Role Overview
The L3 Threat Analyst leads complex incident response and advanced threat investigations , owning incidents end-to-end while guiding L1/L2 analysts. This role combines deep technical expertise, adversary understanding, and detection engineering to strengthen the organization’s overall security posture.
Key Responsibilities
Advanced Incident Response Leadership
Lead high-severity and complex incident s (multi-stage attacks, APTs, lateral movement, data exfiltration)
Own end-to-end response: detection → investigation → containment → eradication → recovery
Act as the technical decision-make r during active incidents
Deep Threat Investigation
Perform advanced analysis across.
Endpoint telemetry, memory artifacts, disk forensics
Network traffic (PCAP, NDR)
Identity and cloud logs
Reconstruct full attack chains and identif y root cause + blast radius
Handl e fileless malware, living-off-the-land (Lot L), and stealthy persistence techniques...