Job description
Description
As a SecOps Analyst, you will be at the forefront of our organization’s defense against cyber threats. Your primary role will be to detect, monitor, analyze, and respond to security events, leveraging advanced tools and techniques to detect and mitigate risks. This role is instrumental in ensuring the security and resilience of our infrastructure environment by focusing on threat detection, intelligence, and response capabilities.
Responsibilities
Alert Triage & Investigation: Serve as the primary responder for security alerts escalated by our SOAR platform across our SIEM (Splunk) and application logging hubs.
Incident Response: Lead the initial response to security incidents, including containment, alerting, and escalation
Threat Monitoring: Continuously monitor security systems, networks, endpoints, and products using SIEM, and other infosec tools to detect anomalies and threats
Phishing & User Defense: Manage the abuse mailbox, analyze suspicious emails, execute takedowns.
Detection Tuning Loop: Partner directly with the Detection & Automation Engineer to identify False Positives, refine SIEM queries, and suggest logic improvements for SOAR playbooks.
Reporting & Dashboards: Create detailed reports on SOC activities and incidents, and create Infosec dashboards & Metrics
On-Call Rotation: Participate in the rotating on-call schedule to provide escalation support for our NOC during critical off-hours incidents.
Requirements
1-2 years of experience in a SOC, IT, threat analysis, IR, or related role
Familiarity with SIEM tools
Deep understanding of common attack vectors, MITRE ATT&CK framework, and enterprise security tools (EDR, Identity Providers, SASE/Firewalls).
Strong understanding of log collection and analysis data
Familiarity with threat intelligence platforms, IOC feeds, and OSINT techniques
Strong analytical and critical-thinking skills for effective incident analysis
Ability to work independently and collaboratively in a fast-paced environment
Excellent written and verbal communication skills for documentation and reporting in English
Experience operating within a SOAR-driven environment - advantage
Familiarity with investigating cloud-native threats (AWS CloudTrail, IAM anomalies) - advantage
Certification in the cyber security field - an advantage
Is this role relevant for you?