SOC Tier 3 Analysts

We are seeking a highly skilled SOC Tier 3 Analyst to join our Cybersecurity Operations Center. As a Tier 3 analyst, you will be the last line of defense in threat detection, incident response, and advanced threat hunting. You will lead investigations into sophisticated cyber threats, provide mentorship to Tier 1 & 2 analysts, and play a key role in strengthening our overall security posture.

Key Responsibilities

• Act as the escalation point for complex security incidents and alerts.
• Lead advanced incident response and forensic investigations across endpoints, networks, and cloud environments.
• Perform proactive threat hunting using SIEM, EDR, and threat intelligence feeds.
• Develop and fine-tune detection rules, correlation logic, and playbooks for SIEM/SOAR platforms.
• Collaborate with threat intelligence teams to integrate global threat insights into monitoring and response strategies.
• Provide guidance and mentorship to Tier 1 & Tier 2 analysts, improving overall SOC capabilities.
• Create and deliver detailed incident reports and recommendations to stakeholders.
• Participate in red/blue/purple team exercises and continuous improvement of SOC processes.
  
  

Qualifications

• 5+ years of experience in Security Operations Center (SOC), Incident Response, or Cyber Defense.
• Strong expertise with SIEM (Splunk, QRadar, Elastic, Sentinel, etc.), EDR tools (CrowdStrike, Carbon Black, SentinelOne, etc.), and SOAR automation.
• In-depth knowledge of network protocols, log analysis, malware analysis, and threat intelligence frameworks (MITRE ATT&CK, Cyber Kill Chain, etc.).
• Hands-on experience in incident response, digital forensics, and threat hunting.
• Familiarity with cloud security (AWS, Azure, GCP) and containerized environments.
• Strong understanding of adversary tactics, techniques, and procedures (TTPs).
• Relevant certifications are a plus: GCIA, GCIH, GCFA, CISSP, CCSP, or similar.