We are seeking an experienced SOC Analyst L3 with strong expertise in SIEM and SOAR solutions (FortiSIEM, QRadar, Qualys, or similar platforms). The candidate will be responsible for designing, deploying, managing, and optimizing SIEM/SOAR solutions at our SOC Centre and client locations. This role also includes providing technical leadership, guiding L1 and L2 analysts, managing escalations, and ensuring 24x7 SOC effectiveness. The ideal candidate is hands-on, with strong experience in end-to-end SIEM/SOAR deployment, threat hunting, automation playbooks, and incident response. ⸻ Key Responsibilities • Deployment & Implementation • Design, deploy, configure, and maintain SIEM solutions (FortiSIEM, IBM QRadar, Splunk, Qualys, etc.) at client environments. • Implement and optimize SOAR platforms, create automation playbooks for incident response. • Integrate multiple log sources (firewalls, IDS/IPS, endpoints, cloud, applications, databases, etc.) into SIEM. • Configure custom parsers, correlation rules, dashboards, and alerts based on client use cases. • SOC Operations Leadership • Act as the technical escalation point for L1/L2 SOC analysts. • Provide training and mentorship to SOC teams. • Lead threat hunting and advanced incident response. • Develop and maintain incident handling and escalation procedures. • Perform periodic tuning of SIEM to minimize false positives and improve detection. • Security Monitoring & Incident Response • Conduct real-time monitoring of alerts and incidents. • Lead root cause analysis of security events. • Coordinate with client IT/security teams for containment, eradication, and recovery. • Maintain forensic evidence and reporting for incidents. • Client Engagement • Work closely with client stakeholders to understand security requirements and map SIEM/SOAR solutions accordingly. • Conduct periodic security posture reviews and present improvement reports. • Assist in compliance reporting (PCI-DSS, ISO 27001, GDPR, etc.). • Continuous Improvement • Research and evaluate new threat intelligence, tools, and security technologies. • Enhance SOC processes, playbooks, and knowledge base. • Ensure compliance with cybersecurity frameworks and best practices. ⸻ Technical Requirements • SIEM Solutions: Hands-on deployment, tuning, and management of FortiSIEM, IBM QRadar, Splunk, Qualys VMDR, ELK Stack, or equivalent. • SOAR Platforms: Experience in implementing SOAR playbooks for automated incident handling. • Security Tools Integration: • Firewalls (Fortinet, Palo Alto, Cisco ASA) • IDS/IPS (Snort, Suricata) • Endpoint Security (EDR/XDR solutions) • Cloud Security (AWS Security Hub, Azure Sentinel, GCP Security) • Threat Intelligence feeds integration • Log & Event Management: Strong knowledge of log parsing, correlation rules, dashboards, and custom alerts. • Threat Detection & Response: Experience in threat hunting, malware analysis, forensics, and advanced persistent threat detection. • Vulnerability Management: Familiarity with Qualys/Nessus/Rapid7 integration with SIEM. • Compliance & Frameworks: Understanding of ISO 27001, NIST, SOC 2, PCI-DSS, GDPR requirements. ⸻ Required Skills & Experience • Experience: Minimum 6–8 years in SOC operations, with 3+ years as L3 SOC Analyst/Engineer. • Proven expertise in end-to-end SIEM/SOAR deployment and operations. • Strong understanding of network protocols, operating systems (Windows/Linux), cloud environments, and databases. • Ability to script and automate tasks (Python, PowerShell, Bash). • Excellent incident response, forensic investigation, and threat hunting skills. • Leadership qualities with the ability to manage SOC teams and mentor juniors. • Strong communication and client-handling skills. ⸻ Certifications (Preferred but not mandatory) • SIEM-related: IBM QRadar Certified Specialist / FortiSIEM Specialist / Splunk Certified Architect • Cybersecurity: CEH, CHFI, CompTIA Security+, CySA+, CISSP, CISM, GCIA, GCFA, GCIH • Cloud Security: AWS Security Specialty, Microsoft SC-200, Azure Sentinel Certifications ⸻ What We Offer • Opportunity to work on cutting-edge SOC environments across diverse industries. • Hands-on exposure to FortiSIEM, QRadar, Qualys, and leading SOAR tools. • Leadership role with growth path to SOC Manager/Practice Lead. • Competitive salary & benefits.
Wait!
Before You Leave... Find Your Perfect Job!
Are you sure you don't want to discover the perfect job opportunity? At JobPe, we help you find the best career matches, tailored to your skills and preferences. Don’t miss out on your dream job!