Security Intelligence And Analytics SOC Level 3

The Role

The Security Analyst – SOC Operations (Level 2) is responsible for advanced monitoring, investigation, and response to cybersecurity incidents within a Private 5G Security Operations Center. This role performs in-depth analysis of incidents escalated from Level 1, leads root cause investigations, and supports the continuous security and resilience of 4G/5G RAN and Core networks. The position plays a critical role in strengthening detection capabilities, improving response processes, and ensuring uninterrupted and secure network operations.

Duties and Responsibilities

• Conduct detailed analysis of security incidents escalated by L1 SOC analysts.
• Perform root cause analysis and advanced investigations to determine scope, impact, and threat vectors.
• Respond to, contain, and remediate security incidents while minimizing operational and service impact.
• Utilize advanced security tools and techniques to analyze, investigate, and mitigate threats.
• Collaborate with internal and external teams to implement corrective and preventive security controls.
• Document incident findings, actions taken, and lessons learned in accordance with SOC procedures.
• Provide recommendations for improving incident response playbooks and 5G-specific security procedures.
• Maintain strong working knowledge of 4G/5G protocols, signaling flows, and architectures for RAN and Core.
• Provide technical guidance, mentoring, and on-the-job training to L1 SOC analysts.
• Monitor evolving threat landscapes, vulnerabilities, and technologies impacting 5G environments.
• Support and maintain the 5G SOC operations lab.
• Ensure the ongoing integrity, availability, and security of 5G RAN and Core network environments.

Requirements

• Bachelors degree in Computer Science, Information Security, or a related discipline.
• Strong understanding of TCP/IP, OSI Seven Layer Model, and diverse network architectures.
• Strong knowledge of cybersecurity principles and 4G/5G technologies.
• Hands-on experience with security tools including SIEM, SOAR, IDS/IPS, and forensic analysis tools.
• Proven ability to conduct advanced investigations, including malware analysis and threat containment.
• Experience working in 4G/5G Security Operations environments.
• Experience in ISP or telecom environments is a strong advantage.
• Hands-on experience with Splunk and Microsoft Sentinel.
• Experience across IT and OT environments.
• Strong analytical, problem-solving, documentation, and communication skills.
• Ability to work under pressure and respond effectively to security incidents.
• Industry certifications are preferred, including CompTIA Security+, CSA, CCNA CyberOps, CySA+, GCIH, BTL1, MITRE ATT&CK Defender (MAD), and Splunk / Microsoft Sentinel certifications.