Job Title: L3 SOC Analyst Experience Required: 5+ years Location: Bgc, Taguig Work Mode: [Hybrid] Shift: 24x7 Rotational Shifts Employment Type: [Full-time] Job Summary: We are seeking a highly skilled L3 SOC Analyst with over 5 years of experience in cybersecurity operations within a 24x7 SOC environment. The ideal candidate will possess deep technical expertise in incident response, threat detection, malware analysis, and digital forensics (DFIR) . You will handle complex escalated incidents, lead investigations, and support junior analysts in real-time threat mitigation. Key Responsibilities: Act as a lead responder for escalated (L3) security incidents and complex cyber threats. Perform advanced threat analysis using SIEM tools like Splunk, Azure Sentinel, etc. Conduct incident triage, deep investigation, and remediation using tools such as EDR, IDS/IPS, and email security platforms. Execute malware analysis, reverse engineering, and perform DFIR activities as needed. Review, analyze, and correlate logs and alerts from various security tools and systems. Detect and respond to sophisticated threats targeting endpoints, networks, and cloud platforms. Guide and mentor L1 and L2 SOC analysts; lead shifts or manage a small SOC team during incidents. Document incident reports, investigation outcomes, and improvement actions. Collaborate with threat intelligence and vulnerability management teams. Required Skills & Experience: 5+ years of hands-on experience in Cyber Security and SOC operations . Proven experience responding to L3 escalated incidents and leading investigations. Strong proficiency in SIEM tools (e.g., Splunk, Azure Sentinel). Solid understanding and hands-on experience with EDR tools like CrowdStrike, Carbon Black, Defender, or Tanium . Expertise in malware analysis, reverse engineering , and DFIR (Digital Forensics & Incident Response). Proficient in analyzing logs from endpoints, firewalls, IDS/IPS, and cloud environments. Understanding of common threat vectors (e.g., phishing, malware, web attacks). Experience in a shift lead role or team management capacity in a SOC setting. Nice to Have: Relevant certifications such as GCIA, GCIH, GCFA, OSCP, CEH, CISSP Experience with cloud security and monitoring (Azure, AWS, GCP) Familiarity with MITRE ATT&CK framework and threat hunting practices Show more Show less