Incident Responder - L3

Job Overview :

As an SQ1 Security Cyber Defense Incident Responder within the Global Cybersecurity Operations Center (CSOC), you will serve as a key technical expert responsible for managing and responding to advanced cyber threats, performing detailed investigations, and strengthening the customer’s overall security posture. This role blends hands-on technical expertise with mentoring responsibilities, focusing on effective threat detection, incident response, and the continuous enhancement of SOC capabilities.

Key Responsibilities :

• Lead investigations into escalated security incidents, providing detailed analysis, containment, and remediation strategies.
• Perform advanced malware analysis, reverse engineering, and develop custom detection signatures to enhance threat visibility.
• Integrate global threat intelligence into SOC operations to proactively identify and mitigate emerging attack techniques.
• Manage and optimize SIEM platforms (e.g., Wazuh, Elastic Search, Datadog, Splunk, QRadar, Microsoft Sentinel) for effective log correlation and alerting.
• Develop and maintain SOC use cases, playbooks, and runbooks to standardize and strengthen incident response processes.
• Mentor and guide junior analysts, fostering knowledge sharing and skill development within the SOC team.
• Stay up to date with the latest cybersecurity trends, threats, and technologies to continuously evolve detection and response strategies.

Required Skills / Technologies / Tools :

Good to have Technologies / Tools

Certifications : GCIH or CREST Incident response certifications , or other relevant security credentials.