SOC Analyst L3

3Columns is a specialist cybersecurity firm that delivers a wide range of services, including security assurance, security governance, professional services, and managed services. Solutions include managed security services, offensive security services, cybersecurity consulting, and professional services to assist customers in deploying all the required controls. The core services delivered by the SOC are Managed Detection and Response and Incident Response.

About the Role:

3Columns is seeking an SOC Lead Investigator / Level 3 analyst to join their team remotely. They will be responsible for expanding the business by delivering outcome-based engagements to various clients and proactively improving the Managed SOC and SIEM capabilities within the organisations they are engaged with. The SOC analyst will work with the team to assist clients in investigating the logs, creating playbooks, and proactively notifying customers. Have experience or understanding of a wide range of technologies such as Office365, InTunes, MS Defender, Rapid7 SIEM, Vulnerability Management, Mimecast, CrowdStrike and SentinelOne to support the business and help drive the success of organisational business strategies. The successful applicant will become integral to each client's cybersecurity strategy, developing strong relationships and becoming a trusted partner within each organisation.

Lead Investigator – SOC Responsibilities:

• Minimum of 7 years of experience
• Must have hands-on experience is investigations related to Malware, Advanced TTP,
• Have experience is detections and dealing with cases related to Ransomware.
• Strong understanding of Windows and Linux System event logs.
• Experience with Threat Hunting and Rule writing.
• Lead and coordinate in-depth investigations into security incidents, ensuring timely and accurate response.
• Act as the primary escalation point for complex and high-impact incidents.
• Provide technical and strategic guidance to Level 2 analysts throughout the investigation lifecycle.
• Review and validate findings from Level 2 investigations, ensuring completeness and quality of analysis.
• Develop and maintain standardised investigation checklists, workflows, and playbooks.
• Conduct regular case reviews and post-incident debriefs to identify gaps and drive continuous improvement.
• Mentor and coach Level 2 analysts to build investigative skills and improve threat detection capabilities.
• Ensure adherence to investigation procedures, evidence handling, and documentation standards.
• Collaborate with Threat Intelligence, Incident Response, and Engineering teams to enrich investigations.
• Recommend and implement improvements in investigation tools, techniques, and processes.
• Track investigation metrics and provide reports to SOC leadership on team performance and incident trends.
• Stay current on threat actor techniques, tools, and procedures (TTPs) to enhance investigation quality.

Please Note: -

To save you time with rejections and save our time, if you do not have experience in SOC, you will be rejected. Candidates, who will apply without any SOC experience just for the sake of applying will be blacklisted for next 10 years.