Security Analyst Level 3

About the role

The Level 3 Security Analyst is a subject‑matter expert responsible for managing threats, handling escalations from L1/L2 teams, and leading investigations to determine root cause and resolution. This role supports the SOC by providing deep technical insight into malware, attack vectors, and network communications.

Key responsibilities

• Manage and disseminate threat information across the organization.
• Respond to, investigate, and resolve incident escalations from L1 and L2 security teams.
• Document root‑cause analysis, metrics, lessons learned, and produce technical after‑action reports.
• Analyze malicious code, attack vectors, and network traffic to identify vulnerabilities.
• Support development and maintenance of tools and techniques for exploiting specific targets.
• Serve as the focal point for critical security events and provide recommendations to SOC management.

Required profile

• 5+ years of technical experience in Information Security, System Administration, or Network Engineering.
• 4‑5 years of dedicated Information Security experience, including 18‑24 months in MDR/SOC/Incident Response.
• Bachelor’s degree in Computer Science, Engineering, IT, Cybersecurity, or related field.
• Relevant certifications such as Security+, CEH, Network+, CISSP, GIAC Certified Intrusion Analyst, GIAC Certified Incident Handler, or GIAC Reverse Engineering Malware.

Required skills

• Scripting: PowerShell, Bash/Ksh/Sh, Cisco IOS.sh, JunOS sh/csh, Perl, Tcl, Lua.
• Programming: C, C++, C#, Python, HTML, JavaScript.NET.
• Security tools: Metasploit, vulnerability scanners, Kali Linux, Nmap.
• SIEM platforms: Azure Sentinel, Splunk, LogRhythm, etc.
• IDS/IPS and firewalls: Snort, Cisco, Fortigate, Sourcefire.
• Operating systems: Windows, Unix/Linux.
• Networking: LAN/WAN, TCP/IP, OSI model, protocol security implications.
• Incident response, packet capture/analysis, and security best practices.