Tier 3 Cyber Security Analyst

Coordinate and guide Tier 1 & 2 analysts while ensuring the quality of their results meets the required standards. As a Tier 3 Cyber Security Analyst, you act as a subject-matter expert in DFIR and translate complex security telemetry into actionable insights. You maintain oversight in high-pressure situations and use your attacker's mindset to resolve intricate security questions.

Practical examples

• Quality control on incident reports.
• Advising analysts from your subject-matter expertise.
• Trend analysis on alerts.

Facts & figures

• 36 hours per week.
• 1 state-of-the-art SIEM platform.
• More than 49,000 Rabobank colleagues around the world.

Top 3 responsibilities

• Executing tuning or suppression of incidents and creating detections based on threat intelligence, ensuring continuous improvement of monitoring quality.
• Serving as the trusted technical authority during high-stakes incidents, providing clarity and direction to ensure fast and coordinated response.
• Conveying incident knowledge and technical findings to produce structured, clear, and actionable incident reports for both technical and non-technical stakeholders. As part of the SOC, you dive deep into complex security questions, validate threat hypotheses, and support analysts in developing stronger detection logic. You help shape the overall threat-hunting approach while contributing to continuous improvements in incident response readiness.

• 6+ years of experience in Digital Forensics & Incident Response, including hands-on log analysis.
• Technical authority in querying and analyzing logs to unravel a cyberattack, combined with experience using SIEM tooling.
• Relevant certifications such as OSCP, GEIR, GREM, GDAT or CISSP.
• Enjoy working together and coaching others to improve themselves.
• Creativity - think like an attacker.
• Judgment & decision-making - dare to take action where needed.

• Salary: Gross monthly salary between EUR 5,876 and EUR 10,074 (scale 10) for a 40-hour work week.
• Extras: a thirteenth month, 8% holiday allowance, and a 10% Employee Benefit Budget.
• Development budget: EUR 1,400 development budget per year for your growth and development.
• Hybrid working: a balance between home and office work (possible for most roles).
• Pension: decide for yourself the amount of your personal contribution.

Calculate your salary right away? Use our Or view all our benefits.

Making impact by assessing and responding to security alerts that indicate a risk for Rabobank.

Together we achieve more than alone We believe in the power of difference. Bringing together people's unique perspectives makes us a better bank. We are curious to learn what you will bring to our Security Operations team. 'The SOC is a group of open-minded people with different backgrounds that are united by their passion for cyber security and their drive to solve complex cases. There's a real team spirit when responding to incidents and performing investigations together on a daily basis.' Connor Dillon, Product Owner. The 30 people in Security Operations (SOC) deliver security monitoring, incident response, digital forensics and threat-hunting services. Working together is the way we work; as 1 analytical team within Rabobank. Our team thrives on collaboration, continuous learning and a shared mission to keep Rabobank secure. Why Rabobank is a place for everyone At Rabobank, we believe we become stronger by embracing people who complement each other. Because we welcome differences, we bring out the best in each other. We seek diversity in expertise, skills, background and culture. Every department strives for inclusivity and the space for you to be yourself.