Deskripsi pekerjaan SOC Analyst (Layer 3) Dinamika Sistem Integrasi Solusi
About the Role
We are seeking a highly skilled SOC Analyst - Layer 3 (Senior Level) to join our Cyber Security team. This role is critical in leading security forensics, advanced threat detection, incident response, and proactive security operations. As a senior member of the SOC team, you will handle complex security incidents, guide junior analysts, and collaborate with cross-functional teams to strengthen our overall cybersecurity posture.
Key Responsibilities
Act as the final escalation point for security incidents within the SOC.
Conduct advanced threat hunting and forensic investigations across endpoints, networks, and cloud environments.
Develop, tune, and optimize SIEM rules, detection use cases, and response playbooks.
Lead incident response efforts, including containment, eradication, and recovery.
Perform root cause analysis and deliver post-incident reports with actionable recommendations.
Collaborate with threat intelligence teams to correlate indicators of compromise (IOCs), behaviour indicator of compromise (BIOCs) and emerging attack vectors.
Mentor and provide guidance to Tier 1 and Tier 2 SOC analysts.
Assist in the design and implementation of new security monitoring tools and technologies.
Ensure compliance with security frameworks, standards, and policies.
Qualifications
Required:
5+ years of experience in Security Operations, Incident Response, or Digital Forensics.
Deep expertise in network security, endpoint detection & response (EDR), extended detection & response (XDR), malware analysis, and SIEM platforms (e.g., Splunk, QRadar, Sentinel, or equivalent).
Strong knowledge of MITRE ATT&CK framework, threat intelligence, and adversary tactics/techniques.
Experience with packet analysis tools (Wireshark, Zeek), log analysis, and sandboxing technologies.
Hands-on experience with firewalls, IDS/IPS, SOAR platforms, and vulnerability management tools.
Proficiency in scripting languages (Python, PowerShell, Bash) for automation and threat analysis.
Preferred:
Relevant certifications: CSA, ECIH, ECHFI, GCIA, GCFA, GCIH, GNFA, CISSP, OSCP, or equivalent.
Experience in cloud security monitoring (AWS, Azure, GCP).
Previous experience in a 24/7 SOC environment.
