SOC Analyst (L2)

GROUP-IB TSHK

  • Казахстан
  • Постоянная работа
  • Полная занятость
  • 4 д. назад
What makes the role specialIn this role, you will go far beyond simple alert triage — you’ll take full ownership of complex incidents, investigate advanced attacks, and directly contribute to neutralizing threats for international clients. It’s a position that combines deep technical analysis, hands-on response, and mentorship, while giving you a fast track toward senior roles such as L3 Incident Response, Threat Intelligence, Malware Analysis, or Threat Hunting. Along the way, you’ll master advanced security tooling, shape detection logic, and turn your findings into actionable intelligence that strengthens both our team and our clients’ defenses.Tasks to solveInvestigate and respond to complex security incidents escalated from L1.Correlate endpoint, network, and log data to identify root cause and impact.Lead the full incident lifecycle: containment, forensics, remediation, reporting.Conduct malware, phishing, and forensic analysis to uncover attacker techniques.Perform proactive threat hunting and suggest improvements to detection logic.Mentor L1 analysts and create clear incident reports for stakeholders.Requirements1–3 years in SOC (L2) or similar role.Hands-on experience with incident response, forensics, and malware analysis.Strong knowledge of Windows/Linux/Mac artifacts, log and network analysis.Familiarity with MITRE ATT&CK and threat hunting approaches.Experience with SIEM, EDR/XDR, NDR; scripting (Python/PowerShell) is a plus.Strong analytical thinking and ability to work with incomplete data.Clear communication with both technical and business audiences.Ownership, autonomy, and willingness to mentor others.English B2+ for professional communication.Nice to have:Relevant certifications (e.g. GCIH, GCFA, GCFE, GNFA, GREM, eCIR, eCTHP, eCDFP).Why choose Group-IB:
  • Your happiness is important to us. We want every single team member to be happy.
  • Continuing professional development. At Group-IB, you can choose from various paths to growth: progress as an expert, advance to a management position, try your hand in another department, relocate abroad, or launch a new business area at Group-IB.
  • A team with extensive international expertise. Do you have experience but are looking for exciting challenges? By choosing us, you will be choosing complex tasks and continuously improving your skills in a fast-growing international company.
  • Globally recognized technologies. Group-IB's offices are located in seven countries and our products and services are sold in 60 countries. What’s more, Gartner, IDC, and Forrester have ranked our technologies among the best in their class. We work with over 450 international partners and about 500 clients.
  • A culture created by each of us. Group-IB’s employees speak many different languages and understand one another. We respect each other's beliefs, share common values, and strive toward the happiness of every employee.
  • Economic stability. Group-IB's sustainable growth helps rapidly develop careers that would take years to progress as far as most other companies.
What else you should know:
  • Health. If anything goes wrong, don’t worry — we offer health insurance.
  • Certificates and training courses. Group-IB specialists hold over 1,000 professional certificates, including CEH, CISSP, OSCP, GIAC, MCFE, BSI, as well as some rare ones that would be a source of pride for experts in forensics, penetration testing, and reverse engineering worldwide. We have an incentive program that helps employees achieve certifications at the company's expense.
  • Challenges. A wide selection of GIB programs helps you improve soft skills, gain new competencies, and receive monetary rewards.
  • The initiative is rewarded. At Group-IB, you can bring your most daring ideas to life. The company encourages technical blogging, writing articles, building sports teams, and other creative activities.
Sounds like you? Apply now!Group-IB is a partner of INTERPOL, Europol, and a leading cybersecurity and digital identity protection solutions provider.We are protecting the largest organizations and financial institutions worldwide from online fraud, threat actors and scam campaigns. Our work helps secure the lives of over 300 million users of online banking, e-commerce and e-government portals.Our daily routine consists of investigations of cyber fraud cases, deep research on fraud activity, and constant development of solution capabilities and detection mechanisms. We invite you to fight cybercrime together with us!

HeadHunter