<div><strong>Task and Responsibilities:</strong></div><div><br></div><ul><li>Security Incident Monitoring: Continuously monitor security alerts, logs, and events generated by SIEM systems and other security tools to detect and investigate security incidents;</li><li>Incident Triage: Prioritize and escalate security incidents based on their severity and potential impact;</li><li>Incident Investigation: Conduct in-depth investigations into security incidents, including identifying the scope, impact, and root causes.;Threat Intelligence: Utilize threat intelligence feeds to stay informed about emerging threats and adapt security measures accordingly;</li><li>Incident Response: Develop and execute incident response plans, including containment, eradication, and recovery activities;</li><li>Microsoft Defender for Endpoint: Utilize in-depth knowledge of Microsoft Defender for Endpoint to analyze and respond to endpoint security incidents, including endpoint detection and response (EDR) capabilities;</li><li>Collaboration: Collaborate with L1 and L3 security teams and any other stakeholder, to coordinate and execute incident response efforts;</li><li>MITRE ATT&amp;CK Framework: Apply expertise in the MITRE ATT&amp;CK framework to understand adversary tactics, techniques, and procedures (TTPs) and adapt security measures accordingly.</li></ul><div><br></div><div><br></div><div><strong>Job Requirements:</strong></div><div><strong> </strong></div><ul><li>A university degree in a related field;</li><li>At least 2 years of experience in a related field;</li><li>Strong understanding of cybersecurity principles, techniques, and technologies;</li><li>Proficiency in SIEM systems, including creating and maintaining correlation rules, alerts, and reports;</li><li>Proficiency in Microsoft Defender for Endpoint and endpoint security concepts;</li><li>Experience with incident response tools, forensic analysis, and threat intelligence;</li><li>Expertise in the MITRE ATT&amp;CK framework and its application in incident response and threat analysis;</li><li>Ability to work under pressure and respond to security incidents in a timely manner;</li><li>Relevant industry certification such as Blue Team Level 1 or 2, CompTIA Security+, CEH are a plus;</li><li>IT Background;</li><li>Accuracy and detail orientation;</li><li>Very Good communication skills;</li><li>Very Good negotiation skills;</li><li style="text-align: justify;">Very good knowledge of English.</li></ul>
Job details

SOC L2 Security Analyst

Competence Center




get in touch

If you have questions regarding the application process or about your career plans, please contact our career team in the following contact details:

Str. Robert Doll, #99, Prishtinë

+383 38 222 222 (273)


To be informed proactively for the future career opportunities, please subscribe below:

Responsive image