**Introduction** This role will be performed locally in client´s premises. This will be performed by dedicated analysts on an 16x5 basis with stand by coverage for high severity incidents. These are dedicated resources to CEMEX, that follow agreed playbooks by CEMEX and IBM. **Your role and responsibilities** T2 Investigation Analyst Responsibilities include, but may not be limited to, the following: · Validate escalated offenses from T1, applying manual enrichment and context from CEMEX’s Security controls such and AV consoles, Firewall consoles, etc. in order to determine if the offense are truly security incidents or false positives. · Execute pre agreed investigation and response playbooks associated with the offense. · Perform impact analysis of the incident. · Recommend playbook changes when needed. · Support investigations and analysis requested by T1 and incident management teams. · Provide feedback to IBM MSS Global SOC teams, including T1 and SCE, on the escalated cases in order to allow offense analysis and escalation optimization for future cases. · Escalate validated offenses to Incident management, according to the stablished process and providing the appropriate recommendations in order to provide further details or containment actions. **Required technical and professional expertise** Details of qualifications and essential skills: · CCNA or equivalent. · CompTIA CySa+ (Cybersecurity Analyst) or equivalent. · IBM Certified Associate Administrator - Security QRadar SIEM. · IBM Certified SOC Analyst. CISSP certificaton or equivalent · CEH or equivalent. · Analytical Thinking. Knowledge of network security. Preferred Professional and Technical Expertise **Preferred technical and professional experience** 3+ years of experience managing cybersecurity incident investigations. Required Education Bachelor's Degree Preferred Education Bachelor's Degree