SOC Analyst (Layer 3)

We are seeking a highly skilled SOC Analyst - Layer 3 (Senior Level) to join our Cyber Security team. This role is critical in leading security forensics, advanced threat detection, incident response, and proactive security operations. As a senior member of the SOC team, you will handle complex security incidents, guide junior analysts, and collaborate with cross-functional teams to strengthen our overall cybersecurity posture.

• Act as the final escalation point for security incidents within the SOC.
• Conduct advanced threat hunting and forensic investigations across endpoints, networks, and cloud environments.
• Develop, tune, and optimize SIEM rules, detection use cases, and response playbooks.
• Lead incident response efforts, including containment, eradication, and recovery.
• Perform root cause analysis and deliver post-incident reports with actionable recommendations.
• Collaborate with threat intelligence teams to correlate indicators of compromise (IOCs), behaviour indicator of compromise (BIOCs) and emerging attack vectors.
• Mentor and provide guidance to Tier 1 and Tier 2 SOC analysts.
• Assist in the design and implementation of new security monitoring tools and technologies.
• Ensure compliance with security frameworks, standards, and policies.

Required:

• 5+ years of experience in Security Operations, Incident Response, or Digital Forensics.
• Deep expertise in network security, endpoint detection & response (EDR), extended detection & response (XDR), malware analysis, and SIEM platforms (e.g., Splunk, QRadar, Sentinel, or equivalent).
• Strong knowledge of MITRE ATT&CK framework, threat intelligence, and adversary tactics/techniques.
• Experience with packet analysis tools (Wireshark, Zeek), log analysis, and sandboxing technologies.
• Hands-on experience with firewalls, IDS/IPS, SOAR platforms, and vulnerability management tools.
• Proficiency in scripting languages (Python, PowerShell, Bash) for automation and threat analysis.

Preferred:

• Relevant certifications: CSA, ECIH, ECHFI, GCIA, GCFA, GCIH, GNFA, CISSP, OSCP, or equivalent.
• Experience in cloud security monitoring (AWS, Azure, GCP).
• Previous experience in a 24/7 SOC environment.

• Excellent problem-solving, analytical, and decision-making skills.
• Ability to work under pressure during high-severity incidents.
• Strong communication skills for technical and non-technical audiences.
• Leadership and mentoring abilities for SOC team growth.

• Competitive salary and performance-based incentives.
• Continuous learning opportunities and sponsorship for advanced certifications.
• Access to cutting-edge SOC tools and technologies.
• Inclusive and collaborative work culture.
• Opportunities for career advancement in cybersecurity.