L2 Cyber Security Engineer

• Monitor security alerts and events from SIEM, IDS/IPS, Firewalls, Endpoint Security, and other monitoring tools.
• Perform initial triage, validation, and categorization of security incidents.
• Escalate confirmed incidents to L2/L3 security teams as per SOPs.
• Track and document incidents, ensuring proper logging in the ticketing system.
• Conduct basic malware analysis and phishing email investigation.
• Apply playbooks for incident handling and ensure SLA compliance.
• Support vulnerability management activities with scanning, reporting, and follow-ups.
• Provide shift handover reports and contribute to daily security operations.
• Stay updated with the latest cyber threats, attack techniques, and security advisories.

• Bachelor s degree in Computer Science, Information Security, or related field.
• Strong understanding of cybersecurity fundamentals (CIA triad, security layers, attack vectors).
• 1 2 years of relevant experience in cybersecurity monitoring, SOC, or IT security operations.
• Knowledge of SIEM tools (Splunk, QRadar, ArcSight, Azure Sentinel, etc.).
• Familiarity with Firewalls, IDS/IPS, Antivirus, and Endpoint Detection tools.
• Understanding of TCP/IP, DNS, HTTP, VPN, and other network protocols.
• Ability to analyze logs and recognize anomalous behavior.
• Good communication skills for reporting and coordination.
• Willingness to work in rotational shifts (24x7 SOC environment).
• Security certifications preferred (CompTIA Security+, CEH, CCNA Security, Splunk Fundamentals)

Teknowiz