Syntax is a leading Managed Cloud Provider for Mission Critical Enterprise Applications and has been providing comprehensive technology solutions to businesses of all sizes since 1972. Syntax has undisputed strength to implement and manage ERP deployments (Oracle, SAP) in a secure and resilient private, public or hybrid cloud. With strong technical and functional consulting services, and world-class monitoring and automation, Syntax serves some of North America’s largest corporations across a diverse range of industries. Syntax has offices worldwide, and partners with Oracle, SAP, AWS, Microsoft, IBM and other global technology leaders.
Security Operations Analyst 2
About the Role
We are seeking a motivated and experienced Security Analyst 2 to join our growing Cybersecurity Operations team. This role is ideal for a mid-level analyst who thrives in a fast-paced environment and is passionate about improving detection capabilities, mentoring junior analysts, and fine-tuning security tools and processes.
As a Security Analyst 2, you will play a critical role in managing security alerts, responding to high-priority incidents, and contributing to the continuous improvement of our security operations. You will also have the opportunity to specialize in areas such as Endpoint Detection and Response (EDR), Security Information and Event Management (SIEM), or remain a Generalist with a focus on analysis.
Key Responsibilities
-
Monitor and manage the security alert queue during assigned shifts, ensuring timely triage and response.
-
Investigate and respond to critical and high-priority tickets in accordance with established Standard Operating Procedures (SOPs).
-
Collaborate with senior team members to build and tune detections, refine EDR policies, and optimize alerting mechanisms.
-
Provide mentorship and guidance to Junior Security Analysts, helping them grow their technical and analytical skills.
-
Contribute to the continuous improvement of incident response workflows, documentation, and playbooks.
-
Participate as one of the primary responders during Incident Response and post-incident reviews, ensuring lessons learned are captured and applied.
-
Assist in the development and maintenance of security metrics and reporting.
Potential Specializations
While this role starts with a generalist focus, candidates may grow into one or more of the following specialization tracks:
-
Generalist (Analysis): Broad focus on alert triage, incident response, and threat hunting.
-
Detection Engineering: performing deeper investigations and automating processes to assist with alerting.
-
EDR (Endpoint Detection and Response): Focus on endpoint telemetry, policy tuning, and threat containment.
-
SIEM (Security Information and Event Management): Develop and tune correlation rules, dashboards, and log ingestion pipelines.
Qualifications
Required:
-
2–4 years of experience in a SOC or cybersecurity operations role.
-
Strong understanding of security principles, threat detection, and incident response.
-
Experience with EDR platforms (e.g., CrowdStrike, SentinelOne, Microsoft Defender).
-
Familiarity with SIEM tools (e.g., Splunk, Sentinel, QRadar).
-
Ability to analyze logs, alerts, and network traffic to identify malicious activity.
-
Excellent communication and documentation skills.
Preferred:
-
Experience mentoring or training junior team members.
-
Scripting or automation experience (e.g., Python, PowerShell).
-
Relevant certifications (e.g., Security+, CySA+, GCIA, GCIH, or equivalent).
-
Good English written and spoken level is required as working in an international team. Documentation and meetings are done in English.
Why Syntax?
Become a part of our success story and work in a company with exciting innovation projects that are causing a stir across the industry. We recently launched one of the world's most advanced manufacturing facilities based on SAP S/4HANA Cloud and SAP Digital Manufacturing Cloud for Execution - for Smart Press Shop, a pioneering joint venture between Porsche and forming specialist Schuler.
- Competitive, above-average compensation
- Global tourist: With us, you can also work from abroad from time to time
- Flexible working time models, home office
- Attractive benefits, e.g. company pension scheme or various health offers
- A modern environment in which the "you" is part of it
- Open feedback culture, flat hierarchies and a motivated team
- Individual career planning with continuous training and coaching on the job
You see a personal challenge in this responsible task? Apply now - and become part of the SYNTAX team!
