Senior Security Analyst

Overview

The Security Analyst (Level 3) serves as the senior escalation point within the Security Operations Centre (SOC). This role is responsible for advanced incident detection, analysis, containment, and response activities. The L3 Analyst provides technical guidance to junior analysts (L1 & L2), leads threat-hunting initiatives, and contributes to the continuous improvement of SOC processes, detection capabilities, and security posture across clients.

Lead the investigation and resolution of high-severity cybersecurity incidents and advanced threats.

Perform deep-dive analysis of malware, phishing campaigns, and intrusion attempts.

Coordinate incident response efforts with internal teams and external stakeholders.

Prepare detailed incident reports, root cause analyses, and post-incident reviews.

Conduct proactive threat-hunting activities using SIEM, EDR, and threat intelligence feeds.

Identify and mitigate emerging threats and vulnerabilities affecting client environments.

Correlate threat intelligence data with SOC alerts to identify false positives and refine detection rules.

SOC Operations & Process Improvement

• Review and fine-tune security event correlation rules and use cases within SIEM platforms.
• Support automation and playbook development to enhance SOC efficiency.
• Provide mentorship, guidance, and technical support to L1 and L2 analysts.
• Participate in the creation and enforcement of SOC standard operating procedures (SOPs).
• Prepare periodic reports on threat trends, incident metrics, and SOC performance.
• Collaborate with the engineering and threat intelligence teams to enhance detection coverage.
• Recommend and implement improvements in tools, processes, and incident response frameworks.

Education & Certifications

Experience

Skills

#J-18808-Ljbffr