SOC L3

SOC L3 Engineer

Experience

10+ years of deep technical and strategic experience in Cyber Security.

Availability 8x5 Onsite (Business Days) with On-Call service outside business hours.

Core Mandate

Strategic threat analysis, content strategy, and advanced Digital Forensics and Incident Response (DFIR) guidance.
Key Responsibilities:

• Provide the highest level of technical expertise and guidance during complex and critical security incidents (DFIR).
• Determine the timeline of the intrusion and the ** initial method of compromise** for significant incidents.
• Analyze security reports to understand threat campaign techniques and translate them into applicable use cases, lateral movement rules, and extract Indicators of Compromise (IOCs).
• Develop comprehensive guides for mitigation actions in the Customer environment, considering effect, permission, and limitation of each measure.
• Describe the overall attack methodology and categorize incidents for correct escalation procedures.
• Communicate and coordinate cross-functional incident response efforts at a strategic level.
• Serve as the final escalation point for L2 technical challenges and content creation.

Required Skills:

• Mastery of DFIR processes, toolsets, and methodologies.
• Expertise in threat intelligence integration and threat modeling.
• Strong leadership and strategic communication skills.
• Certifications
• * (ISC)² Certified Information Systems Security Professional (CISSP) (Premier certification for designing, implementing, and managing security programs).

* GIAC Certified Forensic Analyst (GCFA) (Deep expertise in forensic investigation and root cause analysis).
* GIAC Certified Enterprise Defender (GCED) (Focus on advanced security essentials).
* Certified Information Security Manager (CISM) (If the role includes management/governance responsibilities).
* GIAC Penetration Tester (GPEN) or Offensive Security Certified Professional (OSCP) (A red-team background is invaluable for threat hunting).
* Cloud Certifications (e.g., Certified Cloud Security Professional (CCSP)).
* Vendor-Specific Certs: Microsoft Sentinel Certified, IBM Certified SOC Analyst – QRadar SIEM or other specific SIEM/tool training, Qualys Vulnerability Tool.

Job Type: Full-time

Ability to commute/relocate:

• Dubai: Reliably commute or planning to relocate before starting work (Required)

Application Question(s):

• what is your current salary?
• what is your expected salary?
• what is your notice period?

Education:

• Bachelor's (Preferred)

Experience:

• SOC L3: 10 years (Required)