Company description:


Omniaccess is leading Managed Security Service Provider (MSSP) specialized in delivering advanced cybersecurity solutions to the maritime industry. With a global footprint and 24/7 operations, we protect over 1,800 vessels worldwide, offering centralized monitoring, threat detection, incident response, and compliance support tailored to the unique challenges of the maritime environment. Our services are designed to secure vessel operations, onboard systems, and critical infrastructure, ensuring business continuity and resilience against evolving cyber threats.


Our team is composed of passionate cybersecurity professionals dedicated to innovation, operational excellence, and customer success. As a trusted partner to shipowners, operators, and maritime technology providers, we combine deep sector expertise with state-of-the-art tools and processes to deliver reliable, efficient, and scalable managed security services. Joining us means being part of a mission-driven organization that plays a key role in safeguarding global maritime operations.





Description of functions:

The SOC L2 Engineer is responsible for advanced threat detection, incident response, and security monitoring activities. This position acts as the escalation point for SOC L1 Analysts and plays a key role in investigating and containing cybersecurity threats in real-time. The engineer collaborates with threat intelligence, incident response, and engineering teams to strengthen detection capabilities and improve response workflows.


You will be using the cutting-edge technologies to move the cyber security posture of our customers to the next level.





Responsibilities:

Incident Handling & Response




* Triage and investigate escalated security events from SOC L1 Analysts.

* Perform in-depth analysis of logs, malware, network traffic, and endpoint artifacts.

* Lead containment, eradication, and recovery actions during security incidents.

* Document incident timelines, root cause analysis, and lessons learned.






Threat Detection & Analysis




* Analyze alerts generated by SIEM, EDR, NDR, and other security tools.

* Perform threat hunting activities based on IOCs, TTPs, and emerging threats.

* Develop and tune detection rules (e.g., SIEM correlation rules, YARA, Sigma).





Tool and Process Optimization



* Work with the SOC engineering team to enhance monitoring use cases.

* Recommend improvements to SOC playbooks, detection logic, and response workflows.

* Collaborate on automation opportunities using SOAR tools.






Collaboration & Mentoring




* Guide and mentor L1 Analysts in investigations, procedures, and escalation handling.

* Participate in tabletop exercises and red/blue team activities.

* Interface with IT, network, and business teams during incident resolution.

Experience with and knowledge:



* Bachelor's degree in computer science, engineering, or relevant work experience.

* 4+ Years of experience implementing and managing security architectures and solutions.
* Strong knowledge of SIEM platforms (e.g., Splunk, QRadar, Trellix, Sentinel).

* Proficient in analyzing logs from firewalls, proxies, endpoints, and servers.

* Experience with EDR/XDR tools (e.g., CrowdStrike, Trellix, SentinelOne).

* Understanding of MITRE ATT&CK framework, kill chain, and threat modeling.

* Basic scripting for automation (Python, PowerShell, Bash) is a plus.

* Incident handling and forensic investigation experience.

* Knowledge of malware behavior, process injection, lateral movement, privilege escalation.