Job Description
Position: SOC Security Analyst L3
Location: College Park, Maryland (Remote candidates from the US may be considered)
Schedule:
This position follows a Panama schedule, involving a rotating shift pattern with four teams covering two 12-hour shifts to ensure 24/7 coverage. The work schedule consists of 2 days on, 2 days off, 3 days on, 2 days off, 2 days on, and 3 days off.
Citizenship Requirement:
U.S. Citizenship is required.
### Job Summary
We are looking for passionate and skilled Security Operations Center (SOC) Analysts to join our team and help protect our global customers from ever-evolving cyber threats. In this dynamic role, you will be instrumental in detecting, defending against, and remediating security incidents, playing a key part in minimizing their impact and duration.
As a Level 3 Analyst, you will be the go-to technical expert, providing guidance and support to your teammates. Your deep knowledge of modern attack techniques, intrusion analysis, and incident response will ensure swift and effective handling of threats. You will also serve as a mentor to junior analysts, communicate effectively with clients, and advocate for continuous improvements within our processes and technologies.
### Key Responsibilities
Your main goal as an L3 analyst is to ensure the safety and security of our clients. You will:
- Address active intrusions and escalations from Level 1 and Level 2 analysts, investigating client systems and logs to identify attacker activities.
- Provide clear and comprehensive documentation to ensure clients are informed and know how to respond to threats effectively.
- Monitor and analyze security events and alerts from various sources, including SIEM logs, endpoint logs, and EDR telemetry.
- Research indicators and activities to assess their reputation and identify suspicious attributes.
- Analyze malware, attacker networks, and forensic artifacts, performing complex investigations and managing incident declarations.
- Engage in live response analysis of compromised endpoints, actively hunting for suspicious activities based on curated intelligence.
- Participate in the investigation, resolution, and documentation of security incidents, collaborating closely with our Incident Response teams.
- Contribute to the enhancement of security policies, procedures, and automation.
- Regularly communicate with clients to update them on incidents and assist with remediation efforts.
### Basic Qualifications
People Skills:
- Demonstrated ability to remain composed in high-pressure situations while maintaining professionalism.
- Experience working directly with customers to gather requirements and provide feedback on security services.
- Excellent written and verbal communication skills, with the ability to simplify complex technical topics for diverse audiences.
- Strong teamwork and interpersonal skills, enabling effective collaboration with a globally distributed team.
- Willingness to work in a 24/7 environment, including nights and weekends, as part of a rotating schedule.
Technical Skills:
- Familiarity with SIEM solutions, Cloud App Security tools, and EDR.
- Advanced understanding of network protocols and telemetry.
- Proficiency in analyzing forensic artifacts on Windows and Unix systems.
- Expertise in analyzing logs from endpoints, web services, and authentication systems.
- Experience in detection creation within SIEM/EDR environments.
- Knowledge of modern authentication attacks (e.g., against AD, Entra, OATH) and response strategies.
- Understanding of common attack paths and methodologies, including credential harvesting and ransomware countermeasures.
### Preferred Qualifications
- Experience in intrusion analysis, incident response, digital forensics, or penetration testing.
- 5+ years of hands-on experience in SOC, TOC, or NOC environments.
- Relevant certifications such as GCIA, GCIH (required) and GCFA, GCFE, CISSP, Security +, Network +, CEH, RHCA, RHCE, MCSA, MCP, or MCSE (preferred).
- Familiarity with tools like Sentinel, Splunk, Microsoft Defender suites, Crowdstrike Falcon, and SentinelOne.
- Basic programming skills in languages such as JavaScript, Python, Lua, Ruby, GoLang, or Rust.
### Education
A minimum of a bachelor's degree in Information Security, Computer Science, or a related IT field, or equivalent experience.
Employment Type: Full-Time
Salary: $ 40,000.00 140,000.00 Per Year
Job Tags
Full time, Remote job, Shift work, Night shift, Rotating shift,