Pay Growth
?
out of 5
Not enough data
Not enough info to score pay or growth
SOC Tier 3 Analyst
Job
OREGON EMPLOYMENT DEPARTMENT
Portland, OR (In Person)
Full-Time
Review key factors to help you decide if the role fits your goals.
Job Security
?
out of 5
Not enough data
Calculating job security score...
Total Score
83
out of 100
Average of individual scores
Skill Insights
Compare your current skills to what this opportunity needs—we'll show you what you already have and what could strengthen your application.
Job Description
Job Listing ID:
4495550Job Title:
SOC Tier 3 AnalystApplication Deadline:
06/20/2026Job Location:
PortlandDate Posted:
05/20/2026Hours Worked Per Week:
40Shift:
Day ShiftDuration of Job:
Full Time, more than 6 months SR You may contact this employer directly. (Obtain the contact information to print or add to your jobs.) Obtain Contact Information Job Summary Everforth ECS is seeking a SOC Tier 3 Analyst to work in our Portland, OR office.Please Note:
This position is contingent upon contract award. The SOC Analyst 3 supports the organization's security operations by leading complex incident analysis, validating advanced investigative findings, coordinating technical response actions, improving detection effectiveness, and mentoring lower-tier analysts. This role is the senior technical analysis and escalation tier within the SOC Analyst role family. The ideal candidate has advanced SOC, incident response, and detection-analysis experience; understands adversary tradecraft and enterprise security architecture; and can coordinate complex technical investigations while partnering with SOC leadership, threat hunting, threat intelligence, forensics, Splunk engineering, security engineering, and program stakeholders. Key Responsibilities Advanced Incident Analysis & Escalation Leadership- Lead analysis of complex, high-impact, multi-stage, or ambiguous security incidents across enterprise systems, cloud environments, identity platforms, endpoints, networks, and applications.
- Validate incident severity, scope, attack path, affected assets, affected accounts, likely root cause, and potential operational or business impact.
- Review and resolve escalated findings from SOC Analyst 1 and SOC Analyst 2, including disputed severity, inconclusive evidence, or multi-source correlation challenges.
- Provide technical facts, risk context, and recommended response priorities to SOC leadership for major incident handling and stakeholder communication. Technical Response Coordination
- Coordinate complex containment, eradication, and recovery support with Security Engineer, Senior Engineer, system owners, incident responders, and other technical teams.
- Define evidence collection requirements and coordinate handoff to Forensics Lead or Forensics Mid when formal acquisition, preservation, chain of custody, or deep forensic analysis is required .
- Guide investigation strategy, timeline development, technical response sequencing, and escalation decisions for complex incidents.
- Maintain alignment with approved incident response plans, playbooks, evidence-handling expectations, and leadership direction. Detection Effectiveness & Analytic Improvement
- Analyze adversary behaviors, attack patterns, vulnerabilities, threat intelligence, control gaps, and recurring incident trends to improve detection and response effectiveness.
- Define analytic requirements and validate correlation rules, alert logic, dashboards, use cases, and response playbooks for operational effectiveness.