C-SOC Level 3 Analyst

Company Overview

Company information is not specified.

Job Summary

The C-SOC Level 3 Analyst is responsible for advanced incident response activities, comprehensive log analysis, and detailed incident reporting. This role is critical in enhancing the efficiency of incident response within a Security Operations Center (SOC) and contributes to the organization's overall cybersecurity posture.

Responsibilities

• Conduct advanced incident response activities and provide comprehensive log analysis.
• Perform detailed incident reporting and documentation.
• Utilize tools such as THOR Scanner, VMRay, and Recorded Future Sandbox for malware analysis and threat hunting.
• Analyze email logs to trace phishing attacks and other email-related threats.
• Collaborate with Cyber Incident Response (CIR) teams to manage security incidents effectively.
• Maintain and manage the SOC Knowledgebase, including playbooks, processes, and contacts.
• Review and analyze user access logs to identify unauthorized or suspicious activities.
• Refine and tune alerting systems to reduce false positives and enhance detection capabilities.

Qualifications

• Proficient in malware analysis and threat hunting techniques.
• Skilled in using advanced tools for detecting and analyzing sophisticated threats.
• Strong understanding of Microsoft Security Products, including MS Defender for Endpoint, Cloud, Identity, AV, and MS Sentinel.
• Knowledgeable in application, cloud, and infrastructure security, including firewalls, proxies, and Web Application Firewalls (WAF).
• Expertise in utilizing SIEM (Security Information and Event Management) systems and IDS/IPS (Intrusion Detection/Prevention Systems).
• Strong analytical skills to interpret complex datasets and identify security threat patterns.
• Capable of conducting in-depth technical analyses of incidents.
• Willingness to work in 24/7 rotational shifts, including weekends.

Preferred Skills

• Experience using sandbox environments for malware behavior analysis.
• Ability to provide technical feedback to internal security teams.
• Familiarity with refining alerting systems based on insights from incident investigations.

Experience

• Minimum of 0 years of experience in a cybersecurity role, with a focus on incident response and analysis.

Environment

• Location information is not specified; the position is full-time.
• Must be flexible to work in 24/7 rotational shifts.

Salary

• Salary information is not specified.

Growth Opportunities

• Opportunities for career advancement within the organization are not specified.

Benefits

• Benefits information is not specified.