We are looking for a capable, motivated, and deeply technical L3 SOC Analyst (Digital Forensics and Incident Response - DFIR) who enjoys security work, professional development, and proactive security. This position is for an experience cyber security specialist who has experience within digital forensics and incident response.
The L3 SOC Analyst (DFIR) will be responsible for responding and analysing security incidents, conducting forensic investigations across a complex multi-cloud environment, supporting threat hunting cycles, and purple team engagements. The L3 SOC Analyst (DFIR) will also be required to attend and host tabletop incident exercises, and create and maintain response runbooks.
• Security monitoring and incident handling across a complex network
• Use case development of detection analytics
• Attending and participating in threat modelling sessions
• Participate as a member of the C/SIRT to respond to security incidents
• Purple team exercises to identify gaps in detections and detection analytics development
• Research of current threats and trends affecting the organisation and its customers
• Mentor junior analysts
• Conduct forensic activities including acquisition, analysis, and reporting across Linux, OSX, and Windows systems
• Develop and test incident response playbooks through TTX
• Maintain, develop, and test DFIR tools and techniques