L3 Security Operations Centre (SOC) Analyst

L3 SOC Analyst – Remote

Location: Remote (Australia-based)

Employment Type: Full-Time

About the Role

We are looking for an experienced L3 SOC Analyst to join a fast-paced, 24x7 Security Operations Centre. This role is perfect for someone who thrives on ownership of complex security incidents, alert tuning, and ensuring consistent, high-quality incident response across the SOC.

You will be responsible for analyzing and responding to high-severity security events, optimizing SOC processes, and presenting findings to both technical and non-technical stakeholders.

Key Responsibilities

• Investigate and triage critical security alerts from detection to closure, including validation, severity assessment, containment guidance, escalation, and root cause analysis.

Interested in remote work opportunities in IT & Network Engineering? Discover IT & Network Engineering Remote Jobs featuring exclusive positions from top companies that offer flexible work arrangements.

• Determine true positive vs. false positive alerts using context enrichment, correlation across data sources, and anomaly detection.
• Tune and improve alert rules to reduce noise and improve SOC efficiency; quantify improvements such as alert reduction and MTTR.
• Lead complex security incidents (e.g., ransomware, BEC, insider threats, cloud breaches) with clear decision-making and ownership.
• Communicate major incident findings and risk impact effectively to non-technical stakeholders.
• Develop and improve SOC playbooks and decision trees, ensuring consistency in analyst decision-making.
• Maintain and follow SOPs, conduct peer reviews, and support quality assurance initiatives in the SOC.

About You

• Proven experience as a SOC Analyst (L3) in a 24x7 security operations environment.

Browse our curated collection of remote jobs across all categories and industries, featuring positions from top companies worldwide.

• Strong technical expertise in SIEM platforms, EDR, network monitoring, and incident investigation.
• Experience in tuning security alerts and improving SOC processes.
• Able to take ownership of incidents and make operational decisions under pressure.
• Excellent communication skills with the ability to present technical issues to non-technical stakeholders.
• Familiarity with developing and improving SOC playbooks and SOPs.
• Strong analytical mindset with attention to detail and process adherence.

Why Join

• Fully remote role with a collaborative SOC team.
• Opportunity to work on complex, high-impact security incidents.
• Grow your technical and leadership skills in a mature SOC environment