This website uses cookies to ensure you get the best experience.

Levi9 Romania and our selected partners use cookies and similar technologies (together “cookies”) that are necessary to present this website, and to ensure you get the best experience of it. If you consent to it, we will also use cookies for analytics and marketing purposes.

See our Cookie Policy to read more about the cookies we set.

You can withdraw and manage your consent at any time, by clicking “Manage cookies” at the bottom of each website page.

Select which cookies you accept

On this site, we always set cookies that are strictly necessary, meaning they are necessary for the site to function properly.

If you consent to it, we will also set other types of cookies. You can provide or withdraw your consent to the different types of cookies using the toggles below. You can change or withdraw your consent at any time, by clicking the link “Manage Cookies”, which is always available at the bottom of the site.

To learn more about what the different types of cookies do, how your data is used when they are set etc, see our Cookie Policy.

These cookies are necessary to make the site work properly, and are always set when you visit the site.

Vendors Teamtailor

These cookies collect information to help us understand how the site is being used.

Vendors Teamtailor

These cookies are used to make advertising messages more relevant to you. In some cases, they also deliver additional functions on the site.

Vendors Meta, Youtube, Linkedin
Skip to main content
Iasi · Hybrid

SOC Analyst (L2)

JOIN OUR TEAM

At Levi Nine we are passionate about what we do. We love our work and together in a team we are smarter and stronger. We work in a dynamic and challenging environment with talented and forward-thinking people who are part of creative and innovative teams. We are looking for skilled team players who make change happen. Are you one of these players?

OUR PARTNER:

Our partner, ABN AMRO Clearing, is a global leader in the domain of clearing, offering access to a wide range of listed instruments on markets across the globe.

IT is at the heart of their organization with more than 30 different product teams and 10 different platform teams that are trying to build the best products & services for their customers.

Their presence in important financial centers like Amsterdam, Chicago, Sydney, Singapore, Tokyo Hong Kong, London, Sao Paulo, Frankfurt and Iasi, allows them to effectively serve clients worldwide and maintain close proximity to their diverse customer base.

THE ROLE INVOLVES:

As a SOC Analyst (L2), you focus on detection engineering and incident investigation, working hands-on with Splunk Enterprise Security.

You contribute to a SOC in a build-up phase, helping shape detection engineering practices, playbooks, and processes.

Detection engineering is your primary focus, while investigations help continuously improve detection quality.

You will also contribute to the adoption of Detection as Code (DaC) practices, where detections are treated as structured, version-controlled, and reusable assets.

You work closely with the Senior L3 Detection Lead to implement detection use cases, improve coverage, and contribute to a structured detection engineering lifecycle.

Responsibilities:

  • Investigate alerts escalated from L1 analysts.

  • Build and improve detection use cases in Splunk ES.

  • Tune alerts to improve quality and reduce false positives.

  • Develop and maintain detection & response playbooks.

  • Apply Detection as Code principles.

  • Contribute to version-controlled detection content.

  • Identify detection gaps and propose improvements.

  • Support threat hunting activities and translate findings into detections.

  • Collaborate with L3 to refine detection logic and standards.

TECHNICAL PLAYGROUND:

  • 3-5 years in SOC / incident response / blue team roles

  • Hands-on experience with SIEM (preferably Splunk ES)

  • Experience handling Tier 2 investigations

  • Strong understanding of detection engineering and use case development

  • Familiarity with MITRE ATT&CK framework

  • Ability to analyze logs across endpoint, network, and cloud environments

  • Comfortable working in a build-up environment, where processes and standards are still being established.

NICE TO HAVE:

  • Certifications such as the following would be desirable but not mandatory: GCIH, GDAT, GCDA, GISP, OSDA, CCFR, SC-900, SC-200, Splunk

  • Basic automation/scripting experience

  • Interest in detection engineering frameworks and best practices

  • A keen interest in cyber security and a desire to learn more and improve the current way of working

  • Relevant university degree in Computer Science, Engineering, or a related field

SOFT SKILLS:

  • Fluent English, with good written and verbal communication skills

  • Strong analytical and investigative mindset

  • Ability to work under pressure

  • Clear communication and structured documentation

  • Proactive and improvement-driven approach

Locations
Iasi
Remote status
Hybrid
Technologies
Splunk, MITRE, Cybersecurity, SOC
Seniority level
Medior, Senior

Current job openings

More jobs

Iasi

About Levi9 Romania

Levi9 is a nearshore technology service provider with around 1000 employees and 50+ customers. We specialize in custom made business IT – 95% of our work is on the revenue side of our customers. This is where time to market, high productivity, stable team velocity, and great quality through automation, agility, intensive interaction and understanding matter most.

Co-workers 1000
Iasi · Hybrid

SOC Analyst (L2)

Loading application form

Already working at Levi9 Romania?

Let’s recruit together and find your next colleague.

Applicant tracking system by Teamtailor