Jobs Companies CallTek SOC Analyst L2

About this SOC Analyst L2 role at CallTek

CallTek · Remote · Philippines

As a SOC Analyst L2, you will lead deeper investigations of escalated cases, confirm incidents, determine scope and impact, drive containment actions with internal teams, and produce high-quality technical communications and post-incident outputs. You will also contribute to detection improvement (tuning, new detections, playbook updates).

Responsibilities:

  • Take escalations from L1 and perform in-depth investigations: hypothesis-driven analysis, evidence validation, scoping, impact assessment, and timeline building.
  • Correlate telemetry across endpoint (EDR), Windows/Linux, AD, firewall/proxy/DNS/IDS, and (when applicable) cloud logs.
  • Recommend and/or coordinate containment actions (host isolation, credential resets, IOC blocks, temporary control changes) following change control and governance.
  • Determine severity and communicate clearly in English to technical stakeholders; provide concise executive-style updates when required.
  • Identify detection gaps and drive improvements: reduce false positives, close false negatives, propose new rules/use cases.
  • Ensure evidence integrity and proper documentation, coordinate handoffs with IR, IT Ops, Network, and Cloud teams.
  • Produce post-incident deliverables: probable root cause, lessons learned, and preventive actions.

Requirements

  • 2–5 years in SOC/IR/Blue Team (or equivalent demonstrated incident-handling experience). Solid fundamentals in networking: TCP/IP, DNS, HTTP/S, VPN, NAT.
  • EDR investigations (process trees, persistence, LOLBins behavior, containment workflows).
  • Windows/AD triage (authentication patterns, suspicious logon behavior, account activity) and Linux triage.
  • Network analysis and security controls (firewall/IDS/proxy/DNS), recognizing anomalous patterns.
  • Proven ability to produce defensible scoping and timelines based on evidence.
  • High documentation standards and the ability to perform under pressure.
  • Threat hunting experience and MITRE ATT&CK mapping.
  • Detection engineering exposure (Sigma/YARA at a basic/intermediate level), use-case design, and SIEM correlation strategy.
  • Basic forensics capabilities (acquisition concepts, triage artifacts, memory/disk fundamentals).
  • Certifications aligned to Blue Team / IR (e.g., GCIH/GCIA, BTL2, SC-200, etc.).
  • Strong spoken and written English (B2-High/C1 preferred) — able to lead technical calls, write incident summaries, and investigation notes.
Ready to apply to CallTek?
Apply to CallTek

About CallTek

CallTek is a leading provider of comprehensive back-office support services, empowering businesses to thrive in today’s dynamic market. With over 20 years of experience and a global workforce of 8,000 professionals; we specialize in offering tailored solutions that drive efficiency, innovation, and growth.

See all jobs at CallTek →

Similar jobs

Sign up for suggestions tailored to the jobs you open and the searches you save.

Apply now
🤖

Whoa — hold up

JobsRadar was built for real people having a rough time in their job search — not for automated requests. You're clicking way too fast and you're now temporarily blocked.

Come back later. If you're genuinely job hunting, we've got your back — just act like a human.

Catch your next role the second it’s posted.

Create a free account and we’ll watch the boards for you — the instant a job matches your search, it lands in your inbox or Telegram. No digging, no refreshing.

Create free account

Free forever · takes 30 seconds · already have one?

Get an edge on your job hunt.

Join our Telegram channel for the stuff that helps you land the role — salary benchmarks, the weekly market pulse, and new-feature drops. No spam, just signal.

Join the channel — it's free