SOC Analyst (Layer 3)

About the Role

We are seeking a highly skilled SOC Analyst - Layer 3 (Senior Level) to join our Cyber Security team. This role is critical in leading security forensics, advanced threat detection, incident response, and proactive security operations. As a senior member of the SOC team, you will handle complex security incidents, guide junior analysts, and collaborate with cross-functional teams to strengthen our overall cybersecurity posture.

Key Responsibilities

• Act as the final escalation point for security incidents within the SOC.

• Conduct advanced threat hunting and forensic investigations across endpoints, networks, and cloud environments.

• Develop, tune, and optimize SIEM rules, detection use cases, and response playbooks.

• Lead incident response efforts, including containment, eradication, and recovery.

• Perform root cause analysis and deliver post-incident reports with actionable recommendations.

• Collaborate with threat intelligence teams to correlate indicators of compromise (IOCs), behaviour indicator of compromise (BIOCs) and emerging attack vectors.

• Mentor and provide guidance to Tier 1 and Tier 2 SOC analysts.

• Assist in the design and implementation of new security monitoring tools and technologies.

• Ensure compliance with security frameworks, standards, and policies.

Qualifications

Required:

• 5+ years of experience in Security Operations, Incident Response, or Digital Forensics.

• Deep expertise in network security, endpoint detection & response (EDR), extended detection & response (XDR), malware analysis, and SIEM platforms (e.g., Splunk, QRadar, Sentinel, or equivalent).

• Strong knowledge of MITRE ATT&CK framework, threat intelligence, and adversary tactics/techniques.

• Experience with packet analysis tools (Wireshark, Zeek), log analysis, and sandboxing technologies.

• Hands-on experience with firewalls, IDS/IPS, SOAR platforms, and vulnerability management tools.

• Proficiency in scripting languages (Python, PowerShell, Bash) for automation and threat analysis.

Preferred:

• Relevant certifications: CSA, ECIH, ECHFI, GCIA, GCFA, GCIH, GNFA, CISSP, OSCP, or equivalent.

• Experience in cloud security monitoring (AWS, Azure, GCP).

• Previous experience in a 24/7 SOC environment.

Soft Skills

• Excellent problem-solving, analytical, and decision-making skills.

• Ability to work under pressure during high-severity incidents.

• Strong communication skills for technical and non-technical audiences.

• Leadership and mentoring abilities for SOC team growth.