RemoteLeaf Logo
Log in Sign up

L3 SOC Analyst

2 hours, 22 minutes ago
United Kingdom
Full-time
Senior
Security Analyst
DevOps and Infrastructure
AWS Bash CrowdStrike Go Kubernetes PowerShell Python SIEM Splunk
Apply Now
Saviynt

Saviynt

Saviynt is the leading cloud identity governance platform providing access governance and intelligence solutions for critical applications on Cloud and Enterprise, ensuring operational efficiency, risk reduction, and simplified identity management.

Internet Software & Services
251-1K
Founded 2010
$170M raised
View All Jobs 42

Description

  • Act as the final technical escalation point for complex security incidents originating from L1 and L2 analysts.
  • Lead investigations into high-severity incidents across AWS, Kubernetes clusters, and hybrid environments.
  • Perform advanced forensic analysis across endpoints, cloud workloads, and network telemetry to determine root cause, impact, and remediation steps.
  • Correlate telemetry from SIEM, EDR, CSPM, and cloud-native sources to identify sophisticated attack chains.
  • Design, develop, and maintain automated response playbooks in the SOAR platform.
  • Build and maintain automation scripts in Python, Go, PowerShell, Bash, and similar languages for alert enrichment, evidence collection, and containment.
  • Integrate security platforms through APIs to support streamlined detection and response workflows.
  • Conduct proactive threat hunting across enterprise and cloud environments using intelligence-driven and hypothesis-based methods.
  • Develop and tune SIEM detections, correlation rules, and EDR queries aligned to MITRE ATT&CK and current threat intelligence.
  • Mentor L1 and L2 analysts and maintain SOC documentation such as SOPs, runbooks, and response playbooks.

Requirements

  • Must have been resident in the UK for a minimum of 5 years immediately prior to application.
  • Must be able to obtain and maintain Security Check (SC) level clearance.
  • Must provide original documentation verifying Right to Work in the UK and British citizenship during the initial interview stage.
  • Bachelor’s degree in Computer Science, Cybersecurity, or a related discipline, or equivalent industry experience.
  • Extensive experience in Security Operations with demonstrable time in a senior analyst, threat hunter, or L3 role.
  • Strong hands-on experience in cloud security monitoring and incident response, with AWS experience essential.
  • Proven scripting and automation capability using Python, Go, PowerShell, Bash, or similar tools.
  • Practical experience with SOAR platforms such as CrowdStrike Fusion SOAR and SIEM technologies such as Splunk, QRadar, Microsoft Sentinel, or CrowdStrike Falcon.
  • Deep understanding of EDR tooling, host and network forensics, and detection engineering practices.
  • Strong working knowledge of the MITRE ATT&CK framework and its application in threat detection and hunting.

Benefits

  • Full-time, permanent remote role based in the United Kingdom.
  • Opportunity to work on modern, intelligence-driven SOC operations using AI, automation, and cloud security tooling.
  • Exposure to challenging, high-impact work supporting government-related security environments.
  • Growth and learning opportunities through technically demanding work.
  • Welcoming and positive work environment.
  • Equal opportunity employer status with consideration for all qualified applicants.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Protera

GRC Analyst

Protera 251-1K IT Services

Protera Technologies is hiring a remote GRC Analyst in India to lead client-facing vulnerability management, reporting, and compliance support across cloud and enterprise environments.

India Full-time Senior Business Intelligence Analyst Security Analyst
AWS Azure Burp Suite Cybersecurity Encryption GCP Perl Power BI Python SAP Tableau
37 minutes ago
WaveStrong,

Sr. Lead Incident Response / Supervisor Level 5

WaveStrong, 51-250 Internet Software & Services

Sr. Lead Incident Response / Supervisor Level 5 professional role focused on protecting enterprise systems, data, and networks by leading complex security initiatives and improving cyber defense operations.

United States Contract Lead Security Analyst
37 minutes ago
Protera

SOC Analyst-L2

Protera 251-1K IT Services

Protera Technologies is hiring a SOC Analyst to support 24/7 cybersecurity operations for SAP-centric cloud environments through monitoring, incident response, automation, and compliance reporting.

India Full-time Mid Level Security Analyst
Cybersecurity Elasticsearch HIPAA Splunk
37 minutes ago
Freelance Latin America

IT Support Level 3

Freelance Latin America 1-10 Professional Services

Experienced IT Support Level 3 role at Freelance Latin America providing advanced escalation support for client IT environments spanning Microsoft 365, Windows Server, networking, and security operations.

Mexico Argentina Colombia El Salvador Peru Venezuela Full-time Senior Security Analyst Technical Support Engineer
Active Directory AWS Azure DHCP DNS macOS PowerShell Windows Server
1 hour, 52 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers