Job Summary: We are looking for a skilled and experienced SOC L3 Expert to join our team. The ideal candidate will have deep expertise in security operations, threat detection, and incident response, with a focus on improving security postures, processes, and automation. This role requires the ability to deploy and integrate new tools and technologies to enhance the capabilities of the Security Operations Center. The SOC L3 Expert will collaborate with the Security Operations Manager to optimize SOC workflows, playbooks, and incident response procedures, ensuring a proactive approach to complex security threats.
Key Responsibilities:
• Provide expert-level recommendations to improve the organization’s security posture, processes, and automation strategies.
• Lead the deployment and integration of new tools and SIEM technologies to enhance the SOC's capabilities.
• Assist in the analysis of security logs and data to identify, assess, and mitigate complex threats across various systems and environments.
• Collaborate with the Client’s Security Operations Manager to review, refine, and continuously improve SOC workflows, playbooks, and incident response processes.
• Provide leadership and guidance in the identification and resolution of security incidents, ensuring swift and effective responses.
• Stay up to date with the latest security threats, vulnerabilities, and emerging technologies to proactively improve the SOC's response capabilities.
• Work with cross-functional teams to ensure security solutions are aligned with organizational objectives and best practices.
• Contribute to the development and documentation of SOC procedures and best practices.
• 5+ years of relevant experience in cyber consultancy, security operations, incident response, and threat analysis.
• Extensive experience with SOC tools, technologies, and security log analysis.
• Expertise in deploying and configuring security tools/SIEM to improve threat detection and automation.
• Strong understanding of incident response frameworks and best practices.
• In-depth knowledge of security threats, vulnerabilities, and mitigation techniques.
• Experience with security information and event management (SIEM) systems, endpoint detection and response (EDR), and other SOC technologies.
• Experience with cloud security and securing hybrid infrastructures.
• Experience in Email Security-Mimecast Email Gateway, Secured Web Gateway-Netskope SWG
• Familiarity with automation tools and scripting for security operations.
• Strong communication and collaboration skills, with the ability to work effectively with both technical and non-technical teams.
• Ability to work in a fast-paced, high-pressure environment, managing multiple tasks and priorities.
Preferred Qualifications & Certifications:
• Graduate in Computer Science
• Certifications such as CISSP, CISM, CEH or other relevant security certifications.
• Proficiency in Security Tools
o Mimecast Email gateway
o Microsoft Azure
o EDR solutions (Threatdown(Malwarebytes))
o Netskope SWG
o Azure Sentinel
o Microsoft Defender