Tier 3 SOC analysts are threat hunters, working proactively to seek out weaknesses and stealthy attackers, conducting penetration tests, and reviewing vulnerability assessments. Some Tier 3 analysts focus more on doing deep dives into datasets to understand what's happening during and after attack.
- Explores ways to identify relevant stealthy threats using the latest threat intelligence.
- Conducts vulnerability assessments penetration tests on production systems to validate resiliency and identify areas of weakness to fix.
- Recommends optimization of security monitoring tools based on threat hunting discoveries.
- Provide support to Tier 2 Analyst, when necessary and on issues escalated from SOC Manager
Skills & Qualifications
Similar to Tier 2 analyst but with even more experience including high-level incidents. Experience with penetration testing tools and cross-organization data visualization. Has specialized knowledge of malware reverse engineering, experience identifying and developing responses to new threats and attack patterns.