Security Analyst SOC Operations

The Role

The Security Analyst SOC Operations (Level 2) is responsible for advanced monitoring investigation and response to cybersecurity incidents within a Private 5G Security Operations Center. This role performs in-depth analysis of incidents escalated from Level 1 leads root cause investigations and supports the continuous security and resilience of 4G/5G RAN and Core networks. The position plays a critical role in strengthening detection capabilities improving response processes and ensuring uninterrupted and secure network operations.

Duties and Responsibilities

• Conduct detailed analysis of security incidents escalated by L1 SOC analysts.

• Perform root cause analysis and advanced investigations to determine scope impact and threat vectors.

• Respond to contain and remediate security incidents while minimizing operational and service impact.

• Utilize advanced security tools and techniques to analyze investigate and mitigate threats.

• Collaborate with internal and external teams to implement corrective and preventive security controls.

• Document incident findings actions taken and lessons learned in accordance with SOC procedures.

• Provide recommendations for improving incident response playbooks and 5G-specific security procedures.

• Maintain strong working knowledge of 4G/5G protocols signaling flows and architectures for RAN and Core.

• Provide technical guidance mentoring and on-the-job training to L1 SOC analysts.

• Monitor evolving threat landscapes vulnerabilities and technologies impacting 5G environments.

• Support and maintain the 5G SOC operations lab.

• Ensure the ongoing integrity availability and security of 5G RAN and Core network environments.

Requirements

• Bachelors degree in Computer Science Information Security or a related discipline.

• Strong understanding of TCP/IP OSI Seven Layer Model and diverse network architectures.

• Strong knowledge of cybersecurity principles and 4G/5G technologies.

• Hands‑on experience with security tools including SIEM SOAR IDS/IPS and forensic analysis tools.

• Proven ability to conduct advanced investigations including malware analysis and threat containment.

• Experience working in 4G/5G Security Operations environments.

• Experience in ISP or telecom environments is a strong advantage.

• Hands‑on experience with Splunk and Microsoft Sentinel.

• Experience across IT and OT environments.

• Strong analytical problem‑solving documentation and communication skills.

• Ability to work under pressure and respond effectively to security incidents.

• Industry certifications are preferred including CompTIA Security CSA CCNA Cyber

Ops CySA GCIH BTL1 MITRE ATT&CK Defender (MAD) and Splunk / Microsoft Sentinel certifications.