Job Description

This is a remote position.

The SOC Tier 3 Analyst serves as the senior technical authority within the Security Operations Center and provides advanced incident response, threat hunting, detection engineering, and cyber defense leadership.

This position is responsible for leading investigations involving sophisticated threats, advanced persistent threats, nation-state activity, ransomware campaigns, and complex enterprise compromises. The Tier 3 Analyst develops investigative strategies, identifies root causes, and provides expert guidance during major incidents.

The analyst works closely with incident responders, forensic specialists, engineers, executive leadership, and external partners to coordinate enterprise-level response efforts. The position also drives continuous improvement initiatives across SOC operations, threat detection capabilities, and incident response procedures.

The Tier 3 Analyst frequently mentors junior analysts and serves as the escalation point for the most technically challenging investigations.

The SOC Tier 3is responsible for proactively identifying, investigating, and mitigating advanced cyber threats that may evade traditional security controls.

This position conducts hypothesis-driven threat hunting activities across networks, endpoints, cloud environments, and identity systems to uncover malicious activity before it impacts organizational operations. 

Requirements

Required Skills and Qualifications

Candidates must possess expert-level knowledge of enterprise security operations, attack methodologies, threat intelligence, detection engineering, digital forensics, and incident response.

The candidate should demonstrate extensive experience investigating advanced threats across enterprise environments, cloud platforms, identity systems, and network infrastructures. Strong expertise in threat hunting, malware analysis, adversary emulation, attack chain analysis, and detection development is required.

The position requires exceptional analytical skills and the ability to solve highly complex cybersecurity problems with limited information. Candidates should have deep familiarity with MITRE ATT&CK, cyber kill chain methodologies, threat intelligence frameworks, and enterprise security architectures.

Typical certifications include CISSP, GCFA, GREM, GCTI, GCIA, GCIH, or equivalent advanced cybersecurity certifications.

The candidate must have a minimum of Secrete Clearance . 

Benefits

At Defianx, we believe that great people build great outcomes. We are committed to supporting our employees with a competitive benefits package designed to promote health, professional growth, work-life balance, and long-term career success. Eligible employees have access to medical benefits, paid time off, paid holidays, professional development opportunities, certification support, and flexible work arrangements based on customer and operational requirements.

As a growing cybersecurity company, we invest in our team by fostering a collaborative culture that values continuous learning, innovation, and excellence. Employees are encouraged to expand their technical expertise, pursue industry certifications, contribute to mission-critical initiatives, and grow their careers alongside the company's success. Defianx is committed to creating an environment where talented professionals can thrive while delivering exceptional value to our customers.

Job Tags

Similar Jobs