About the Role

BDO IT Consulting is seeking an experienced Cyber Security professional to join its growing Cyber Security team within the Cyber Threat Management (CTM) practice. This role operates as a Level 3 SOC Analyst and serves as the primary escalation point for complex and high-priority security incidents within a 24x7x365 Managed Detection and Response (MDR) environment.

The successful candidate will lead advanced incident investigations, improve detection capabilities, mentor junior analysts, and contribute to the continuous evolution of SOC operations, threat intelligence, and response maturity.

Key Responsibilities

• Act as the escalation authority for complex and high-priority security incidents, performing deep technical investigations and troubleshooting
• Lead incident response activities and provide expert-level analysis and recommendations
• Develop, refine, and maintain detection and response playbooks to improve SOC efficiency and effectiveness
• Tune SIEM/EDR detection rules and response workflows to adapt to emerging threats and client environments
• Oversee and enhance threat intelligence collection, analysis, and operational integration
• Lead mentorship, coaching, and training for junior SOC analysts
• Present technical findings, incident reports, and risk assessments to both technical and executive stakeholders
• Identify gaps in detection coverage, data ingestion, and security monitoring and propose improvements
• Support continuous improvement of MDR services and SOC processes
• Contribute to threat modelling and defensive strategy development for clients
• Collaborate with clients to communicate security risks and remediation guidance

Qualifications and Experience

• Bachelor’s degree in computer science, Information Security, or a related field (or equivalent experience)
• 4+ years of experience in a Security Operations Center (SOC) or IT operations environment
• Strong experience in incident response, threat detection, and security monitoring
• Hands-on experience with SIEM and EDR platforms (e.g., Microsoft Sentinel, Splunk, Microsoft Defender for Endpoint, CrowdStrike)
• Experience using SOAR tools and automated response workflows
• Strong understanding of cloud and on-prem security environments
• Experience handling end-to-end incident lifecycle (detection, investigation, escalation, remediation)
• Familiarity with cyber security frameworks and best practices
• Experience presenting technical findings to technical and non-technical stakeholders
• Exposure to threat hunting, vulnerability management, or offensive security practices

Preferred Certifications

One or more of the following:

• Microsoft Security Operations Analyst
• Microsoft Azure Fundamentals / Azure Security Engineer
• AWS Technical Essentials
• CompTIA Security+
• Certified Ethical Hacker (CEH)
• SANS certifications (GCIH, GCIA, GSEC, etc.)

Skills and Competencies

• Strong analytical and critical thinking skills
• High attention to detail in security investigations
• Strong communication and stakeholder management abilities
• Ability to lead and mentor junior team members
• Strong understanding of threat intelligence and attack methodologies
• Ability to work in high-pressure, 24/7 operational environments
• Continuous improvement mindset for security operations and detection engineering
• Strong documentation and reporting skills
• Collaborative and team-oriented approach