Cyber Security Expert

Their is a JD which will be perfect for the position

The SOC L3 Analyst is a senior member of the Security Operations Center team, responsible for advanced threat analysis, incident response, and security operations. This role involves leading investigations, developing detection capabilities, and mentoring junior analysts. The ideal candidate should possess deep technical expertise in cybersecurity, excellent problem-solving skills, and the ability to make critical decisions in high-pressure situations.

Key Responsibilities:

Lead advanced investigations of security incidents and perform root cause analysis.

Develop and fine-tune detection rules and security use cases for SIEM and other security tools.

Collaborate with threat intelligence teams to correlate data and identify emerging threats.

Conduct threat hunting activities to proactively identify suspicious behavior and vulnerabilities.

Design and implement incident response processes and playbooks.

Serve as an escalation point for L1 and L2 analysts for complex security issues.

Ensure timely and accurate documentation of incidents, findings, and remediation steps.

Collaborate with engineering and IT teams to improve security posture and harden systems.

Provide mentorship and training to junior SOC team members.

Required Skills/Technologies/Tools

Extensive experience with Security Information and Event Management (SIEM) tools like Splunk, Sentinel or ELK.

In-depth knowledge of cybersecurity frameworks like MITRE ATT&CK and the cyber kill chain.

Advanced understanding of networking protocols, firewalls, and intrusion detection systems.

Strong expertise in incident response, digital forensics, and malware analysis.

Hands-on experience with endpoint detection and response (EDR) and threat intelligence platforms.

Proficiency in scripting languages (Python, PowerShell, or Bash) for automation and analysis.

Excellent analytical, troubleshooting, and problem-solving skills.

Ability to communicate complex technical issues clearly to both technical and non-technical stakeholders.

Good to have Technologies/Tools

Knowledge of security orchestration, automation, and response (SOAR) platforms.

Experience with reverse engineering and advanced malware analysis techniques.

Hands-on experience with data loss prevention (DLP) and endpoint protection platforms.

Familiarity with case management tools and digital forensic tools.

Hands-on experience with vulnerability management and threat intelligence platforms.

Relevant any cybersecurity certifications.Role & responsibilities

Preferred candidate profile