SOC Analyst, Level 2

Job not on LinkedIn

🔥 0 minutes ago

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

CallTek

WebsiteLinkedInAll Job Openings

5001 - 10000 employees

Founded 2008

🤝 B2B

📡 Telecommunications

⚕️ Healthcare Insurance

B2B • Telecommunications • Healthcare Insurance

CallTek is a global leader in white-label technical support and business process outsourcing (BPO) services for technology operators and service providers. With over 19 years of experience, they offer a wide range of solutions including Technology as a Service (TaaS), field service management, network operations center (NOC) support, and remote patient monitoring. CallTek specializes in serving industries such as hospitality, healthcare, and multi-family housing by providing seamless on-site and remote technical support, project management, and customer service. Their extensive network of over 6,000 customer support agents offers 24/7 support in multiple languages, making them a trusted partner in amplifying business operations.

📋 Description

• Take escalations from L1 and perform in-depth investigations: hypothesis-driven analysis, evidence validation, scoping, impact assessment, and timeline building. • Correlate telemetry across endpoint (EDR), Windows/Linux, AD, firewall/proxy/DNS/IDS, and (when applicable) cloud logs. • Recommend and/or coordinate containment actions (host isolation, credential resets, IOC blocks, temporary control changes) following change control and governance. • Determine severity and communicate clearly in English to technical stakeholders; provide concise executive-style updates when required. • Identify detection gaps and drive improvements: reduce false positives, close false negatives, propose new rules/use cases. • Ensure evidence integrity and proper documentation, coordinate handoffs with IR, IT Ops, Network, and Cloud teams. • Produce post-incident deliverables: probable root cause, lessons learned, and preventive actions.

🎯 Requirements

• 2–5 years in SOC/IR/Blue Team (or equivalent demonstrated incident-handling experience). Solid fundamentals in networking: TCP/IP, DNS, HTTP/S, VPN, NAT. • EDR investigations (process trees, persistence, LOLBins behavior, containment workflows). • Windows/AD triage (authentication patterns, suspicious logon behavior, account activity) and Linux triage. • Network analysis and security controls (firewall/IDS/proxy/DNS), recognizing anomalous patterns. • Proven ability to produce defensible scoping and timelines based on evidence. • High documentation standards and the ability to perform under pressure. • Threat hunting experience and MITRE ATT&CK mapping. • Detection engineering exposure (Sigma/YARA at a basic/intermediate level), use-case design, and SIEM correlation strategy. • Basic forensics capabilities (acquisition concepts, triage artifacts, memory/disk fundamentals). • Certifications aligned to Blue Team / IR (e.g., GCIH/GCIA, BTL2, SC-200, etc.). • Strong spoken and written English (B2-High/C1 preferred) — able to lead technical calls, write incident summaries, and investigation notes.