SOC Analyst Level - 3
Visionary Tech ServicesUnited Arab Emirates14 hours ago
Full-timeInformation Technology
Track This Job
Add this job to your tracking list to:
- Monitor application status and updates
- Change status (Applied, Interview, Offer, etc.)
- Add personal notes and comments
- Set reminders for follow-ups
- Track your entire application journey
Save This Job
Add this job to your saved collection to:
- Access easily from your saved jobs dashboard
- Review job details later without searching again
- Compare with other saved opportunities
- Keep a collection of interesting positions
- Receive notifications about saved jobs before they expire
AI-Powered Job Summary
Get a concise overview of key job requirements, responsibilities, and qualifications in seconds.
Pro Tip: Use this feature to quickly decide if a job matches your skills before reading the full description.
Our client is a leading cybersecurity firm establishing a next-generation Security Operations Center (SOC) to deliver world-class monitoring, detection, and incident response capabilities. Built on advanced analytics, automation, and threat intelligence, this SOC is designed to serve as a central pillar of enterprise defense across diverse digital environments. The company is seeking exceptional security professionals to shape, lead, and evolve this capability into a benchmark for operational excellence and resilience.
We are seeking an experienced SOC Analyst L3 - DFIR Specialist to lead complex security investigations, major incident response, and digital forensic analysis within the Security Operations Center. This senior role is responsible for deep-dive forensic investigations, evidence collection, malware analysis, timeline reconstruction, and providing expert guidance throughout high-severity incidents.
The L3 DFIR Specialist works closely with SOC Analysts, Detection & Automation Engineers, Threat Hunters, and Threat Intelligence teams to identify root causes, reduce dwell time, and strengthen detection capabilities. This role is critical to incident containment, evidence preservation, and ensuring the organisation responds effectively to advanced threats.
Requirements
We are seeking an experienced SOC Analyst L3 - DFIR Specialist to lead complex security investigations, major incident response, and digital forensic analysis within the Security Operations Center. This senior role is responsible for deep-dive forensic investigations, evidence collection, malware analysis, timeline reconstruction, and providing expert guidance throughout high-severity incidents.
The L3 DFIR Specialist works closely with SOC Analysts, Detection & Automation Engineers, Threat Hunters, and Threat Intelligence teams to identify root causes, reduce dwell time, and strengthen detection capabilities. This role is critical to incident containment, evidence preservation, and ensuring the organisation responds effectively to advanced threats.
Requirements
- Act as the primary escalation point for complex or high-severity incidents requiring deep investigation.
- Lead digital forensics across endpoints, servers, cloud workloads, and identity platforms.
- Perform memory, disk, and log forensics using industry-standard forensic tools and methodologies.
- Conduct malware analysis (static and dynamic) to identify behaviors, capabilities, and indicators.
- Develop forensic timelines and detailed incident reports, including root cause analysis.
- Support containment and remediation activities, advising SOC Analysts and engineering teams.
- Collaborate with Detection Engineers to convert forensic findings into engineered detections.
- Provide expert input during threat hunting activities and purple-team exercises.
- Maintain evidence handling and chain-of-custody procedures in line with best practices.
- Mentor L1 and L2 Analysts on investigation techniques, forensics fundamentals, and IR workflows.
- Contribute to incident response playbooks and continuous improvement of DFIR processes.
- 5+ years of experience in incident response, forensics, SOC operations, or cyber investigation roles.
- Hands-on expertise with forensic tools and DFIR methodologies (e.g., KAPE, Velociraptor, FTK, Autopsy, Volatility).
- Strong knowledge of attacker techniques, malware behaviour, persistence mechanisms, and lateral movement.
- Proficiency with SIEM (Microsoft Sentinel preferred) and EDR platforms (Defender, CrowdStrike, Carbon Black).
- Experience performing evidence collection, artefact extraction, and forensic analysis across diverse environments.
- Strong understanding of MITRE ATT&CK, threat actor behaviours, and incident response lifecycles.
- Excellent analytical, investigative, and incident reporting skills.
- Certifications such as GCFA, GCFE, GCIH, CHFI, or equivalent are highly desirable.
- Forensic Tools: KAPE, Velociraptor, FTK, Volatility, Autopsy
- Platforms: Microsoft Sentinel, Defender, CrowdStrike
- Investigations: Malware analysis, artefact extraction, timeline reconstruction
- Frameworks: MITRE ATT&CK, NIST IR
- Processes: Evidence handling, IR lifecycle, chain of custody, RCA
- Lead the forensic and incident response capability within a modern, fast-evolving SOC.
- Work alongside advanced analysts, threat hunters, and engineering teams.
- Influence detection quality, SOC maturity, and organisational resilience.
- Access specialist training, certifications, and career advancement opportunities.
Key Skills
Ranked by relevanceReady to apply?
Join Visionary Tech Services and take your career to the next level!
Application takes less than 5 minutes