L2 Security Analyst (Mid-Level)

CybersecurityFull-timeRemote | Shift-based

Why Work Here

You'll be part of a growing security operations team defending real client environments. This isn't a passive monitoring role — you'll investigate, respond, and improve. If you want hands-on security experience across multiple industries and threat landscapes, this is the place.

Role Summary

As an L2 Security Analyst, you'll investigate and respond to security incidents, manage SIEM and EDR platforms, and support clients with threat detection, vulnerability management, and compliance. You'll play a critical role in keeping client environments secure and resilient.

Key Responsibilities

Monitor, triage, and investigate security alerts from SIEM and EDR platforms

Perform incident response activities including containment, eradication, and recovery support

Conduct vulnerability assessments and work with clients to prioritise remediation

Manage and tune security tooling (e.g., Microsoft Sentinel, Defender for Endpoint, CrowdStrike, etc.)

Support clients with compliance-related security requirements (Cyber Essentials, ISO 27001, etc.)

Produce clear incident reports and security recommendations for both technical and non-technical audiences

Participate in threat hunting and proactive detection engineering

Contribute to the development of SOC playbooks, runbooks, and response procedures

Required Experience & Skills

2–4 years of experience in a SOC, security operations, or cybersecurity analyst role

Hands-on experience with SIEM platforms (e.g., Microsoft Sentinel, Splunk, or similar)

Experience with EDR tools (e.g., Defender for Endpoint, CrowdStrike, SentinelOne)

Solid understanding of common attack vectors, MITRE ATT&CK framework, and incident response processes

Familiarity with vulnerability management tools and processes

Strong analytical and problem-solving skills — you think critically under pressure

Clear communicator — able to write incident reports and explain findings to non-technical stakeholders

Relevant certifications are a plus (e.g., SC-200, CompTIA CySA+, BTL1, CEH) but not required

What Success Looks Like

Alerts are triaged quickly and accurately, with minimal false positive noise

Incidents are handled professionally with clear communication and documentation

Clients feel confident in the security posture you help maintain

You contribute to improving detection capabilities and SOC maturity over time

At Core Innovate, we hire for mindset, capability, and values. If you take ownership, value teamwork, and deliver excellence, you'll fit in well here.