Level 2 SOC Analyst – Cybersecurity Operations

About the role

Devoteam Cyber Trust is looking for a highly analytical Level 2 Security Operations Center (SOC) Analyst to join its Portuguese team. You will act as the escalation point for complex security incidents, conducting deep investigations into potential breaches, malware outbreaks, and advanced cyber threats while bridging real‑time defense with security architecture.

Key responsibilities

• Investigate and mitigate complex incidents escalated from Level 1 analysts, providing thorough technical diagnosis and root‑cause analysis.
• Execute containment, system isolation, corrective actions, and post‑incident tracking across servers, networks, and endpoints.
• Author and refine technical documentation, improve SOC processes, and enrich the centralized knowledge base.
• Utilise and orchestrate modern SIEM and SOAR platforms, designing, deploying, and optimising automated response playbooks.

Required profile

• Proven experience working in a modern SOC environment as an advanced analyst.
• Hands‑on expertise with enterprise SIEM platforms, including query and insight extraction.
• Demonstrated ability to create, tune, and implement custom Use Cases for evolving threat vectors.
• Direct operational experience with SOAR technologies and playbook development.
• Relevant certifications such as CEH, BTL1/BTL2, or GIAC (GCIH, GCIA, GMON) are valued.

Required skills

• SIEM platforms
• SOAR automation
• Use Case Engineering
• Playbook Development
• CEH (Certified Ethical Hacker)
• BTL1 / BTL2 (Blue Team Level 1 or 2)
• GIAC certifications (GCIH, GCIA, GMON)