SOC L3 Security Analyst

About Atos Group

Atos Group is a global leader in digital transformation with c. 56,000 employees and annual revenue of c. €7.2 billion (at the go-forward perimeter), operating in 54 countries under two brands - Atos for services and Eviden for products and systems. European number one in cybersecurity and a leader in cloud, Atos Group is committed to a secure and decarbonized future and provides tailored AI-powered, end-to-end solutions for all industries. Atos Group is the brand under which Atos SE (Societas Europaea) operates. Atos SE listed on Euronext Paris.

The purpose of Atos Group is to help design the future of the information space. Its expertise and services support the development of knowledge, education and research in a multicultural approach and contribute to the development of scientific and technological excellence. Across the world, the Group enables its customers and employees, and members of societies at large to live, work and develop sustainably, in a safe and secure information space.

The SOC L3 Security Analyst is responsible for handling advanced security incidents, threat hunting, detection engineering, malware analysis, and improving the overall security monitoring capability of the organization. This role acts as the highest technical escalation point for SOC investigations and supports incident response, security automation, and proactive threat detection. Key Responsibilities Perform advanced investigation of complex security incidents and cyber threats. Lead threat hunting activities using SIEM, EDR, NDR, and threat intelligence platforms. Conduct root cause analysis (RCA) for security incidents. Develop and fine-tune detection rules, use cases, and correlation logic in SIEM. Analyze malware, phishing, ransomware, and advanced persistent threats (APT). Support incident containment, eradication, and recovery activities. Perform digital forensics and log analysis across multiple security platforms. Create and improve SOC runbooks, playbooks, and SOPs. Integrate threat intelligence feeds and map detections with MITRE ATT&CK. Automate repetitive SOC tasks using SOAR / scripting (Python, PowerShell, Bash). Mentor SOC L1/L2 analysts and act as technical escalation lead. Work with IT, network, cloud, and security engineering teams on remediation. Prepare incident reports, dashboards, and security recommendations for management. Required Technical Skills Strong hands-on experience in SIEM: Splunk, QRadar, Microsoft Sentinel, ArcSight Experience in EDR/XDR: CrowdStrike, Defender, SentinelOne Knowledge of NDR: ExtraHop, Darktrace, Corelight, Vectra Threat Hunting & Detection Engineering Incident Response & Digital Forensics Malware Analysis / IOC / IOA investigation MITRE ATT&CK Framework Threat Intelligence Platforms (MISP, OTX, VirusTotal, Recorded Future) Cloud Security monitoring (AWS / Azure / GCP) SOAR tools (XSOAR, Splunk SOAR, Sentinel Logic Apps) Scripting: Python / PowerShell / Bash Firewall / IDS / IPS / WAF / Proxy log analysis Strong knowledge of TCP/IP, DNS, Active Directory, Windows & Linux security

Here at Atos, diversity and inclusion are embedded in our DNA. Read more about our commitment to a fair work environment for all.

Atos is a recognized leader in its industry across Environment, Social and Governance (ESG) criteria. Find out more on our CSR commitment.

Choose your future. Choose Atos.