Security Operations Center (SOC) Analyst – Level 2 (L2)

Job Summary

The SOC L2 Analyst provides advanced security monitoring, incident investigation, and response across client environments. This role requires strong analytical skills, hands‑on experience with SIEM/EDR platforms, and the ability to manage escalated incidents from identification through remediation. The analyst also interfaces with various technical teams, drives improvements in SOC processes, and ensures defensive measures are aligned with emerging threats

Key Responsibilities

Security Monitoring & Incident Handling

Lead the investigation of security incidents escalated from Level 1, validating initial analysis and identifying missing or inaccurate details.

Manage the full incident lifecycle including identification, triage, containment, remediation, and closure.

Perform in‑depth analysis of security alerts, logs, and events across SIEM, EDR, firewall, network, and cloud telemetry.

Conduct root‑cause analysis, document impact, and provide actionable recommendations.

Support major incidents and complex investigations, ensuring timely and accurate escalation.

Threat Detection & Analysis

Analyze threat campaigns, attacker tactics, techniques, and procedures (TTPs), and extract indicators of compromise.

Identify emerging threats and assess potential impact on client environments.

Tune detection rules, correlation logic, and use cases to enhance accuracy and reduce false positives.

Platform & Tool Expertise

Work with SIEM platforms (such as Splunk ES, QRadar, or equivalent) for advanced event analysis and correlation.

Utilize EDR, IDS/IPS, sandboxing tools, and other SOC technologies to perform comprehensive investigations.

Access and interpret elevated log sources across platforms including firewalls, endpoint logs, cloud services, and DNS telemetry.

Process Adherence & Documentation

Ensure all investigations and evidence are fully documented in case management systems.

Prepare post‑incident analysis reports with observations, lessons learned, and improvement recommendations.

Adhere to SOC processes, SLAs, and quality standards while contributing to their ongoing enhancement.

Collaboration & Communication

Coordinate closely with internal teams including SecOps, Network, Cloud, Platform Engineering, and Threat Intelligence.

Engage resolver teams to support containment or remediation activities as required.

Communicate technical findings clearly to both technical and non‑technical stakeholders.

Experience

Required Skills & Qualifications

4–8 years of experience in SOC operations, security monitoring, and incident response.

Strong experience with SIEM, EDR, intrusion detection systems, and threat analysis tools.

Solid background in network security, log analysis, and event correlation.

Exposure to cloud environments such as AWS, Azure, or Google Cloud.

Technical Expertise

Understanding of network protocols, security architectures, and endpoint behaviors.

Experience in threat hunting, IOC analysis, and basic forensic triage.

Ability to analyze large datasets from multiple telemetry sources.

Certifications (Preferred)

GCIA, GCIH, GREM, CEH, GCFA, CISSP, Security+, or equivalent security certifications.

Soft Skills

Strong written and verbal communication skills.

Ability to work under pressure and manage incidents in high‑volume SOC environments.

Analytical mindset with excellent problem‑solving capabilities and attention to detail.

Why Accenture Security

The role provides exposure to enterprise‑scale environments, complex cyber incidents, and advanced security technologies. SOC L2 Analysts benefit from continuous learning, defined career progression paths, and collaboration with global cybersecurity experts across Accenture’s delivery network.