SOC L2 Engineer

Description:

Company description:

Omniaccess is leading Managed Security Service Provider (MSSP) specialized in delivering advanced cybersecurity solutions to the maritime industry. With a global footprint and 24/7 operations, we protect over 1,800 vessels worldwide, offering centralized monitoring, threat detection, incident response, and compliance support tailored to the unique challenges of the maritime environment. Our services are designed to secure vessel operations, onboard systems, and critical infrastructure, ensuring business continuity and resilience against evolving cyber threats.

Our team is composed of passionate cybersecurity professionals dedicated to innovation, operational excellence, and customer success. As a trusted partner to shipowners, operators, and maritime technology providers, we combine deep sector expertise with state-of-the-art tools and processes to deliver reliable, efficient, and scalable managed security services. Joining us means being part of a mission-driven organization that plays a key role in safeguarding global maritime operations.

Description of functions:

The SOC L2 Engineer is responsible for advanced threat detection, incident response, and security monitoring activities. This position acts as the escalation point for SOC L1 Analysts and plays a key role in investigating and containing cybersecurity threats in real-time. The engineer collaborates with threat intelligence, incident response, and engineering teams to strengthen detection capabilities and improve response workflows.

You will be using the cutting-edge technologies to move the cyber security posture of our customers to the next level.

Responsibilities:

Incident Handling & Response

• Triage and investigate escalated security events from SOC L1 Analysts.
• Perform in-depth analysis of logs, malware, network traffic, and endpoint artifacts.
• Lead containment, eradication, and recovery actions during security incidents.
• Document incident timelines, root cause analysis, and lessons learned.

Threat Detection & Analysis

• Analyze alerts generated by SIEM, EDR, NDR, and other security tools.
• Perform threat hunting activities based on IOCs, TTPs, and emerging threats.
• Develop and tune detection rules (e.g., SIEM correlation rules, YARA, Sigma).

Tool and Process Optimization

• Work with the SOC engineering team to enhance monitoring use cases.
• Recommend improvements to SOC playbooks, detection logic, and response workflows.
• Collaborate on automation opportunities using SOAR tools.

Collaboration & Mentoring

• Guide and mentor L1 Analysts in investigations, procedures, and escalation handling.
• Participate in tabletop exercises and red/blue team activities.
• Interface with IT, network, and business teams during incident resolution.

Requirements:

Experience with and knowledge:

• Bachelor's degree in computer science, engineering, or relevant work experience.
• 4+ Years of experience implementing and managing security architectures and solutions.
• Strong knowledge of SIEM platforms (e.g., Splunk, QRadar, Trellix, Sentinel).
• Proficient in analyzing logs from firewalls, proxies, endpoints, and servers.
• Experience with EDR/XDR tools (e.g., CrowdStrike, Trellix, SentinelOne).
• Understanding of MITRE ATT&CK framework, kill chain, and threat modeling.
• Basic scripting for automation (Python, PowerShell, Bash) is a plus.
• Incident handling and forensic investigation experience.
• Knowledge of malware behavior, process injection, lateral movement, privilege escalation.
• Familiarity with TCP/IP, DNS, HTTP/S, email protocols, and common attack vectors.
• An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative, and actionable manner.
• Excellent written and spoken English communication.

Important to be available:

• Travel needs: Up to 20%
• Availability to do on - calls

What we offer:

• Full-time employment contract.
• Annual performance bonus based on individual and company achievements.
• Medical insurance.
• A dynamic and friendly work environment with a focus on learning and development.
• A culture that values open communication, innovation, and teamwork.
• Opportunities for continuous training and professional growth.
• Work with an international team in a diverse, inclusive environment.
• Office based in the vibrant Technology Business Park in Palma, Spain.

OmniAccess, as part of the Marlink Group, is an equal opportunity employer determined to build a diverse and inclusive workplace. We are committed to ensuring that all individuals are treated with dignity and respect, and that everyone—regardless of race, ethnicity, gender, gender identity or expression, sexual orientation, age, religion, disability, or any other legally protected status—has fair and equal access to opportunities for growth, development, and success.

We are also dedicated to upholding fairness and objectivity throughout our recruitment process. All hiring decisions are based solely on qualifications, relevant experience, and alignment with the requirements of the role, ensuring a transparent and merit-based selection for every candidate.