Title:  Senior SOC Analyst

Core Responsibilities

1. Leadership, Responsibility & Team Development

• Lead Tier 1 and Tier 2 analysts with strong technical and professional guidance.
• Demonstrate a positive, accountable attitude — taking ownership of SOC operational stability and integrity.
• Conduct training sessions and coaching to uplift team competency.
• Plan and track annual certification roadmaps for Tier 1 and Tier 2 analysts.

2. Threat Hunting & Advanced Incident Analysis

• Perform proactive threat hunting to discover unknown vulnerabilities and eliminate security gaps.
• Analyze and classify incidents based on identified attack vectors and their potential impact.
• Review all Tier 1 and Tier 2 escalations and provide daily updates to the SOC Manager and Head of SOC.
• Continuously improve SOC documentation, workflows, and operational processes.

3. SIEM/SOAR/Ticketing & Incident Response

• Oversee SIEM operations to ensure effective log correlation, alert management, and tuning.
• Manage and optimize SOAR automation workflows to improve operational efficiency.
• Ensure proper tracking, documentation, and timely closure of tickets.
• Lead complex IR engagements, coordinating with internal and external stakeholders.

4. False Positive Management

• Collaborate with Tier 2 analysts to validate false positives with evidence and investigation.
• Work with the Threat Detection Team to drive FP reduction across all MSSP customers.
• Ensure consistent execution of FP reduction strategies across all clients.

5. Threat Intelligence & Information Sharing

• Review and disseminate relevant cyber threat intelligence to all analysts.
• Keep the SOC team informed on emerging threats, TTPs, and industry developments.

6. Operational Excellence & Continuous Improvement

• Maintain oversight of SOC processes to ensure compliance, consistency, and operational integrity.
• Proactively identify gaps and recommend improvements to enhance detection and response capability.
• Track operational activities and provide daily updates to SOC leadership.
• Champion a culture of responsibility, proactiveness, and continuous improvement within the SOC.

Requirements

Essential Experience & Skills

• Extensive SOC operational experience, including threat hunting and advanced incident analysis.
• Strong technical understanding of SIEMs, threat intel platforms, and core security tools.
• Hands-on experience with SIEM/SOAR, IR workflows, and MSSP operational processes.
• Proven leadership experience, mentoring, and developing SOC talent.
• Excellent communication, documentation, and organizational skills.
• Ability to remain calm and effective during high-pressure security incidents.
• Strong analytical and problem‑solving mindset.
• Positive attitude, strong sense of ownership, and willingness to drive operational excellence.

Preferred Technical Experience

• Google Security Operations (GoogleSecOps) platform experience (highly preferred).
• Experience with Fortinet security technologies.
• Experience with Cloudflare security services.

Professional Development & Certifications

• Minimum: ECIH, GCIH, or equivalent incident handling certification.
• Preferred: CISSP, CISM, GCFA, OSCP, or other advanced certifications.
• Commitment to continuous learning and staying updated with current cybersecurity trends.
• Strong adherence to SOC playbooks, SOPs, and compliance requirements.

Work Environment & Schedule

• Primary work arrangement: Standard office hours.
• Must be willing to support shift operations during High Severity (SEV) incidents, which may include:
  • Working on-shift during critical incidents, or
  • Being on standby to provide support as needed.
• Ability to support after-hours operations when required.

Work Location: Ang Mo Kio.