SOC Analyst L2 (L3)
A global cybersecurity software company, simplifying protecting data and applications in private, public, and hybrid cloud environments. Headquartered in the U.S., operating for more than 10 years, with the offices in the U.S. and Europe.
We are seeking for a mature, confident and driven SOC analyst as the first hire in Singapore to join a global team covering all time zones. Depending on the skills level, the role is for L2 or L3, pptentially L2 eager to move towards L3.
The work environment may be either at home or from a centrally located third-party office.
Monitor, investigate, analyze, and remediate or escalate indications of compromised or breached systems and applications.
Work closely with both technical and non-technical customers through the incident response process.
Promptly respond to inquiries, advising customers on security best practices.
Advanced use of a large-scale multi-tenant SIEM and SOAR environment.
Maintain knowledge of current and emerging cyber threats; grow relationships with other incident response professionals, industry partners and vendors.
Analyze threats for unique indicators of compromise; work with fellow SOC team members to create countermeasures to aid in future prevention and detection of cyber threat activity.
If the candidate is capable to join as L3, the additional responsibilities are:
Create, perform, review and deliver Incident Response playbooks and procedures.
Support the SOC as a subject matter expert in incident response, anomaly detection, orchestration and automation.
Act as a mentor to other SOC Analysts and Heroes.
- Familiar with industry standard security tools: NIDS/HIDS, NIPS/HIPS, WAF, NGFW, AV, FIM, EDR, SIEM and SOAR.
- Critical thinker who can analyze and identify basic indicators of compromise on hosts and applications.
- 7+ years direct job-related experience, or a combination of applicable education and experience to meet the requirements of the position.
- Excellent communication (oral and written), interpersonal, organizational, and presentation skills.
- Able to perform basic forensic analysis and live triage of hosts to include examining running processes, network connections, system logs, file system activity, and more for signs of anomalous behavior.
- Ability to be on-call as the escalation point for your team as necessary.
- Prior experience working directly as a security analyst required. Prior incident response experience is required.
- Fluent command of written and spoken English.