This list contains only the countries for which job offers have been published in the selected language (e.g., in the French version, only job offers written in French are displayed, and in the English version, only those in English).
We are seeking an experienced Cyber Security Level 3 Analyst to play a critical role within the Cyber Security Operations Centre (CSOC). This role focuses on advanced security alert investigation, threat analysis, and incident triage across enterprise environments, including cloud platforms. The individual will act as a technical subject matter expert, mentor team members, contribute to automation and process stabilisation, and support continuous improvement of detection capabilities to ensure secure and seamless business operations.
Job Responsibility
Lead Level 3 investigation, analysis and triage of complex security alerts and incidents across SIEM platforms
Act as the primary technical subject matter expert for security alert investigation within the CSOC
Drive automation initiatives, alert fine-tuning, and process stabilisation to reduce operational effort and risk
Participate in daily stand-ups and actively lead incident investigations
Collaborate closely with onshore teams to optimise alert volumes and improve detection accuracy
Create and maintain SOPs, KEDB entries, playbooks, process and procedure documentation
Build and sustain a strong knowledge base by authoring and reviewing KB articles
Produce daily and management-level reports on alert trends, investigations and operational challenges
Mentor and guide new team members, fostering a culture of learning and knowledge sharing
Conduct brown-bag sessions to enhance team capability and awareness
Coordinate with Local Market CSIRT teams on ongoing cases to ensure customer experience remains a top priority
Lead by example through strong analytical thinking, judgement and collaborative leadership
Requirements
8+ years in SOC operations, SIEM monitoring, event analysis and incident management
Comfortable operating at Level 3 or senior Level 2 within large, complex organisations
Skilled in SIEM platforms such as ArcSight, Splunk, QRadar, LogRhythm or similar technologies
Knowledgeable in security event correlation logic, log analysis, and threat investigation techniques
Confident in networking and core security concepts across on‑premise and cloud environments
Experienced in creating playbooks, SOPs and process documentation
Proactive in learning about emerging cyber threats and defensive techniques
Certified with industry-recognised credentials such as CISSP or CISM (SANS certification is advantageous)
Able to communicate clearly and effectively with technical and non-technical stakeholders
Known for integrity, self-motivation, cultural sensitivity and strong interpersonal skills
Experienced in supporting global customers and working across distributed teams.
Nice to have
SANS certification
What we offer
Exposure to advanced cyber defence operations within a global telecom environment
Opportunities to influence detection strategy, automation and operational maturity
Collaboration with global CSOC and CSIRT teams across multiple markets
A platform to develop leadership, mentoring and technical specialisation skills
A supportive environment that values continuous learning and knowledge sharing