Careers
SOC Analyst L3
As a Level 3 SOC Analyst, you act as a senior defender and escalation point within our Security Operations Center (SOC). You will analyze and coordinate security events, actively participate in incident response situations and operate SOC tools to address current threats. In this role, you will mentor junior analysts, lead complex investigations, and drive continuous improvement of SOC processes. You will collaborate closely with the global SOC Team and ensure the timely and effective resolution of advanced security incidents. The role includes participation in an on-call rotation to support critical incident response outside of standard business hours.
We are looking for two (2) qualified candidates to fill this role. If you are interested in joining our growing family,
please send your CV with your updated contact information to recruitment@woyn.com.
Key Responsibilities
Advanced Security Monitoring and Incident Handling
Manage complex or escalated security incidents, performing advanced triage, correlation and investigation across multiple data sources.
Analyze and coordinate security events, ensuring accurate classification and escalation as needed.
Validate incident severity, identify root causes, and ensure timely and accurate resolution in line with SLAs.
Produce detailed documentation, incident reports, and actionable recommendations to strengthen security controls and response processes.
Participate in the SOC on-call duty rotation, responding to high-severity security incidents and escalations as required.
Incident Response Leadership
Lead containment, remediation, and follow-up actions during major security incidents.
Support post-incident reviews and identify lessons learned and implement process improvements.
SOC Operations and Process Improvement
Review and improve SOC Analyst investigations, triage quality, and runbook adherence.
Contribute to refining SOC workflows, escalation paths, and operational standards.
Support the enhancement of detection rules, alert logic, and use-case coverage.
Threat Intelligence and Continuous Improvement
Stay current with emerging threats, attacker TTPs, vulnerabilities, and cybersecurity trends.
Participate in proactive threat-hunting initiatives.
Identify visibility gaps and areas for improved detection coverage.
Mentoring and Team Collaboration
Guide and support SOC Analysts in investigations, tooling, and best practices.
Share knowledge through documentation, internal training, and collaborative problem-solving.
Foster a strong, team-oriented SOC culture focused on learning, growth, and continuous improvement.
Desired Qualities
Excellent analytical, investigative and problem-solving skills.
Clear and structured communication, with strong documentation and reporting skills.
Ability to mentor SOC Analysts while contributing positively to a collaborative team environment.
Self-motivated, proactive, and able to thrive in a high-pressure, fast-paced environment.
Knowledge of the German language would be a plus
Must have the ability to thrive in a multicultural team atmosphere;
Should be able to interact with people of various nationalities and levels;
Willing to work in shifts;
Willing to work on-site in BGC.
Experience and Qualifications Required:
Educational Background:
Bachelor’s Degree in Information Technology, Cybersecurity or equivalent work experience
At least 5 years of experience in Cybersecurity Operations
Hands-on experience with key SOC technologies: SIEM, EDR/EPP, SOAR, NDR/IDS/IPS.
Experience in Microsoft, SentinelOne, and Palo Alto products and their query languages (KQL, PowerQuery) is an advantage.
Experience in the analysis and forensics of Microsoft infrastructures.
Solid understanding of incident response, threat intelligence, malware behavior and log analysis.
Knowledge in Python for automation and analysis tasks, familiarity with other scripting or programming languages is a plus.