SOC Analyst L3

Job Description :

Minimum 5+ years of experience

Use Case Development : Knowledge of organizational risks and threats to design relevant and effective detection rules.

Log Sources : Understanding log formats, sources, and parsing for accurate data utilization in use cases.

SIEM and Analytics Tools : Familiarity with platforms like Securonix, Sentinel, or Splunk to implement and monitor use cases.

Alert Logic : Ability to define thresholds, logic, and conditions to reduce false positives and improve detection accuracy.

Incident Response Needs : Awareness of incident response workflows to align use cases with actionable intelligence.

Performance Metrics : Skills to create and optimize KPI / KRI reports to track detection and response performance.

Fine-Tuning Methodology : Experience in analyzing alert data to refine use cases and adjust logic periodically. Detect and respond to company-wide security incidents, coordinating cross-functional teams to mitigate and eradicate threats.

Incident response lead for high impact cyber security incidents

Triage events, escalations and incidents to determine remediation and resolution actions

Coordinate appropriate response activities across teams or directly with stakeholders to rapidly remediate potential threats

Develop playbooks to improve processes and information sharing across teams

Initiative and project-related support to provide Security Operations and Incident Response perspective and subject matter expertise

Contribute technical and process improvements within the team

Participate in current operations, on call rotation. Which includes some after-hours responsibilities and escalations

Show more

Show less

Skills Required

performance metrics