L3 Cyber Security Analyst with SIEM

• Lead investigations into high-complexity security incidents, such as targeted attacks, APTs, or insider threats.

• Analyze attacker Tactics, Techniques, and Procedures (TTPs) to understand attack vectors and methods.

• Correlate diverse data sources (SIEM, endpoint, cloud, and network) to identify and contain sophisticated threats.

• Design and execute proactive threat-hunting campaigns using SIEM and threat intelligence data.

• Identify potential weaknesses in the environment and suggest mitigations.

• Leverage advanced tools and techniques to detect zero-day and novel threats.

• Take ownership of critical incidents, coordinating with internal teams and external stakeholders.

• Conduct post-incident analysis to identify gaps and recommend improvements to security controls.

• Provide detailed reports on incidents, including root cause analysis and mitigation strategies.

• Act as the technical escalation point for L2 analysts, assisting with complex investigations.

• Collaborate with threat intelligence, vulnerability management, and IT teams to enhance security posture.

• Provide mentorship and training to L1 and L2 analysts to improve team capabilities.

• Participate in purple team exercises to improve detection and response strategies.

• Refine and improve incident response playbooks and standard operating procedures (SOPs).

• Define strategies for improving SOC maturity and aligning with frameworks like MITRE ATT&CK.

• Ensure SOC activities adhere to regulatory requirements and industry best practices.

• Provide executive-level reporting on security posture, incidents, and trends.

• Lead tabletop exercises and simulations for executive and IT teams.

• Develop and implement metrics to measure the effectiveness of detection and response efforts.

Qualifications:

• 8+ years of experience in cybersecurity, with significant focus on security operations and incident response.

• Expertise in SIEM tools, advanced threat detection, and cybersecurity frameworks.

• Strong analytical skills to handle complex security incidents and investigations.

• Excellent leadership, communication, and collaboration skills.

Preferred Skills:

• Experience with advanced threat hunting, malware analysis, and digital forensics.

• Familiarity with frameworks like MITRE ATT&CK, NIST, and regulatory compliance standards.

• Certifications such as CISSP, CISM, GIAC, or equivalent are highly desirable.

• Experience in leading purple team exercises and improving SOC maturity.

Incident Analysis,Threat Intelligence,Incident Response,Cyber Security