Intras Cloud Services
NBA Finals at Cosm Dallas · June 5Request your spot
NBA Finals at Cosm Dallas · June 5Request your spot
Global Support Operations

GSOC Analyst LVL 2 - Buenos Aires - Argentina

Buenos Aires, Argentina - 1241, Buenos Aires, ArgentinaFull time

Intras Cloud Services is seeking a skilled and proactive GSOC Analyst Level 2 to serve as a senior escalation resource within our Global Security Operations Center. In this role, you will investigate complex security incidents, perform threat hunting, and drive response efforts across our Microsoft 365 and Azure cloud environments. You will mentor and support Level 1 analysts, ensuring timely and accurate escalation handling while continuously improving our security posture. This is a hands-on technical role for a cybersecurity professional with a strong cloud security foundation and experience leveraging AI-assisted tools to detect, analyze, and mitigate modern threats.

Key Responsibilities

Act as the primary escalation point for GSOC Level 1 analysts, triaging complex or high-severity alerts and guiding analysts through investigation workflows. Lead end-to-end incident response activities, including detection, containment, eradication, recovery, and post-incident review documentation. Conduct proactive threat hunting across Microsoft Sentinel, Defender XDR, and connected log sources to identify indicators of compromise (IOCs) and attacker TTPs. Develop, tune, and maintain SIEM detection rules, analytic queries (KQL), and alert logic to reduce false positives and improve signal fidelity. Monitor and investigate security events across Microsoft 365 environments, including Defender for Office 365, Purview, and the Microsoft Compliance Center. Administer and analyze alerts from Azure Security Center (Microsoft Defender for Cloud), Azure AD / Entra ID, and related Azure services. Leverage AI-assisted security tools — including Microsoft Copilot for Security — to accelerate threat analysis, investigation summaries, and recommended remediation steps. Perform vulnerability assessments and coordinate remediation efforts with IT and infrastructure teams, tracking findings to resolution. Author detailed incident reports, runbooks, and standard operating procedures (SOPs) to improve team documentation and knowledge transfer. Collaborate cross-functionally with IT, cloud engineering, and compliance teams to implement security controls and enforce policy. Support the continuous improvement of GSOC processes, playbooks, and automation workflows to increase team efficiency and response speed. Stay current on emerging threat intelligence, CVEs, attack campaigns, and adversary techniques relevant to cloud and Microsoft environments.

Requirements

Minimum 3–5 years of hands-on IT or cybersecurity experience, including at least 2 years in a security operations or incident response capacity. Demonstrated experience working within Microsoft 365 and Azure environments in a security-focused role. Prior experience as a GSOC / SOC Analyst Level 1 or equivalent, with a track record of handling escalated security events.

Preferred Qualifications

Experience with Microsoft Copilot for Security or other AI-driven security investigation tools. Familiarity with SOAR platforms and building automated playbooks in Microsoft Sentinel or Defender XDR. Knowledge of cloud-native security frameworks (e.g., MITRE ATT&CK, CIS Controls, NIST CSF). Prior experience in an MSSP or managed cloud security environment. Exposure to data loss prevention (DLP), insider threat monitoring, or eDiscovery workflows in Microsoft Purview. Scripting or automation experience (PowerShell, KQL, Python) for log analysis or tool integration. Soft Skills Strong analytical and critical thinking skills with the ability to assess complex, ambiguous situations under pressure. Clear and concise written and verbal communication — able to translate technical findings for both technical peers and non-technical stakeholders. Collaborative team player who actively supports Level 1 analysts through coaching and knowledge sharing. High degree of ownership and accountability — follows incidents through to resolution without drop-off. Adaptability and continuous learning mindset in a fast-evolving threat landscape. Strong attention to detail and disciplined documentation habits. Effective time management and prioritization across multiple concurrent incidents. Work Environment / Additional Information Location: Hybrid — availability to attend our offices at least once a week. Schedule: May include rotational shift coverage (including evenings, weekends, or holidays) to support 24/7 GSOC operations. On-Call: Periodic on-call rotation for high-severity incident escalation.

See all open roles

Not quite the right fit?

Browse all open roles — or send a general interest application and we'll reach out when a match opens up.

See All Open RolesTalk to ICS