Urgent Requirement || SOC L3 & Incident Response SME (CrowdStrike SIEM) || Remote

0 views
Skip to first unread message

Rahul Pandey

unread,
11:43 AM (7 hours ago) 11:43 AM
to requirementgo...@googlegroups.com

Hello,

This is Rahul from Quantum world Technologies; I am working as Senior Technical Recruiter in this company. I have an Remote Job Opportunity with one of our clients. Please share your resume if you are interested in the job details given below

Role- SOC L3 & Incident Response SME (CrowdStrike SIEM)

Location- Remote

Job Description

 Role Summary

  • The SOC L3 & Incident Response SME is responsible for advanced threat detection, incident response, and SOC operations using CrowdStrike Falcon (SIEM, EDR/XDR). This role acts as the final escalation point (L3) for complex security incidents, leads investigations, drives containment and remediation, and continuously improves SOC detection and response capabilities.
  • The role requires deep hands‑on expertise in CrowdStrike SIEM, EDR/XDR, threat hunting, IR playbooks, and strong coordination with SOC, IT, cloud, and business stakeholders.

 

Key Responsibilities

  • SOC L3 Operations (CrowdStrike)
  • Act as L3 escalation point for complex and high‑severity security incidents.
  • Lead advanced investigations using CrowdStrike Falcon SIEM, EDR/XDR, and telemetry.
  • Perform deep analysis of alerts, logs, endpoint behavior, and attacker TTPs.
  • Validate and triage alerts to eliminate false positives and reduce alert fatigue.
  • Mentor L1/L2 analysts and provide technical guidance.

Incident Response & Threat Containment

  • Lead end‑to‑end incident response including: 
    • Detection, analysis, containment, eradication, and recovery
  • Execute response actions using CrowdStrike: 
    • Host isolation
    • Process termination
    • IOC blocking
    • Policy enforcement
  • Coordinate with IT, cloud, and application teams during incidents.
  • Drive post‑incident reviews, root cause analysis, and lessons learned.

 

Reporting, Metrics & Governance

  • Provide incident reports, executive summaries, and RCA documentation.
  • Track and report SOC KPIs including: 
    • MTTD / MTTR
    • Incident severity trends
    • Detection coverage and effectiveness
  • Support audits, tabletop exercises, and compliance reporting.

Collaboration & Stakeholder Management

  • Work closely with: 
    • SOC leadership
    • Threat intelligence teams
    • IT, Cloud, DevOps, and IAM teams
  • Act as a technical SME during major incidents and crisis management calls.
  • Support threat intel sharing and hunting initiatives.

Required Skills & Experience

Core Technical Skills

  • Strong hands‑on experience with CrowdStrike Falcon SIEM and EDR/XDR
  • Proven experience in SOC L3 / Incident Response roles
  • Deep knowledge of: 
  • Endpoint, network, and cloud attack techniques
  • MITRE ATT&CK framework
  • Malware, ransomware, and advanced persistent threats
  • Strong log analysis and investigation skills 

Security Operations Experience

  • SIEM detection engineering and tuning
  • Threat hunting and IOC analysis
  • Incident response lifecycle and forensics basics
  • Experience working in 24x7 SOC environments (rotation/on‑call) 

Certifications (Preferred)

  • CrowdStrike certifications
  • GCIA / GCIH / GCED / GCIR
  • CISSP / Security+
  • Incident Response or Threat Hunting certifications

 

Thanks & Regards

Rahul Pandey

rahul....@quantumworldit.com

Reply all
Reply to author
Forward
0 new messages