SOC Analyst L3

**Position Overview**:
As a SOC Analyst at Level 3, within malomatia’s Security Operations Centre (SOC), your role is to provide advanced threat detection, incident response, and security monitoring services to protect organizational assets from cyber threats. You will be responsible for conducting in-depth analysis of security alerts and events, identifying potential security incidents, and executing response procedures to mitigate risks effectively. Your duties include monitoring security systems and tools, investigating security breaches or anomalies, and coordinating with internal teams and external stakeholders to resolve incidents promptly. Additionally, you will contribute to the enhancement of SOC processes, documentation, and automation capabilities, leveraging your expertise to improve incident detection and response efficiency. Overall, as a Level 3 SOC Analyst, you play a critical role in maintaining the security posture of the organization, detecting and responding to advanced threats, and continuously improving SOC operations to adapt to evolving cyber threats.

**Detailed Roles & Responsibilities**:
***The SOC Analyst L3 is primary responsible for the technical activities, working on improve the posture of the SOC, providing assistance and insight to L1, L2, L3 and team leaders as required**
- Provide guidance and oversight to SOC operations in different teams during daily activities and assist them in executing their tasks effectively.
- Conduct investigations of potential incident/breaches raised by L2 and assists different teams in their analysis, if needed.
- Manage SOC best practices and provide consultations for improvement to the Department Lead.
- Stay informed by the current threat landscape and propose improvements.
- Suggest and implement new detections detection rules in SIEM and EDR based on emerging threats.
- Read and consumes intelligence reports from various threat intelligence sources.
- Stay updated with information security policies, process and procedures and abides by them.
- Support L2 function in case no L2 replacement is available within a team.
- Communicate with stakeholders (vendors, other departments etc) to raise issues in case there is a problem in the system which includes but not limited to: dropped logs, system not functional, bugs etc.

**Education**
- A bachelor's degree in computer science, information technology, cybersecurity, or a related field is often required.
- SOC L3 Analyst is expected to have one or more of the following certifications
- Certified Information Systems Security Professional (CISSP)
- Certified Ethical Hacker (CEH)
- CompTIA Security+
- GIAC Certified Incident Handler (GCIH)
- GIAC Certified Intrusion Analyst (GCIA)
- Offensive Security Certified Professional (OSCP)
- Cisco Certified CyberOps Associate (CCNA CyberOps)

**Experience & Skills**
- 5-7 years of experience as L3 SOC Analyst
- SOC L3 Analyst is expected to effectively protect organizational assets and mitigate cyber risks through effective demonstration of the following skills and critical thinking and analytical approach.
- Threat Detection and Analysis
- Incident Response.
- Forensic Analysis
- Malware Analysis
- Threat Intelligence
- Network Security
- Security Tools and Technologies
- Scripting and Automation
- Communication and Collaboration
- Continuous Learning

**Behavioral Competencies**
- Critical Thinking
- Customer Centricity
- Execution Excellence
- Result Orientation
- Team Management
- Attention to Detail
- Cultural Connectivity and Collaboration
- Interpersonal Excellence