Vacancies at Silensec

The SOC Analyst Level 3 is a senior cybersecurity professional responsible for leading advanced security investigations, threat hunting, incident response, and mentoring SOC Level 1 and Level 2 analysts. This role requires deep expertise in security operations, forensics, threat intelligence, and security tool optimization. The Level 3 analyst also collaborates with stakeholders to improve security posture and incident response processes.

This position involves working within a Managed Security Services Provider (MSSP) environment, managing security operations for multiple clients across various industries. You will ensure compliance with Service Level Agreements (SLAs), develop security strategies, and provide expert-level incident handling and response.

Key Responsibilities:

Incident Handling & Response:

• Lead complex security investigations and incident response activities.
• Perform deep-dive forensic analysis, malware analysis, and reverse engineering of security incidents.
• Manage and coordinate incident containment, eradication, and recovery efforts. Conduct root cause analysis and post-incident reviews to improve defenses.

Threat Hunting & Intelligence:

• Conduct proactive threat hunting activities using SIEM, EDR, and other security tools.
• Develop and test hypotheses for threat scenarios based on the latest cyber threat intelligence.
• Utilize threat intelligence feeds to enhance detection capabilities and improve SOC workflows.

Security Tool Optimization & Automation:

• Fine-tune and configure SOC tools, including SIEM, EDR, IDS/IPS, SOAR, and firewalls for optimal performance.
• Develop and automate security processes using scripting (e.g., Python, PowerShell, Bash) and SOAR platforms.
• Identify gaps in security monitoring and implement improvements to enhance detection and response capabilities.

Collaboration & Escalation:

• Act as the escalation point for complex security incidents that Level 1 and Level 2 analysts cannot resolve.
• Collaborate with security architects, network engineers, and IT teams to enhance security controls.
• Work closely with threat intelligence teams to analyze and respond to emerging threats.

Reporting & Documentation:

• Maintain detailed documentation of security incidents, forensic findings, and response actions.
• Generate executive reports and present security insights to management and stakeholders.
• Improve and develop SOC playbooks, workflows, and best practices.

Security Improvement Initiatives:

• Participate in red team/blue team exercises to enhance security preparedness.
• Conduct training sessions and mentorship programs for Level 1 and Level 2 analysts.
• Drive continuous improvement of SOC processes, policies, and incident response methodologies.

SOC Operations & Shift Management:

• Provide leadership and direction during security incidents and crisis situations.
• Participate in SOC shift rotations, including nights, weekends, and holidays.
• Ensure timely response to security incidents while maintaining high-quality incident resolution.

People Skills:

• Strong leadership skills with experience mentoring and training junior analysts.
• Excellent problem-solving and decision-making abilities in high-pressure situations.
• Ability to communicate complex security concepts to both technical and non technical audiences.
• Collaborative mindset, working effectively across teams and departments.
• Strong analytical, research, and documentation skills.

Qualifications:

• Bachelor’s degree in Cybersecurity, Information Technology, or a related field (or equivalent experience).
• 4+ years of experience in security operations, incident response, and cybersecurity analysis.
• Strong understanding of cybersecurity frameworks (MITRE ATT&CK, NIST, ISO 27001).
• Hands-on experience with SIEM, EDR, IDS/IPS, and other security tools.
• Proficiency in scripting languages (Python, PowerShell, Bash) for automation and tool integration.
• Deep knowledge of network security, threat intelligence, digital forensics, and malware analysis.

go to method of application »

We are seeking a skilled and passionate Blue Team Content Creator with hands-on experience working in a Security Operations Center (SOC). The ideal candidate will be responsible for both SOC operations anontent creation, developing immersive defensive exercises within virtual environments.

This role involves simulating real-world threats, designing practical assessments, and creating engaging training content focused on incident response, threat hunting, vulnerability management, and security tooling (SIEM/EDR/IDS).

Key Responsibilities:

• Design attack scenarios mirroring Tactics, Techniques, and Procedures (TTPs) of advanced adversaries.
• Assist in SOC operations as needed and contribute to the enhancement of processes and functions within the SOC.
• Develop and maintain virtual labs with built-in vulnerabilities, logs, and defensive tools (e.g., ELK Stack, Wazuh, Wireshark, Velociraptor).
• Create hands-on exercises and assessments aligned with industry frameworks such as NIST NICE, MITRE ATT&CK, and CIS Controls.
• Develop training material that enhances Blue Team skills, including log analysis, forensics, network monitoring, and security hardening.
• Collaborate with SOC teams, cybersecurity researchers, and instructional designers to ensure engaging and realistic training experiences.
• Stay up to date with emerging threats, security tools, and industry best practices to enhance training content.

Requirements:

• Hands-on experience working in a Security Operations Center (SOC) with a focus on threat detection, response, and mitigation.
• Proven experience in cybersecurity content creation, including cyber labs and threat simulations.
• Strong Blue Team skills, including log analysis, forensic investigation, network monitoring, and system hardening.
• Hands-on experience with security tools, including SIEMs, EDR solutions, IDS/IPS, and forensic utilities.
• Knowledge of adversary TTPs and experience in developing threat simulation exercises.

Qualifications:

• Bachelor's degree in Cybersecurity, Information Technology, or related field, or equivalent work experience.
• 2-4 years of experience in a security operations or similar role.
• Familiarity with virtualization technologies (OpenStack, Docker, VMware).
• Experience in malware reverse engineering, digital forensics, or red teaming techniques.
• Background in cybersecurity education/training roles.