We are looking for a Cyber Security Analyst to join the Security Operations Center (SOC), responsible for security monitoring, incident investigation, and threat detection across enterprise environments. The role plays a key part in identifying, analyzing, and containing cyber threats while improving SOC detection capabilities and processes.
Key Responsibilities
- Security Monitoring & Incident Response
- Investigate and respond to medium to high severity security incidents across network, endpoint, cloud, and application environments
- Perform deep-dive analysis of alerts, logs, and telemetry to determine root cause and remediation actions
- Coordinate incident response activities with internal teams and stakeholders when required
- Ensure incidents are handled according to SOC playbooks, SLAs, and regulatory requirements
- Threat Detection & SIEM Management
- Monitor and analyze security alerts using SIEM platforms
- Tune and optimize detection rules and use cases to reduce false positives and improve detection accuracy
- Contribute to improving SOC processes, runbooks, and playbooks
- Identify opportunities to enhance SOC capabilities through automation, SOAR, and AI-driven solutions
- Provide guidance to junior analysts and support knowledge sharing within the SOC team
- Act as an escalation point for complex investigations
Requirements
- Hands-on experience with SIEM platforms (Splunk, Elasticsearch, Microsoft Sentinel, or Google SecOps)
- Strong understanding of network, endpoint, identity, and cloud security
- Experience analyzing logs from firewalls, EDR, IDS/IPS, operating systems, and cloud platforms
- Familiarity with incident response methodologies and digital forensics fundamentals
- 3-5 years of experience in Cyber Security Operations / SOC / Incident Response
- Experience handling medium to high severity incidents independently
- Experience in regulated environments (financial services, government, healthcare) is a plus
This is on an initial 12-months contract role. (Renewable)
