CrawlJobs Logo

SOC Analyst L3

Belgium, Diegem · Job Posted April 05, 2026
Apply Position
Job Link Share

Job Description

The primary function of the Tier 3 Analyst is to enhance our security operations capabilities. This role requires deep expertise in SIEM platforms including Splunk, IBM QRadar, Microsoft Defender, Microsoft Sentinel, and Google Chronicle, with a strong focus on playbook development, analytical rule creation, and threat modelling. You will be instrumental in building and optimizing our detection and response strategies.

Job Responsibility

  • Deploy, configure, and maintain SIEM platforms (Splunk, QRadar, Sentinel, Defender, Chronicle)
  • Onboard and normalize log sources across cloud and on-prem environments
  • Develop and optimize analytical rules for threat detection, anomaly detection, and behavioural analysis
  • Design and implement incident response playbooks for various threat scenarios (e.g., phishing, lateral movement, data exfiltration)
  • Integrate playbooks with SOAR platforms (e.g., Microsoft Logic Apps, XSOAR) to automate triage and response
  • Continuously refine playbooks based on threat intelligence and incident feedback
  • Monitor and analyse security alerts and events to identify potential threats
  • Perform in-depth investigations and coordinate incident response activities
  • Collaborate with threat intelligence teams to enrich detection logic
  • Conduct threat modelling exercises using frameworks like MITRE ATT&CK, STRIDE, or Kill Chain
  • Translate threat models into actionable detection use cases and SIEM rules
  • Prioritize detection engineering efforts based on risk and business impact
  • Generate reports and dashboards for stakeholders on security posture and incident trends
  • Work closely with IT, DevOps, and compliance teams to ensure secure system configurations
  • Provide mentorship and guidance to junior analysts and engineers
  • Maintain accurate and up-to-date documentation of security procedures, incident response plans, and analysis reports
  • Support the creation of monthly reporting packs as per contractual requirements
  • Create and document robust event and incident management processes, Runbooks & Playbooks
  • Involvement in scoping and standing up new solutions for new opportunities
  • Assisting Pre-Sales team with requirements on new opportunities
  • Demonstrations of SOC tools to clients
  • Continual Service Improvement - Recommendations for change to address incidents or persistent events

Requirements

  • Minimum of 3 to 5 years of experience in the IT security industry, preferably working in a SOC/NOC environment
  • Hands-on experience with at least two of the following: Splunk, IBM QRadar, Microsoft Defender for Endpoint, Microsoft Sentinel, Google Chronicle
  • Strong knowledge of log formats, parsing, and normalization
  • Experience with KQL, SPL, AQL, or other SIEM query languages
  • Familiarity with scripting (Python, PowerShell) for automation and enrichment
  • Deep understanding of threat detection, incident response, and cyber kill chain
  • Familiarity with MITRE ATT&CK, NIST, and CIS frameworks
  • Strong verbal and written English communication
  • Strong interpersonal and presentation skills
  • Strong analytical skills
  • Must have good understanding on network traffic flows and able to understand normal and suspicious activities
  • Must have good understanding of Vulnerability Scanning and management as well as Ethical Hacking (Penetration Testing)
  • Knowledge of ITIL disciplines such as Incident, Problem and Change Management
  • Ability to work with minimal levels of supervision
  • Willingness to work in a job that involves 24/7 on call
  • Preferably holds Cyber Security Certification e.g. ISC2 CISSP, GIAC, SC-200, Splunk Certified Admin/Power User, IBM QRadar Certified Specialist, Google Chronicle Security Engineer etc
  • Experience with Service Now Security suite
  • Experience with Cloud platforms (AWS and/or Microsoft Azure)
  • Excellent knowledge of Microsoft Office products, especially Excel and Word

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

SOC Analyst L3

8 matching positions

L3 SOC Analyst

Managed Services Security team are made up of teams that provide remote (offsite...
Location
Location
Ireland , Galway
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field or equivalent experience desired
  • Generally, 5+ years in SOC, Incident Response, or Threat Analysis roles
  • Strong knowledge & understanding of common attack vectors and threat actor tactics, techniques, and procedures
  • Knowledge of Elastic SIEM is preferred. If not experience on any of the other SIEM tools like Sentinel, Splunk, QRadar, LogRhythm
  • Relevant industry qualification where applicable
  • Excellent verbal and written communication skills in language to be supported
  • Advanced troubleshooting skills in a technical environment
  • Excellent analytical and problem solving skills
  • Advanced Software and hardware knowledge of computing, storage and peripheral devices
  • Specific knowledge and training with the company's products. Knowledge of multiple product lines (for example, proactive, reactive, storage, enterprise systems, tier 2 or 3 support, etc.)
Job Responsibility
Job Responsibility
  • Monitor work queues for new escalations from the L1/L2 team
  • Triage cases when there are multiple escalations in the queue
  • Perform deep-dive analysis on escalated cases
  • Uses Threat intelligence and IOA/IOC data to identify source and impact of attack
  • Clearly document your investigations as they progress and regularly add case notes to the case to maintain situational awareness
  • Complete the investigations and recommend remediations for low and medium severity security incidents
  • Initiate a war room for confirmed or suspected critical security incidents and follow the documented incident response plan
  • Complete Post Incident Review (PIR) documentation for all medium and higher severity security incidents
  • Monitor work queues for new cases requiring review
  • Triage case reviews as required
What we offer
What we offer
  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion
  • Fulltime
Read More
Arrow Right

L3 Security Analyst

Join Vodafone’s Cyber Defence Operations Center of Excellence (CDO) and play a p...
Location
Location
United Kingdom , Newbury
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experienced SOC analyst (Level 2 or above) with at least 4 years in security event analysis and incident response
  • Strong technical knowledge of networking protocols, operating systems (Windows/Linux), and security technologies (SIEM, EDR, IDS/IPS, firewalls, proxies)
  • Hands-on experience with SIEM tuning and SOAR automation
  • Familiarity with frameworks like MITRE ATT&CK and cyber kill chain
  • Knowledge of cloud platforms (Azure, AWS, Google Cloud) and scripting/programming skills
  • Excellent analytical, communication, and collaboration skills, with the ability to explain technical concepts to non-technical audiences
  • Passion for continuous learning and professional development, ideally working toward certifications such as GCIA, GCIH, GCFA, GNFA, CEH, or ECSA
  • A proactive, disciplined approach and the ability to work independently or as part of a team in a fast-paced environment
Job Responsibility
Job Responsibility
  • Investigate and validate threats using cutting-edge tools
  • Collaborate with global teams on incident investigations
  • Mentor colleagues to uplift skills across the CSOC
  • Fine-tuning SIEM systems and automating response actions
  • Delivering insightful security reports and advisories
What we offer
What we offer
  • Yearly bonus: 10%
  • Annual leave: 28 days + bank holidays + the opportunity to buy/sell/carry over 5 days/year
  • Charity days: 5 days/year
  • Maternity leave: 52 weeks: the first 13 weeks are fully paid, followed by 26 weeks of half pay
  • Private pension: You can contribute up to 5% of your basic pay with 2:1 matching from Vodafone up to 10%
  • Access to: private medical, private dental, free health assessments, share save scheme
  • Additional discounts: Vodafone retail, gym, cinema, cycle to work, season ticket loan
Read More
Arrow Right

Security Specialist Engineer

At Mobile Financial Services we enable financial inclusion - truly using Technol...
Location
Location
India , Noida
Salary
Salary:
Not provided
ericsson.com Logo
Ericsson
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Degree in Software Engineering or similar
  • Solid Linux handling knowledge in Kubernetes environment
  • Experience in Cloud/SAAS Operational Security Management, AWS will be preferred
  • Experience in container technologies e.g. Docker/Kubernetes
  • Minimum of 5 years of experience in the IT security industry, preferably working in a SOC/NOC environment
  • Better understanding of SSL/TLS
  • Better understanding of Vulnerability assessment and Management
  • Better understanding of Public Key Infrastructure
  • Working knowledge of TCP/IP and networking concepts
  • Better understanding of Certificate Management
Job Responsibility
Job Responsibility
  • Perform advanced triage and investigation of escalated security incidents from L2 and L3 analysts
  • Conduct threat hunting activities using SIEM, EDR, and network security tools
  • Correlate logs from multiple sources (firewalls, IDS/IPS, endpoints, cloud, email gateways)
  • Develop fine-tune detection rules and use cases in SIEM platforms
  • Analyze malware behavior and suspicious artifacts
  • Coordinate containment, eradication, and recovery actions during incidents
  • Review risky user behavior (impossible travel, abnormal downloads, privilege escalation)
  • Manage access controls, conditional access policies, and MFA enforcement
  • Security configuration reviews and hardening of cloud resources (VMs, storage, databases, Kubernetes, serverless)
  • Support Cloud Security Posture Management (CSPM) tools by investigating misconfigurations and policy violations
  • Fulltime
Read More
Arrow Right

Security Consultant L3

We are looking for an experienced security professional for our 24×7 managed sec...
Location
Location
India , Mumbai / New Delhi
Salary
Salary:
Not provided
binaryglobal.com Logo
Binary Global
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • BE/MCA or University degree
  • At least 6-10 years of experience working in a SOC environment
  • Certifications required – CEH, ECIH/CHFI
  • Knowledge & hands-on experience in the management of IDS/IPS
  • Firewalls, VPN, and other network & security products
  • Experience in security Information event management (SIEM) tools such as Qradar, Arcsight, Logrhythm or any other tools
  • Creating basic & advanced co-relation rules
  • Should have expertise in TCP/IP network traffic and event log analysis
  • Knowledge of ITIL disciplines such as Incident, Problem and Change Management
  • In-depth knowledge of OSI Layers, Internet Protocol, TCP/IP
Job Responsibility
Job Responsibility
  • Review & Analyse security events for quality and possible escalations to raise the alarm
  • Follow-up with customers & vendors to resolve open issues
  • Security device administration with respect to tuning and enhancing detection capabilities
  • Handling SOC MDR Operational requirements
  • Review and present security reports and ensure compliance to security policies and SLAs as applicable
  • Perform in-depth analysis of events and logs for detecting malicious applications and network activity, common attack techniques that compromise hosts, detecting and analysing system and network vulnerabilities and continuous process improvement by discovering the root causes of incidents
  • Work to resolve major security incidents in conjunction with respective resolver groups
  • Experience configuring security incident and event management tools including creating event filtering and correlation rules and reports
  • Ability to work with customer and product specialists to weed out false positives and improve the efficiency of the security operations
  • Creation of knowledge base which will be used by SOC analysts for performing their roles
  • Fulltime
Read More
Arrow Right

Senior Incident Response Analyst

Wrike is seeking an experienced Senior Incident Response Analyst to help safegua...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
klaxoon.com Logo
Klaxoon
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Over 5 years of experience in a Senior Incident Response Analyst/SOC/Cybersecurity or similar security-focused role in a software product company
  • Deep understanding of network fundamentals and a wide range of security threats
  • Exceptional analytical and problem-solving skills, with the ability to think critically under pressure
  • Outstanding communication skills, both written and verbal, with the ability to convey complex concepts to technical and non-technical audiences
  • Hands-on experience with leading security information event management (SIEM) and extended detection and response (XDR) platforms (e.g., Rapid7, Splunk, Wazuh, Microsoft Defender for Endpoint, Crowdstrike)
  • Strong experience in log analysis, event correlation, and incident response
Job Responsibility
Job Responsibility
  • Lead the monitoring, analysis, and triage of complex security alerts and events, providing expert guidance to junior team members
  • Assess risk and impact of potential incidents, recommending and overseeing appropriate remediation actions
  • Employ a broad range of advanced security tools and technologies to proactively detect and investigate sophisticated cyber threats
  • Collaborate with and mentor other teams, including incident responders, to ensure timely and accurate escalation and resolution of high-priority cases
  • Oversee documentation and reporting of security incidents, ensuring accuracy, clarity, and timely delivery to relevant stakeholders
  • Drive the ongoing development and enhancement of security monitoring and detection capabilities, introducing best practices and automation where appropriate
  • Stay ahead of the latest security trends, emerging vulnerabilities, and best practices, sharing knowledge and recommendations within the team and across the organization
  • Demonstrated experience functioning at an L3 level, serving as the final escalation point for resolving complex security incidents and issues
  • Mentorship of junior/mid senior analysts, ability to share knowledge
What we offer
What we offer
  • 18 calendar days of paid vacation (12 days of National & Festival holidays (10 fixed, 2 flexible))
  • Sick Leave Compensation (5 Paid Uncertified Sick Days)
  • Menstrual Leave: Twelve (12) days per calendar year. Women employees are eligible for up to 1 day of menstrual leave per month.
  • Parental Leave: 26 Weeks Maternity / 4 Week Paternity
  • 2 Volunteer Days
  • Group Medical Insurance (Employees + Dependents)
  • Term Life Insurance (Rs 50,00,000)
  • Personal Accident Insurance (Rs 50,00,000)
  • Monthly Broadband / Internet Reimbursement (INR 1500)
  • Hybrid Working Model + Complimentary Lunch & Snacks
  • Fulltime
Read More
Arrow Right
New

Primary Teacher

Primary Teacher | KS1 or KS2 Specialist | Local Primary Schools Position: Full-...
Location
Location
United Kingdom , Bishop's Stortford
Salary
Salary:
140.00 - 233.00 GBP / Day
https://www.randstad.com Logo
Randstad
Expiration Date
July 14, 2026
Flip Icon
Requirements
Requirements
  • Qualified Teacher Status (QTS): Mandatory (Early Career Teachers / ECTs are highly encouraged to apply)
  • Adaptable Expertise: A solid understanding of either the KS1 or KS2 framework and a knack for making complex subjects accessible
  • Classroom Management: Excellent skills in maintaining a focused, positive, and high-energy learning environment
  • Compliance: A valid enhanced DBS on the Update Service (or willingness to apply) and a 100% commitment to Safeguarding
Job Responsibility
Job Responsibility
  • Engaging Curriculum Delivery: Plan and execute high-quality lessons across the National Curriculum, turning standard objectives into 'unforgettable' learning experiences
  • Holistic Nurturing: Create a safe, inclusive classroom 'family' where 30 unique personalities feel respected, motivated, and ready to take risks
  • Progress Monitoring: Use formative and supportive assessments to track student growth, ensuring interventions are timely and effective
  • Community Partnership: Build strong, transparent relationships with parents, carers, and colleagues to support the holistic journey of every pupil
What we offer
What we offer
  • PAYE
  • Referral Bonus
  • Access to 2026 CPD suite, featuring the latest in Primary Pedagogy, Inclusive Practice, and Leadership Development
  • Support of a dedicated Teaching Assistant
  • Training and education
  • Safeguarding & Prevent
  • Fulltime
Read More
Arrow Right
New

Clerk-Reservations

Process all reservation requests, changes, and cancellations received by phone, ...
Location
Location
Georgia , Batumi
Salary
Salary:
Not provided
https://www.marriott.com Logo
Marriott Bonvoy
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • High school diploma or G.E.D. equivalent
  • No related work experience
  • No supervisory experience
  • None
Job Responsibility
Job Responsibility
  • Process all reservation requests, changes, and cancellations received by phone, fax, or mail
  • Identify guest reservation needs and determine appropriate room type
  • Verify availability of room type and rate
  • Explain guarantee, special rate, and cancellation policies to callers
  • Accommodate and document special requests
  • Answer questions about property facilities/services and room accommodations
  • Follow sales techniques to maximize revenue
  • Input and access data in reservation system
  • Indicate special room reservation types (e.g., complimentary rooms, employee discounts, travel agent inspection rates, and wholesale reservations) by inputting the correct code and rate into the reservation system
  • Follow proper escalation procedures when addressing guest concerns
  • Fulltime
Read More
Arrow Right
New

Primary Teaching Assistant

Location
Location
United Kingdom , Bishop's Stortford
Salary
Salary:
89.00 - 100.00 GBP / Day
https://www.randstad.com Logo
Randstad
Expiration Date
July 14, 2026
Flip Icon
Requirements
Requirements
  • Proactive & Energetic
  • Relevant Experience
  • Academically Confident
  • Committed
  • ability to track progression in attainment
  • background in youth work
  • behaviour management
  • building relationships
  • classroom management
  • communication
Job Responsibility
Job Responsibility
  • Lead small group interventions
  • Assist the teacher in preparing resources, creating displays, and managing classroom behaviour
  • Assist with the social and emotional development of students
  • Work closely with the Class Teacher to track pupil progress
  • Support the Class Teacher in delivering high-quality lessons
What we offer
What we offer
  • Weekly Pay
  • Referral Bonus
  • School hours (approx. 8:30 am - 3:30 pm)
  • training and education
  • Safeguarding
Read More
Arrow Right