> Back to Jobs

SOC L2 Analyst

Posted on Feb 17, 2026

Title

SOC L2 Analyst

Apply before

Mar 31, 2026

City

Karachi

Responsibilities

Summary of Job Profile:

The SOC L2 Analyst plays a critical role in the proactive defense of the organization's security posture. This individual will leverage their technical expertise and analytical skills to investigate complex security incidents, identify attack patterns, and implement effective countermeasures. The SOC L2 Analyst serves as an escalation point for Tier 1 analysts and contributes to the continuous improvement of SOC processes and security tools.

Essential Duties & Responsibilities:

· Monitor security events and alerts generated by various security tools (e.g., SIEM, IDS/IPS, EDR) and escalate complex or high-severity incidents as necessary.

· Conduct in-depth analysis of security incidents to determine root cause, scope, and impact.

· Perform threat hunting activities to proactively identify potential security threats that may evade automated detection.

· Implement containment and remediation strategies for security incidents, including isolating affected systems, blocking malicious traffic, and removing malware.

· Analyze malware samples and understand their behavior.

· Develop and refine security incident response procedures and playbooks.

· Collaborate with Tier 1 analysts, providing guidance and support in incident analysis and handling.

· Escalate incidents to Tier 3 analysts or other relevant teams (e.g., IR, Engineering) when necessary.

· Document all incident analysis, containment, and remediation activities in detail.

· Contribute to the tuning and optimization of security tools and alerting rules.

· Stay up-to-date on the latest cyber threats, attack techniques, and security vulnerabilities, potentially considering threat trends.

· Participate in post-incident reviews to identify lessons learned and improve incident response processes.

· Assist in the development and delivery of security awareness training materials.

 

Requirements

Knowledge, Skills, Abilities (KSA’s) required to successfully perform the job:

Knowledge:

· Strong understanding of TCP/IP and other networking protocols.

· In-depth knowledge of common cyber threats, attack vectors, and malware types.

· Familiarity with various security tools and technologies (e.g., SIEM, IDS/IPS, EDR, firewalls, web proxies).

· Understanding of operating system security (Windows, Linux).

· Knowledge of security event analysis and correlation techniques.

· Knowledge of incident response processes and methodologies.

· Awareness of relevant security regulations and compliance standards.

· Understanding of threat intelligence sources and their application.

Skills:

· Proficient in analyzing security logs and identifying malicious activity.

· Strong understanding of network traffic analysis.

· Ability to perform basic malware analysis.

· Skill in using various security tools for incident investigation and response.

· Good understanding of scripting languages (e.g., Python, PowerShell) for automation.

· Ability to work effectively under pressure during security incidents

Abilities:

· Ability to analyze complex security events and identify root causes.

· Ability to implement effective containment and remediation strategies.

· Ability to correlate data from various security tools to gain a comprehensive understanding of incidents.

· Ability to document security incidents clearly and concisely.

· Ability to learn and adapt to new security threats and technologies.

· Ability to work independently and as part of a team.

· Ability to follow established procedures and guidelines

Education, Experience, Licensure, Certification required for the position: 

· Bachelor's degree in Computer Science, Information Security, or a related field.

· 3-5 years of experience in a Security Operations Center (SOC) environment, with demonstrable experience in incident analysis and response

              · Relevant security certifications such as CompTIA CySA+, Security+, CEH, or vendor-specific certifications (e.g., Splunk Core Certified User/Power User) are desirable.

Competencies required to successfully perform the job:

Technical Competencies

Behavioral/General Competencies

1. SIEM Analysis & Management

2. Basic Malware Analysis

3. Scripting for Automation (e.g., Python, PowerShell)

4. Network Traffic Analysis

5. Endpoint Detection & Response (EDR) Analysis

1. Analytical Thinking

2. Problem Solving

3. Communication (verbal and written)

4. Attention to Detail

5. Responsible

Benefits

  • Excellent Salary
  • Fuel Allowance
  • Internet Allowance
  • Medical Insurance
  • Annual Leaves
  • Provident Fund
  • EOBI
  • Annual Bonus