L2 OT/IT SOC Analyst (Nazoomi & Palo Alto Cortex)

About the role

The L2 OT/IT SOC Analyst will provide advanced monitoring, investigation, threat hunting and platform management across operational technology (OT) and information technology (IT) environments. Acting as the escalation point for L1 analysts, this role ensures timely detection and response to security threats while coordinating with L3 specialists when needed.

Key responsibilities

• Investigate and qualify L2 incidents escalated from L1, performing contextual analysis.
• Proactively monitor and hunt for threats using IOCs and threat intelligence.
• Manage and fine‑tune security platforms (Nazoomi, Palo Alto Cortex XDR/XSOAR) to detect and respond to incidents.
• Design, deploy and maintain SIEM correlation rules and update the SOC knowledge base.
• Provide mitigation recommendations and support client incident notifications.
• Escalate complex cases to Level 3 and assist with major incident response.
• Contribute to periodic reporting (weekly, monthly, quarterly) on attacks and unusual activity.

Required profile

• Proven experience in SOC operations with L2 incident handling and escalation management.
• Strong background in SIEM/EDR alert triage, validation and threat hunting.
• Ability to work in a KPI‑driven, 24 × 7 SOC environment.
• Experience collaborating with vulnerability management and broader security stakeholders.

Required skills

• Nazoomi (OT security monitoring)
• Palo Alto Cortex XDR
• Palo Alto Cortex XSOAR
• SIEM platforms
• EDR tools
• Threat Intelligence and IOCs
• Correlation rule design and detection engineering