Level 2 SOC Analyst – Cybersecurity Operations

About the role

We are looking for a highly analytical Level 2 Security Operations Center (SOC) Analyst to join our Cyber Trust team in Portugal. You will act as the escalation point for complex security incidents, conducting deep investigations into potential breaches, malware outbreaks, and advanced cyber threats.

Key responsibilities

• Investigate and mitigate complex security incidents escalated from Level 1 analysts, providing thorough technical diagnosis and root‑cause analysis.
• Execute containment strategies, isolate affected systems, apply corrective actions, and track post‑incident activities across servers, networks, and endpoints.
• Author and refine technical documentation, contribute to SOC process optimisation, and enrich the central knowledge base.
• Utilise and orchestrate modern SIEM and SOAR platforms, designing, deploying, and optimising automated response playbooks.

Required profile

• Proven professional experience working in a modern SOC environment as an advanced analyst.
• Solid hands‑on experience operating, querying, and extracting insights from major enterprise SIEM platforms.
• Demonstrated ability to create, tune, and implement custom Use Cases for emerging threat vectors.
• Deep technical understanding and operational experience with SOAR technologies and automated playbooks.
• Relevant certifications such as CEH, BTL1/BTL2, or GIAC (e.g., GCIH, GCIA, GMON) are valued.

Required skills

• SIEM platforms
• SOAR technologies
• Use Case Engineering
• Playbook Development