L2 SOC Analyst

As a SOC Analyst Level 2 specializing in Operational Technology (OT) environments, your primary role is to handle escalated security incidents, collaborate with platform teams, and enhance threat detection logic across OT systems. Your focus will be on supporting incident response and improving fidelity, particularly within platforms like Nozomi Networks and Microsoft Sentinel. **Key Responsibilities:** - Provide incident handling and escalation support for critical incidents, especially from the Nozomi platform - Advise on security issue isolation and recommend remediation strategies - Lead incident response and threat containment activities in OT environments - Collaborate with the Nozomi platform team to fine-tune rules and reduce noise in Sentinel - Create and maintain playbooks for automating incident response related to Nozomi incidents - Enhance threat detection logic and perform false positive tuning to improve quality **Required Skills & Qualifications:** - Experience in SOC operations, particularly in OT environments - Hands-on knowledge of Nozomi Networks and Microsoft Sentinel platforms - Familiarity with incident response workflows, playbook creation, and tuning - Strong analytical and problem-solving skills - Ability to work in a 24x7 operational environment and collaborate across teams - Good communication skills and attention to detail **About UST:** UST is a global digital transformation solutions provider that has been partnering with leading companies worldwide for over 20 years. With a focus on innovation and agility, UST embeds technology and purpose-driven solutions into their clients' organizations. With over 30,000 employees across 30 countries, UST aims to make a real impact through transformation, touching billions of lives in the process. As a SOC Analyst Level 2 specializing in Operational Technology (OT) environments, your primary role is to handle escalated security incidents, collaborate with platform teams, and enhance threat detection logic across OT systems. Your focus will be on supporting incident response and improving fidelity, particularly within platforms like Nozomi Networks and Microsoft Sentinel. **Key Responsibilities:** - Provide incident handling and escalation support for critical incidents, especially from the Nozomi platform - Advise on security issue isolation and recommend remediation strategies - Lead incident response and threat containment activities in OT environments - Collaborate with the Nozomi platform team to fine-tune rules and reduce noise in Sentinel - Create and maintain playbooks for automating incident response related to Nozomi incidents - Enhance threat detection logic and perform false positive tuning to improve quality **Required Skills & Qualifications:** - Experience in SOC operations, particularly in OT environments - Hands-on knowledge of Nozomi Networks and Microsoft Sentinel platforms - Familiarity with incident response workflows, playbook creation, and tuning - Strong analytical and problem-solving skills - Ability to work in a 24x7 operational environment and collaborate across teams - Good communication skills and attention to detail **About UST:** UST is a global digital transformation solutions provider that has been partnering with leading companies worldwide for over 20 years. With a focus on innovation and agility, UST embeds technology and purpose-driven solutions into their clients' organizations. With over 30,000 employees across 30 countries, UST aims to make a real impact through transformation, touching billions of lives in the process.