SOC Analyst

Overview

We are seeking a motivated and dedicated Cyber Security Analyst to join our 24/7 Security Operations Centre (SOC). The successful candidate will focus on continuous monitoring of security events, initial incident response, and vulnerability management. Ideal candidates will have 1–2 years of experience in cybersecurity, a basic understanding of networking and IT domains, and a keen interest in continuous learning and professional growth.

Responsibilities

Monitoring & Triage

• Continuously monitor security events and alerts using SIEM tools and security technologies.
• Perform initial triage of incidents and escalate to Tier 2 or Tier 3 analysts as necessary.

Threat Analysis

• Conduct basic analysis to identify and mitigate potential security threats.
• Maintain detailed records of all actions taken.

Advisory Management

• Review and act upon cyber advisories from government sources.
• Verify requirements, check internal inventory, and communicate with system owners to confirm tool usage.

Administrative Diligence

• Maintain organized SharePoint records and advisory logs to track inquiries and prevent redundant work.

Operational Health

• Perform regular health checks on SOC systems to ensure they are functioning correctly.

Shift Coordination

• Participate in 24/7 shift rotations and manage Handover/Takeover (HOTO) communications to keep the team synchronized.

Incident Support

• Provide incident response phone support following established SOPs, workflows, and instructions.

Vulnerability Management

• Support vulnerability assessments and remediation efforts to improve the organization’s security posture.

Professional Development

• Stay current with the latest cybersecurity trends, threats, and best practices to support continuous learning.

Qualifications

Educational Background

• Relevant certifications are highly preferred (e.g., CISSP, CISM, CEH, CompTIA Security+, or SANS/GIAC).

Experience

• 1–2 years of experience in cybersecurity, with a primary focus on incident detection and response.
• Foundational experience working with Security Information and Event Management (SIEM) systems and tools.

Technical Skills

• Security & Networking: Basic understanding of security technologies, network security principles, and various IT domains.
• Vulnerability Management: Knowledge of vulnerability assessment, management, and mitigation techniques.
• Advisory Interpretation: Ability to read, interpret, and act upon cyber advisories from government sources.
• Scripting & Automation: Knowledge and skills in scripting and automation to streamline security tasks and workflows.
• Endpoint Security: Experience in managing and securing endpoints against potential threats.

Analytical & Problem-Solving Skills

• Threat Analysis: Strong analytical skills to identify, assess, and mitigate security threats.
• Problem Solving: Excellent problem-solving abilities to address and resolve complex security issues.

Communication & Training Skills

• Communication: Ability to convey complex security information clearly and effectively to diverse stakeholders.
• Continuous Improvement: Willingness to participate in and conduct training programs to support team development and professional growth.

Adaptability & Continuous Learning

• Industry Awareness: Strong commitment to staying current with evolving cybersecurity trends and technological advancements.
• Professional Motivation: High level of motivation to learn, adapt, and grow within the cybersecurity field.

Attention to Detail & Collaborative Skills

• Attention to Detail: Keen observation skills to detect and identify subtle or sophisticated security threats.
• Team Collaboration: Ability to work effectively and collaboratively within a team-oriented environment.

Desired Technical Skills

• SIEM Proficiency: Proficient in using SIEM platforms such as IBM QRadar or Splunk for security event monitoring and log analysis.
• Network Security: Practical experience with network security technologies, including Fortinet and Palo Alto firewalls.
• Security Automation: Familiarity with automation tools and orchestration platforms, specifically Palo Alto XSOAR.
• ITSM Knowledge: Understanding of IT Service Management (ITSM) workflows and tools, such as ServiceNow.
• System Administration: Foundational knowledge of Windows and Linux operating systems within an enterprise environment.
• Scripting & Automation: Basic proficiency in scripting to automate repetitive security tasks and improve efficiency.
• Advisory Interpretation: Ability to comprehend and execute technical actions based on cybersecurity advisories.

Work location: Changi Airport