rules, use-cases, and detection logic
* Lead incident analysis and case development
* Support vulnerability assessment and remediation workflows
* Develop case studies and threat reports
* Guide and support junior analysts
* Collaborate with detection engineering and platform teams
* Support SOC process, tooling, and workflow improvements
Skills & Experience
* 2–4 years in SOC, security operations, or incident response roles
* Hands-on experience with SIEM platforms (QRadar, Sentinel, Splunk or similar)
* Experience working with EDR, SOAR, IDS/IPS, and security monitoring tools
* Strong understanding of TCP/IP, networking, and system fundamentals
* Experience investigating alerts across network, endpoint, and cloud telemetry
* Familiarity with vulnerability management processes
* Linux/Unix fundamentals
* Strong incident documentation and reporting skills
* Ability to operate calmly in high-pressure operational environments