L3 SOC Analyst / Incident Response Analyst

About the role

About ProArch: At ProArch, we partner with businesses around the world to turn big ideas into better outcomes through IT services that span cybersecurity, cloud, data, AI, and app development. We're 400+ team members strong across 3 countries (we call ourselves ProArchians)-and here's what connects us all: A love for solving real business problems A belief in doing what's right What's it like to work here? You'll keep growing. You'll work alongside domain experts who love to share what they know. You'll be supported, heard, and trusted to make an impact. You'll take on projects that touch industries, communities, and lives. You'll have the time to focus on what matters most in your life outside of work. At ProArch, you'll be part of teams that design and deliver technology solutions solving real business challenges for our clients. With services spanning AI, Data, Application Development, Cybersecurity, Cloud & Infrastructure, and Industry Solutions, your work may involve building intelligent applications, securing business‑critical systems, or supporting cloud migrations and infrastructure modernization. Every role here contributes to shaping outcomes for global clients and driving meaningful impact. You'll collaborate with experts across data, AI, engineering, cloud, cybersecurity, and infrastructure-solving complex problems with creativity, precision, and purpose. You'll join a culture rooted in technology, curiosity, and continuous learning. A place where we move fast, trust you to make an impact, encourage innovation, and support your growth. About Position: At ProArch, a leader in IT security consulting with presence in the US, UK, and India, we are looking for a skilled L3 SOC Analyst / Incident Response Analyst to join our Security Operations Center (SOC) team. In this critical role, you will be responsible for advanced incident detection, investigation, and response to complex cybersecurity threats. Leveraging your extensive experience and expertise, you will lead incident response activities, perform deep-dive analysis, and coordinate with cross-functional teams to mitigate risks and strengthen our security posture. If you thrive in a dynamic, fast-paced environment and are passionate about defending organizations against sophisticated cyber threats, this position is ideal for you.Role Summary ProArch are seeking a highly skilled and technically strong L3 SOC Analyst / Incident Response Analyst to operate within a Managed Security Services Provider (MSSP) environment, supporting multiple customer environments across diverse industries. This role is heavily focused on: Incident Response Threat Investigation Detection Engineering DFIR Operations SOC Automation Threat Hunting Security Platform Engineering Response Workflow Optimization The ideal candidate combines strong incident response expertise, deep Microsoft security platform knowledge, hands-on detection engineering capability, and SOC automation experience within a fast-paced MSSP environment. This is not a traditional alert-monitoring SOC Analyst role. The position requires strong investigative, analytical, and response-oriented cybersecurity capabilities. Key Responsibilities 1. Incident Response & Threat Investigation - Lead and support advanced security incident investigations across multiple customer environments Perform: Threat triage and validation IOC analysis and threat correlation Endpoint and identity investigations Email security investigations Cloud security incident analysis Root cause analysis Investigate and respond to: Account compromise incidents Business Email Compromise (BEC) Malware and ransomware activity Privilege escalation Lateral movement activity Suspicious cloud and identity-based attacks Advanced phishing and social engineering campaigns Coordinate containment, remediation, and recovery activities with customer and internal teams Support high-severity incident escalation handling and response coordination Provide detailed investigation findings, timelines, impact assessments, and response recommendations Conduct proactive threat hunting and threat validation activities where required Support digital forensics and evidence collection activities when applicable 2. Detection Engineering & SIEM Operations Design, develop, and maintain advanced detection rules across: Microsoft Sentinel Microsoft Defender XDR Develop and optimize: KQL queries Analytics rules Correlation logic Detection use cases Perform: Detection tuning False positive reduction Behavioral baselining Threat-based detection improvements Build and maintain reusable detection content and query libraries Support proactive detection engineering initiatives aligned with emerging threats and attacker techniques Leverage threat intelligence and MITRE ATT&CK mapping to improve detection coverage 3. SOC Automation & SOAR Engineering Design and implement SOC automation workflows using: Microsoft Sentinel Playbooks Logic Apps SOAR platforms API-driven integrations

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at ProArch? Share your experience