L3 SOC Analyst / Incident Responder
L3 SOC Analyst / Incident Responder
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
We are looking for an experienced L3 SOC Analyst / Incident Responder to join our cybersecurity this role you will be responsible for leading advanced threat detection incident response activities and driving the continuous improvement of our security operations. You will be a key player in protecting our clients digital assets from sophisticated cyber threats.
Key Responsibilities:
Advanced Threat Detection: Monitor and analyze security events from various sources including SIEM EDR NDR firewalls and other protection systems. Identify and respond to advanced persistent threats (APTs) and complex security incidents.
Incident Response: Lead incident response efforts including investigation containment eradication and recovery. Coordinate with other teams to manage and mitigate security incidents ensuring minimal impact on business operations.
Forensics and Analysis: Perform in-depth forensic analysis on compromised systems including malware analysis network traffic analysis and log analysis. Document findings and provide detailed incident reports.
Threat Hunting: Proactively hunt for hidden threats in the network using threat intelligence behavioral analysis and anomaly detection techniques. Identify and mitigate potential security risks before they escalate.
Security Improvements: Collaborate with the SOC team to continuously improve detection capabilities including tuning and optimizing SIEM rules developing custom scripts and integrating new tools and technologies.
Training and Mentorship: Provide guidance and mentorship to junior SOC analysts (L1/L2) sharing knowledge and best practices for incident response and threat detection.
Post-Incident Reporting: Prepare detailed post-incident reports that include root cause analysis impact assessments and recommendations for future prevention measures. Communicate findings to senior management and relevant stakeholders.
Incident Playbooks: Develop and maintain incident response playbooks ensuring they are up-to-date and aligned with the latest threat landscape and industry best practices.
Collaboration: Work closely with other IT and security teams including vulnerability management IT operations and network security to strengthen the organizations overall security posture.
Qualifications :
Experience:
- 5 years of experience in a SOC environment with a focus on incident response and advanced threat detection.
- Proven track record of handling complex security incidents and conducting forensic investigations.
Technical Skills:
- Expertise in SIEM platforms (e.g. Splunk QRadar) IDS/IPS firewalls and endpoint detection and response (EDR) tools.
- Proficiency in scripting languages (e.g. Python PowerShell) for automation and custom detection use cases.
- Strong understanding of network protocols malware analysis and cybersecurity frameworks (e.g. MITRE ATT&CK NIST).
- Experience with threat hunting techniques and tools as well as familiarity with threat intelligence platforms.
Soft Skills:
- Excellent problem-solving skills and the ability to work under pressure during high-stress incidents.
- Strong communication skills capable of explaining technical issues to both technical and non-technical stakeholders.
- A proactive mindset with a passion for staying current with the latest cybersecurity trends and threats.
Education:
- Bachelors degree in Computer Science Information Security or a related field is preferred.
Remote Work :
No
Employment Type
Full Time
