Enable job alerts via email!

L3 SOC Analyst

Excelerate

Reading

On-site

USD 75,000 - 100,000

Full time

5 days ago

Be an early applicant

Boost your interview chances

Create a job specific, tailored resume for higher success rate.

Job summary

Join a leading Cyber Defence Operations Team as a Level 3 SOC Analyst in Reading. You will safeguard against global cyber threats, mentor junior analysts, and enhance security capabilities. This role offers the chance to work with advanced security tools and collaborate with global teams, making a significant impact on cyber security operations.

Qualifications

4+ years of experience in SOC analysis and incident response.
Deep knowledge of IPv4/IPv6 and TCP networking protocols.
Proficiency in scripting and query optimization.

Responsibilities

Handle escalated security incidents and lead forensic analysis.
Conduct detailed analysis of security events and lead reporting.
Mentor team members and enhance incident response processes.

Skills

Security Analysis

Incident Response

Mentorship

Threat Hunting

Tools

SIEM

EDR

Linux

Windows

SOAR

AWS

Azure

1 week ago Be among the first 25 applicants

Get AI-powered advice on this job and more exclusive features.

Direct message the job poster from Excelerate

Offering a Technical Recruitment Partnership

Join a Leading Cyber Defence Operations Team and help safeguard against global cyber risks!

Location: Reading - 2 Days a week on site

Employment Type: Permanent

The Cyber Defence Operations team is responsible for protecting customers against cyber threats worldwide. The team’s mission is to enhance the global cyber defence posture and reduce cyber risks through operational leadership and capabilities. We’re looking for a Level 3 SOC Analyst to join our client's team, offering expertise in security analysis and incident response to help drive the success of their Cyber Security Operations Center (CSOC).

In this role, you will investigate and validate potential security threats, utilising a range of security tools and products. As a Senior Analyst, you will also work to mentor and uplift analyst skills and act as a key escalation point. The role will involve collaborating with global security teams, including CERT and Incident Management, to enhance overall security capabilities.

Key Responsibilities:

Advanced Incident Response: Handle escalated security incidents that L1 and L2 analysts cannot resolve, such as sophisticated malware infections, APTs, and complex intrusions. Lead forensic analysis and threat hunting efforts to ensure rapid containment and recovery.
Security Analysis and Root Cause Analysis: Conduct detailed analysis of security events to address current cyber threats. Participate in or lead security event analysis activities.
Security Reporting and Advisories: Contribute to or lead the delivery of cyber security reports and advisories to key stakeholders.
Residual Risk Assessment: Deliver post-incident analysis, technical lessons learned, and reporting to assess residual risk.
Advanced SIEM Tuning: Refine and tune SIEM tools to reduce false positives and detect more sophisticated threats, ensuring optimal alert configurations.
Automating Response Actions: Develop and improve SOAR playbooks to automate repetitive tasks and enhance the incident response process.
Collaboration: Work closely with onshore teams to fine-tune alert volumes and contribute ideas for operational improvement.
Threat Response: Engage in threat hunting from a blue team perspective, identifying potential threat group activity.
Mentorship & Leadership: Mentor and encourage team members to create sustainable knowledge bases, playbooks, processes, and procedures.

Key Requirements:

4+ years of experience in SOC analysis, security event analysis, and incident response (Level 2 or above).
Extensive hands-on experience in security event analysis and incident response.
Deep knowledge of IPv4/IPv6, TCP networking protocols, and the OSI model.
Expertise in security tools: SIEM (ArcSight, Sentinel, QRadar, Splunk), EDR (Microsoft Defender, FireEye), IDS/IPS, firewalls, proxies, web application firewalls, and anti-virus technologies.
Strong knowledge of Linux and Windows operating systems.
Familiarity with SOAR technologies (e.g., IBM Resilient, Splunk Phantom, SIEMplify) and cloud platforms (e.g., AWS, Azure, O365).
Experience investigating intrusions in Linux and cloud environments.
Proficiency in scripting, regular expression development, and query optimization (e.g., Kusto, SQL).

If you’re ready to step up your career in a dynamic and global environment, apply today to join a growing Cyber Defence Operations team and make an impact on the future of cyber security!

Seniority level

Seniority level
Mid-Senior level

Employment type

Employment type
Full-time

Job function

Job function
Information Technology
Industries
Computer and Network Security

Referrals increase your chances of interviewing at Excelerate by 2x

Reading, England, United Kingdom 1 month ago

Reading, England, United Kingdom 2 weeks ago

Reading, England, United Kingdom 4 days ago

Reading, England, United Kingdom 2 weeks ago

Reading, England, United Kingdom 4 days ago

Reading, England, United Kingdom $75,000.00-$100,000.00 2 weeks ago

Service Engineer - Fire & Security Systems

Reading, England, United Kingdom 1 hour ago

Customer Relationship Manager - Cyber Security