Jobs · remotefirstjobs
L2 Security Analyst
Ironwood Digital · Remote · Posted 16d ago
About the role
Provide incident validation and response recommendations as a Level 2 SOC Analyst.
Company Description Accesa is a leading technology company headquartered in Cluj-Napoca, with offices in Oradea and 20 years of experience in turning business challenges into opportunities and growth. A value-driven organisation, it has established itself as a partner of choice for major brands in Retail, Manufacturing, Finance, and Banking. It covers the complete digital evolution journey of its customers, from ideation and requirements setup to software development and managed services solutions. With more than 1,200 IT professionals, Accesa also has a fast-growing footprint, establishing itself as an employer of choice for IT professionals who are passionate about problem-solving through technology. Coming together in strong tech teams with a customer-centric approach, they enable businesses to grow, delivering value for our clients, partners, industry, and community. Job Description About the Team & Culture You will be joining a team that operates as consultants and partners to our clients, helping them innovate their existing processes and tools. We are focused on efficiency, strong communication, and sustainable learning paths. You will have an impact on the project’s evolution and the chance to contribute your own ideas to build successful client relationships. The Role We are looking for a SOC Analyst - Level 2 with strong experience in deeper investigation, incident validation, response recommendations, targeted hunting, and hands-on guidance for the analysts around them. This is the escalation and deeper-investigation analyst lane. It is expected to take technically demanding cases further than the Level 1 lane, improve case quality across the team, and help shape practical service improvements. It is not a baseline architecture role, and it is not the default owner of recurring detection content or day-to-day platform administration. This role includes scheduled weekly on-call escalation coverage outside normal working or rota hours, according to the agreed service process. Key Responsibilities Operations (Threat Detection & Incident Response) Lead the investigation of higher-severity, ambiguous, or fast-moving incidents across available security telemetry and case evidence Determine likely root cause, affected identities and assets, probable scope, and the next actions that matter most Use targeted hunting and hypothesis-testing workflows to validate suspicious activity and uncover related activity that is not obvious from the initial alert Produce clear investigation records and evidence-based response recommendations that support timely decision-making through the customer approval path Support clear customer-facing incident handling by turning technical findings into usable evidence summaries and next-step recommendations within the defined case path Review escalations from Level 1 analysts and help move difficult cases forward without unnecessary reinvention Provide scheduled weekly on-call escalation support according to the agreed service process • identify visibility gaps, weak alert context, and recurring investigative friction that should feed into detection tuning, playbook refinement, or workflow improvement Propose practical automation ideas where repetitive investigation work can be made faster or more consistent Support the technical growth of other analysts through case guidance, review, and operationally useful feedback Qualifications Required Skills: Strong hands-on experience in SOC, MDR, or incident-response work Practical depth in investigation across endpoint, identity, email, cloud, network, and case evidence Strong analytical skills for investigation, hunting, and validating suspicious activity Ability to assess scope, impact, and urgency in higher-severity cases Ability to produce evidence-based recommendations and clear escalation or response records Strong written and verbal communication in English Ability to guide Level 1 analysts through technically difficult casework Willingness and ability to participate in weekly on-call escalation coverage Responsible AI literacy, including the ability to use approved AI-assisted workflows cautiously, validate outputs against source evidence, avoid entering customer-sensitive data into unapproved or public AI tools, and avoid treating AI output as evidence, approval, or authority Ability to challenge weak AI-assisted analysis from others when it skips evidence validation, creates false confidence, or exceeds the approved operating model Regular use of AI tools to improve productivity, automate or reduce repetitive work, support decision-making, and deliver higher-quality outcomes. Ability to use AI tools responsibly by structuring effective prompts, critically validating outputs, understanding limitations, and taking ownership of the final result. Soft Skills: Consultative Approach: Ability to explain technical risks to non-technical business stakeholders. Communication: Excellent written and verbal communication in English (Germ
Read the full posting on remotefirstjobs →
FAQ
Is the L2 Security Analyst role at Ironwood Digital remote?+
This L2 Security Analyst position is listed as remote (Remote).
What is the salary for the L2 Security Analyst role at Ironwood Digital?+
The listing states Estimated 131k-280k USD.
What seniority level is this L2 Security Analyst role?+
This is a unknown level position.
How do I apply for the L2 Security Analyst role at Ironwood Digital?+
Use the "Apply on remotefirstjobs" button to open the original posting on remotefirstjobs, where you can submit your application directly to Ironwood Digital.