Cybersecurity Jobs List logo

Cybersecurity Jobs List

  1. Home
  2. Jobs
  3. HR
  4. Zagreb
  5. Zagreb
  6. Cybersecurity
  7. Tier 2 SOC Analyst
DI
Divertodiverto.hr

Tier 2 SOC Analyst

Zagreb, Zagreb, Croatia (Hybrid)Full-time2h ago

Key Responsibilities:

  • Analyze and investigate security alerts escalated from Tier 1 analysts to determine root cause, impact, and scope.
  • Perform in-depth incident analysis using SIEM, EDR, network traffic analysis, and log correlation.
  • Validate true positives and classify incidents according to severity, risk, and business impact.
  • Lead containment, eradication, and recovery actions in coordination with IT, IR, and other stakeholders.
  • Create and enrich incident timelines, evidence, and detailed documentation in incident tracking systems.
  • Develop, update, and improve SOC playbooks, detection rules, and escalation procedures.
  • Proactively hunt for threats using threat intelligence, IOCs, and behavioral indicators.
  • Tune SIEM and EDR alerts to reduce false positives and improve detection accuracy.
  • Mentor and provide guidance to Tier 1 analysts during investigations and shift operations.
  • Participate in incident response drills, tabletop exercises, and post-incident reviews.
  • Assist in creating reports, metrics, and dashboards for SOC leadership and stakeholders.
  • Stay current with emerging threats, attack techniques, and defensive strategies.
  • Support shift handovers and ensure continuity of investigations across teams.
  • Strong understanding of networking concepts: TCP/IP, DNS, HTTP/S, VPNs, firewalls, proxies.
  • Solid experience with Windows and Linux systems, including log analysis and command-line tools.
  • Working knowledge of malware behavior, phishing campaigns, credential abuse, and exploitation techniques.
  • Hands-on experience with SIEM platforms (Splunk, QRadar, Microsoft Sentinel, etc.).
  • Experience using EDR/XDR tools (Defender, CrowdStrike, SentinelOne, etc.).
  • Familiarity with packet capture and network analysis tools (Wireshark, Zeek, tcpdump).
  • Understanding of cybersecurity frameworks and methodologies (MITRE ATT&CK, NIST, kill chain).
  • Basic scripting or query skills (KQL, SPL, SQL, Python, PowerShell) preferred.

Soft Skills:

  • Strong analytical thinking and investigative mindset.
  • Ability to manage multiple incidents in a fast-paced SOC environment.
  • Clear and effective communication with technical and non-technical stakeholders.
  • Attention to detail and strong documentation habits.
  • Collaborative mindset with a willingness to mentor junior analysts.
  • Proactive attitude toward continuous improvement and learning.

What we offer: 

  • Growth in an open-minded culture with very little hierarchical macrostructure.
  • Opportunity to achieve your biggest potential and development in your area of responsibility.
  • Continuous development and advancement through industry-relevant certifications and internal/external training/workshops.
  • Challenging local and global projects involving current solutions.
  • Learning and sharing experiences with well-known and respected experts in the field of information/cybersecurity. • Positive, motivating, international work environment.
  • Hybrid work – office work + possibility of working from home by agreement.
  • Flexible working hours.
  • Additional and supplementary health insurance packages.
  • Monthly fee for transportation.
  • Multisport membership.
  • Pet-friendly office.
  • Social events and team bonding gatherings.

Wherever our customers are in the world, we help them digitalise and optimise their remote business processes using advanced hybrid network solutions and digital technologies. At Marlink, we empower our customers worldwide by helping them digitalize and optimize their remote operations through advanced hybrid network solutions and cutting-edge digital technologies. Our teams operate globally, harnessing innovation, expertise, and applied technology to connect systems and people, driving success in today’s digital-first world. With 1,500 employees in over 30 countries, and customers in the maritime, energy, and government sectors, we push boundaries to deliver excellence. 
The Tier 2 SOC Analyst is responsible for advanced investigation, analysis, and response to security incidents escalated from Tier 1. This role focuses on validating threats, conducting deeper forensic analysis, coordinating incident response actions, and improving SOC detection and response capabilities. Tier 2 analysts act as a technical escalation point and mentor Tier 1 analysts while helping mature SOC processes and playbooks.

Categories

Cybersecurity
Incident Response
Information Security
Security Operations
SOC Analyst

Skills

CrowdStrike
EDR
Incident Response
KQL
Linux
Microsoft Defender
MITRE ATT&CK
PowerShell
Python
SentinelOne
SIEM
Splunk
TCP/IP
Threat Hunting
Wireshark