JobStash Logo
Search...

SOC Analyst Level 2

3 weeks agoSeniorUS, Barcelona, Brussels, London, Paris, BerlinRemoteFull TimeCybersecurityJobs by Keyrock

Skills

Detection EngineeringDefenderCrowdstrikeElasticNetworkIncident ResponseBashTelemetryEdrPythonIdentity And Access ManagementKubernetesCloud SecuritySplunkSiemDfirSocSentinelThreat IntelligenceSoar

About the Role

You will act as the escalation point for complex investigations and active incidents. You will lead technical triage for high-severity alerts, perform deep log and telemetry analysis across SIEM, EDR, cloud logs, IAM signals, network telemetry and SaaS audit trails, and produce clear incident timelines. You will execute containment and eradication steps, coordinate evidence collection for legal or compliance needs, tune detections and alerting, improve and automate runbooks, and mentor Level 1 analysts while driving post-incident learnings into better controls.

Requirements

  • 2–5+ years of SOC, incident response or security operations experience
  • Proficiency with at least one SIEM and common SOC tooling (e.g., Splunk, Elastic, Sentinel)
  • Experience with EDR solutions (e.g., CrowdStrike, Defender)
  • Strong ability to investigate across cloud security operations, endpoint security, identity and network fundamentals
  • Ability to write clear incident documentation including timelines, scope and containment actions
  • Comfort operating in an on-call or shift environment
  • Detection engineering experience (correlation rules, Sigma, KQL, SPL) — preferred
  • DFIR fundamentals and endpoint artifact analysis — preferred
  • Practical scripting for analysis and automation (Python, Bash) — preferred
  • Container and Kubernetes logging and runtime security exposure — preferred

Responsibilities

  • Investigate complex multi-signal alerts and produce incident timelines
  • Perform deep log and telemetry analysis across SIEM, EDR, cloud, IAM, network and SaaS logs
  • Lead technical incident response and drive containment and eradication actions
  • Coordinate evidence collection and preservation for legal and compliance needs
  • Tune SIEM correlation rules, EDR policies and alert thresholds
  • Develop and implement new detections and SOAR automation
  • Maintain threat watchlists and map adversary tradecraft to detection logic
  • Mentor Level 1 analysts and manage shift handovers
  • Improve runbooks and drive post-incident remediation and lessons learned
Keyrock logo
Keyrock
Brussels, BE
200 Employees

Funding

Series B ($72M)Series A ($5M)

Investors

RippleSIX FinTech VenturesMiddlegame VenturesVolta VenturesTNN Capital
View jobs by Keyrock

Similar Jobs

Bebop

Backend Developer

Bebop · 14 hours ago

Wave Mobile Money Inc.

Endpoint Engineer

Wave Mobile Money Inc. · 1 day ago

Matter Labs

Senior Infrastructure Security Engineer

Matter Labs · 1 week ago

Matter Labs

Protocol Security Engineer

Matter Labs · 1 week ago

Paxos

Engineering Manager, Cloud Security

Paxos · 3 weeks ago