company-logo

L2 Security Analyst (Splunk & Google Technologies)

Description

We are seeking a highly skilled L2 Security Analyst to join our dynamic Security Operations Center (SOC). In this role, you will be the technical escalation point for L1 analysts, responsible for advanced incident investigation, threat hunting, and security engineering within a hybrid environment. You will leverage your deep expertise in Splunk Enterprise Security, Google Chronicle, and Google Cloud Security Command Center (SCC) to detect, analyze, and respond to sophisticated cyber threats. This position is crucial for driving operational resilience by ensuring rapid response to alerts, continuously improving detection logic, and automating repetitive security tasks. You will perform proactive threat hunts, develop custom correlation searches, and create SOAR playbooks to enhance our security posture. Your contributions will directly impact our ability to protect critical on-premise and cloud infrastructures against emerging threats.

Requirements

1. Strong hands-on experience with Splunk Enterprise Security (ES), including advanced SPL queries and correlation search development.

2. Expertise in Google Chronicle SIEM and Google Cloud Security Command Center (SCC) for threat analysis.

3. Proven experience in L2 incident response, including root-cause analysis, containment, and eradication.

4. Demonstrated ability to perform proactive threat hunting using SIEM and EDR data.

5. Experience with SOC automation using Splunk SOAR (Phantom) or scripting languages like Python, PowerShell, or Bash.

6. Familiarity with operating and tuning EDR solutions such as Trellix EDR or Microsoft Defender for Endpoint.

7. Solid understanding of the MITRE ATT&CK framework and its application in detection engineering.

8. Working knowledge of cloud security principles and network protocols (TCP/IP, DNS, HTTP/S).

Desirable

1. Experience with BigQuery analytics for security use cases.

2. Relevant certifications such as Splunk Certified Power User/ES Analyst, Google Cloud Certified Security Engineer, or GCIH.

3. Experience mentoring junior analysts and tuning security use cases to reduce false positives.

4. Familiarity with compliance frameworks like ISO 27001, QCB, or NIA.

5. Knowledge of threat intelligence platforms (e.g., MISP) and integrating IoCs into detection tools.

Getting StartedA few quick details so we know how to reach you

How did you hear about us? *

Which country's passport do you hold? *

Email *(Please ensure the email matches the one mentioned in your CV or resume)

LinkedIn Profile URL *

Please mention your notice period *

Let’s Get to Know You BetterA few short questions to understand your experience and what you enjoy doing

1. Do you have at least 3 years of hands-on experience creating custom SPL correlation searches in Splunk Enterprise Security? *

2. Have you used Google Chronicle and Google Cloud Security Command Center (SCC) in a professional SOC environment for incident investigation? *

3. Do you have experience developing or maintaining automation playbooks in a SOAR platform like Splunk Phantom? *

4. Have you been responsible for the full L2 incident response lifecycle, from L1 escalation to L3 handover? *

5. Do you have experience writing scripts for security automation using Python, PowerShell, or Bash? *

6. Do you currently hold an active certification in either Splunk (e.g., Power User, ES Analyst) or Google Cloud (e.g., Security Engineer)? *

Final DetailsSalary expectations and any supporting credentials
1. Where does your salary sit today (so we can help it move up tomorrow)?*

Enter your monthly salary in your local currency

2. What’s the number that’ll make you say "this is worth it"?*

Per month, in the currency mentioned

Upload ResumeHelp us get to know you better by sharing your most recent resume
Something went wrong. Please try again later!
Something went wrong. Please try again later!
Something went wrong. Please try again later!
Something went wrong. Please try again later!
Something went wrong. Please try again later!
Something went wrong. Please try again later!
Something went wrong. Please try again later!
Something went wrong. Please try again later!
Something went wrong. Please try again later!
Something went wrong. Please try again later!
Something went wrong. Please try again later!
Something went wrong. Please try again later!
Something went wrong. Please try again later!
Something went wrong. Please try again later!
Something went wrong. Please try again later!
Something went wrong. Please try again later!
Something went wrong. Please try again later!
Something went wrong. Please try again later!
Something went wrong. Please try again later!
Something went wrong. Please try again later!