Senior SOC Analyst (L3)

Job Description:

Senior SOC Analyst (L3)

Collaborate with Innovative 3Mers Around the World

Choosing where to start and grow your career has a major impact on your professional and personal life, so it’s equally important you know that the company that you choose to work at, and its leaders, will support and guide you. With a wide variety of people, global locations, technologies and products, 3M is a place where you can collaborate with other curious, creative 3Mers.

This position provides an opportunity to transition from other private, public, government or military experience to a 3M career.

The Impact You Will Make in this Role

The L3 Security Analyst serves as a senior member of the Cyber Defense Organization, responsible for leading complex investigations, responding to high-severity incidents, and mentoring junior analysts. This role requires deep technical expertise, strong analytical skills, and the ability to think like an adversary. The L3 Analyst acts as a bridge between tactical operations and strategic defense, playing a key role in threat detection, incident response, and continuous improvement of security operations.

Key Responsibilities:

Management

• Provide mentorship and technical oversight to L2 analysts and MSSP-led supporting staff, reviewing investigations and guiding escalation decisions.
• Lead incident response efforts for high-severity events, coordinating across teams to ensure effective containment and remediation.
• Contribute to the development and refinement of SOC processes, playbooks, and escalation protocols.
• Participate in hiring, onboarding, and training activities to build a high-performing SOC team.

Technical

• Conduct advanced investigations of security alerts and incidents, including malware analysis, lateral movement, and data exfiltration.
• Perform threat hunting using hypothesis-driven approaches and threat intelligence to uncover hidden threats.
• Develop and tune detection rules, correlation logic, and behavioral analytics across SIEM, EDR, and cloud platforms.
• Analyze attacker TTPs and translate them into actionable detections using frameworks such as MITRE ATT&CK and the Cyber Kill Chain.
• Lead forensic investigations, including memory, disk, and network analysis, to support incident response and legal requirements.
• Collaborate with detection engineering and threat intelligence teams to improve detection coverage and response workflows.

Organizational

• Serve as a key point of contact during major incidents, providing technical updates and risk assessments to leadership and stakeholders.
• Document investigation findings, incident timelines, and lessons learned in a clear and structured format.
• Support compliance and audit efforts by ensuring incident handling aligns with regulatory and policy requirements.
• Collaborate with IT, OT, and business units to ensure visibility and response capabilities across all environments.
• Contribute to SOC maturity assessments and strategic planning to enhance the organization’s cyber defense posture.

Your Skills and Expertise

To set you up for success in this role from day one, 3M requires (at a minimum) the following qualifications:

• Bachelor’s degree in Cybersecurity, Information Technology, or Computer Science (completed and verified prior to start)
• Five (5) years of experience in a SOC or cybersecurity operations role, with at least 2 years in a senior or L3 capacity in a private, public, government or military environment

Additional qualifications that could help you succeed even further in this role include:

• Proficiency in SIEM (e.g., Splunk, Sentinel), EDR (e.g., CrowdStrike, Carbon Black), and forensic tools.
• Strong understanding of Windows, Linux, and cloud environments (AWS, Azure, GCP) from a security perspective.
• Experience with scripting or automation (e.g., Python, PowerShell) is a plus.
• Familiarity with threat intelligence platforms, malware analysis tools, and adversary simulation frameworks.
• Industry certifications such as GCIA, GCIH, GCFA, OSCP, or equivalent are highly desirable.
• Excellent communication skills, with the ability to convey complex technical issues to both technical and non-technical audiences.

• Senior-level expertise in leading complex investigations and responding to advanced cyber threats
• Skilled in malware analysis, threat hunting, and forensic investigations across diverse environments
• Proficient in developing detection logic and tuning analytics to identify sophisticated attacker behaviors
• Strong understanding of adversary TTPs and frameworks like MITRE ATT&CK and Cyber Kill Chain
• Effective mentor and technical leader for junior analysts, fostering a culture of excellence in the SOC
• Experienced in coordinating incident response efforts and communicating findings to stakeholders
• Committed to continuous improvement of SOC processes, playbooks, and detection capabilities
• Strategic thinker with the ability to assess risk, lead under pressure, and drive operational maturity

Work location: On site in Austin TX

Travel: May include up to 10% domestic and international

Relocation Assistance: Is Authorized

Must be legally authorized to work in country of employment without sponsorship for employment visa status (e.g., H1B status).

Supporting Your Well-being 

3M offers many programs to help you live your best life – both physically and financially. To ensure competitive pay and benefits, 3M regularly benchmarks with other companies that are comparable in size and scope. 

Chat with Max

For assistance with searching through our current job openings or for more information about all things 3M, visit Max, our virtual recruiting assistant on 3M.com/careers

Applicable to US Applicants Only:The expected compensation range for this position is $188,251 - $230,084, which includes base pay plus variable incentive pay, if eligible. This range represents a good faith estimate for this position. The specific compensation offered to a candidate may vary based on factors including, but not limited to, the candidate’s relevant knowledge, training, skills, work location, and/or experience. In addition, this position may be eligible for a range of benefits (e.g., Medical, Dental & Vision, Health Savings Accounts, Health Care & Dependent Care Flexible Spending Accounts, Disability Benefits, Life Insurance, Voluntary Benefits, Paid Absences and Retirement Benefits, etc.). Additional information is available at: https://www.3m.com/3M/en_US/careers-us/working-at-3m/benefits/.

Good Faith Posting Date Range 07/16/2025 To 08/15/2025 Or until filled

All US-based 3M full time employees will need to sign an employee agreement as a condition of employment with 3M. This agreement lays out key terms on using 3M Confidential Information and Trade Secrets. It also has provisions discussing conflicts of interest and how inventions are assigned. Employees that are Job Grade 7 or equivalent and above may also have obligations to not compete against 3M or solicit its employees or customers, both during their employment, and for a period after they leave 3M.

Learn more about 3M’s creative solutions to the world’s problems at www.3M.com or on Instagram, Facebook, and LinkedIn @3M.

Responsibilities of this position include that corporate policies, procedures and security standards are complied with while performing assigned duties.

Safety is a core value at 3M. All employees are expected to contribute to a strong EHS culture by following safety policies, identifying hazards, and engaging in continuous improvement.

Pay & Benefits Overview: https://www.3m.com/3M/en_US/careers-us/working-at-3m/benefits/

3M does not discriminate in hiring or employment on the basis of race, color, sex, national origin, religion, age, disability, veteran status, or any other characteristic protected by applicable law.

Please note: your application may not be considered if you do not provide your education and work history, either by: 1) uploading a resume, or 2) entering the information into the application fields directly.

3M Global Terms of Use and Privacy Statement

Carefully read these Terms of Use before using this website. Your access to and use of this website and application for a job at 3M are conditioned on your acceptance and compliance with these terms.

Please access the linked document by clicking here, select the country where you are applying for employment, and review. Before submitting your application, you will be asked to confirm your agreement with the terms.