SOC Analyst

Cyber Security Analyst – Security Operations Centre (SOC)

We are seeking a motivated and dedicated Cyber Security Analyst to join our 24/7 Security Operations Centre (SOC). The successful candidate will focus on continuous monitoring of security events, initial incident response, and vulnerability management. Ideal candidates have 1–2 years of experience in cybersecurity, a basic understanding of networking and IT domains, and a keen interest in continuous learning and professional growth.

Key Responsibilities

Monitoring & Triage

Continuously monitor security events and alerts using SIEM tools and security technologies. Perform initial triage of incidents and escalate to Tier 2 or Tier 3 analysts as necessary.

Threat Analysis

Conduct basic analysis to identify and mitigate potential security threats and maintain detailed records of all actions taken.

Advisory Management

Review and act upon cyber advisories from government sources. Verify requirements, check internal inventory, and communicate with system owners to confirm tool usage.

Administrative Diligence

Maintain organized SharePoint records and advisory logs to ensure all inquiries are tracked and to prevent redundant work.

Operational Health

Perform regular health checks on SOC systems to ensure they are functioning correctly.

Shift Coordination

Participate in 24/7 shift rotations and manage Handover/Takeover (HOTO) communications to keep the entire team synchronized.

Incident Support

Provide incident response phone support following established SOPs, workflows, and instructions.

Vulnerability Management

Support vulnerability assessments and remediation efforts to improve the organization's security posture.

Professional Development

Stay current with the latest cybersecurity trends, threats, and best practices to support continuous learning.

Qualifications

Educational Background

Relevant certifications such as CISSP, CISM, CEH, CompTIA Security+, or SANS/GIAC are highly preferred.

Experience

• 1–2 years of experience in cybersecurity, with a primary focus on incident detection and response.
• Foundational experience working with Security Information and Event Management (SIEM) systems and tools.

Technical Skills

• Security & Networking: Basic understanding of security technologies, network security principles, and various IT domains.
• Vulnerability Management: Knowledge of vulnerability assessment, management, and mitigation techniques.
• Advisory Interpretation: Ability to accurately read, interpret, and act upon cyber advisories from government sources.
• Scripting & Automation: Knowledge and skills in scripting and automation to streamline security tasks and workflows.
• Endpoint Security: Experience in managing and securing endpoints against potential threats.

Analytical and Problem-Solving Skills

• Threat Analysis: Strong analytical skills to effectively identify, assess, and mitigate security threats.
• Problem Solving: Excellent problem-solving abilities to address and resolve complex security issues.

Communication and Training Skills

• Communication: Ability to convey complex security information clearly and effectively to diverse stakeholders.
• Continuous Improvement: Willingness to participate in and conduct training programs to support team development and professional growth.

Adaptability and Continuous Learning

• Industry Awareness: Strong commitment to staying current with evolving cybersecurity trends and technological advancements.
• Professional Motivation: High level of motivation to learn, adapt, and grow within the cybersecurity field.

Attention to Detail and Collaborative Skills

• Attention to Detail: Keen observation skills to detect and identify subtle or sophisticated security threats.
• Team Collaboration: Ability to work effectively and collaboratively within a team-oriented environment.

Desired Technical Skills

• SIEM Proficiency: Skilled in utilizing SIEM platforms such as IBM QRadar or Splunk for security event monitoring and log analysis.
• Network Security: Practical experience with network security technologies, including Fortinet and Palo Alto firewalls.
• Security Automation: Familiarity with automation tools and orchestration platforms, specifically Palo Alto XSOAR.
• ITSM Knowledge: Understanding of IT Service Management (ITSM) workflows and tools, such as ServiceNow.
• System Administration: Foundational knowledge of Windows and Linux operating systems within an enterprise environment.
• Scripting & Automation: Basic proficiency in scripting to automate repetitive security tasks and improve efficiency.
• Advisory Interpretation: Ability to comprehend and execute technical actions based on cybersecurity advisories.

Work location: Changi Airport