SOC Tier 3 Analyst

Overview

SOC Tier 3 Analyst • 6 Month contract (initially). Based: Remote/Reading - Hybrid. Maximum 3 days per week onsite. Rate: Market rates per day (via Umbrella company).

We have a great opportunity with a world leading organisation where you will be supported to succeed. This role is for a SOC Tier 3 Analyst to strengthen the Security Operations Center. As a Tier 3 CERT Analyst you will lead the investigation and remediation of advanced cyber threats, leveraging cutting edge tools such as Splunk, Microsoft Sentinel, CrowdStrike, Defender and other security stacks. You will handle complex incidents like APTs, malware, and data breaches, ensuring swift, effective responses to minimize risk to the organization and its clients.

Key Responsibilities

1. Incident Detection and Response: Utilize advanced SIEM tools, threat intelligence platforms, and other security technologies to analyze and correlate security alerts.
2. Threat Hunting & Analysis: Proactively search for threats across the environment using behavioural analysis and threat intelligence data. Analyze data from logs, network traffic, endpoint activities, and threat intelligence feeds to detect unusual or malicious activity.
3. Incident Forensics: Perform in depth forensic analysis to determine the scope, impact, and root cause of security incidents. Collect, preserve, and analyze evidence related to breaches, intrusions, or malware infections while adhering to legal and regulatory requirements.
4. Remediation and Recovery: Collaborate with threat intelligence teams to identify indicators of compromise (IOCs) and ensure proper actions are taken to block further attacks.
5. Compliance and Risk Management: Ensure all incident response activities align with industry standards, regulations, and best practices (e.g., NIST, ISO 27001, GDPR, HIPAA). Work with legal and compliance teams to manage incidents within the scope of data privacy laws and regulations.

Key Skills & Experience

• Proficient in incident response tools and techniques, including network and system forensics, malware analysis, and memory analysis.
• Expertise in analyzing and responding to threats on different platforms (Windows, Linux, cloud environments, etc.).
• Familiarity with scripting languages (Python, PowerShell, etc.) to automate tasks or create custom detection methods.
• Strong experience in handling complex cyber incidents (e.g., APTs, ransomware, data breaches).
• Hands on experience with SIEM platforms (e.g., Splunk, ArcSight, LogRhythm) and endpoint detection/response (EDR) tools.

Certifications (Preferred)

• Certified Information Systems Security Professional (CISSP)
• Certified Incident Handler (GCIH, EC Council)
• Certified Forensic Computer Examiner (CFCE)
• GIAC Certified Forensic Analyst (GCFA)
• GIAC Certified Intrusion Analyst (GCIA)

Additional Information

LA International is an approved ICT recruitment and project solutions consultancy. We welcome applications from diverse backgrounds and adhere to equal opportunities in employment.