SOC Analysts L 3 Monitering

We are seeking a L3 / Lead to act as a senior escalation point across security monitoring and incident response.

This role is critical in driving high-quality investigations, forensic analysis, and detection improvements, while partnering closely with the Process Engineering Lead and Security Engineering teams.

The ideal candidate will have deep hands-on experience in incident response and forensics, combined with the ability to uplift processes, reduce false positives, and enable automation-driven efficiency.

Responsibilities

• Act as a senior escalation point for SOC analysts (L1/L2) in monitoring, triage, and investigation, providing technical guidance and validation.
• Lead incident investigations from escalation through containment, eradication, and recovery, coordinating across Group SOC and OpCos.
• Perform deep-dive analysis on malware, endpoint/network activity, and adversary behavior to support incident response and attribution.
• Conduct forensic examinations (endpoints, servers, logs, memory, storage, and network traffic) to support investigative outcomes.
• Collaborate with the Process Engineering (PE) Lead to:
• Improve detection rules/use cases.
• Tune rules to reduce false positives and improve accuracy.
• Integrate threat intelligence into active monitoring.