SOC Analyst - Level 3

We are seeking a highly skilled SOC Analyst Level 3 to lead incident response, triage, and remediation while supporting the SOC Manager in enhancing overall security operations capabilities. This role serves as a technical lead within the Security Operations Center, overseeing escalated incidents, developing response strategies, optimizing detection rules, and mentoring junior analysts.

Key Responsibilities:

• Triage and respond to escalated incidents from L1/L2 analysts, identifying business risks.

• Perform deep log and threat analysis across multiple sources using frameworks like MITRE ATT&CK and SANS.

• Tune and improve SIEM/SOAR configurations and detection capabilities (e.g., Microsoft Sentinel, Defender).

• Develop and maintain incident response playbooks and automation recommendations.

• Act as the SME for complex investigations, supporting and training analysts, and leading incident response coordination.

• Monitor evolving threat landscapes, improve SOC processes, and drive cloud and endpoint security initiatives.

• Participate in client onboarding and ensure smooth transitions into SOC monitoring services.

Qualifications:

• 57 years of experience in SOC, cyber, or IT security roles.

• Strong technical expertise in SIEM, SOAR, endpoint detection, and malware analysis.

• Hands-on experience with tools like Microsoft Sentinel, Defender, and CSPM/CWP solutions.

• Security certifications such as CISSP, CISM, GIAC, CompTIA CySA+, or equivalent required.

• Proven leadership in mentoring, team development, and stakeholder communication.

• Knowledge of cloud security (Azure, AWS, or GCP) is a strong asset.

This role offers the opportunity to lead advanced incident response efforts and shape the evolution of SOC capabilities in a fast-paced, security-focused environment.