A leading organization is seeking an experienced
Senior Security Analyst to join its Security Operations Centre (SOC) team in the Philippines. This role combines hands-on cybersecurity operations with shift leadership responsibilities, ensuring effective monitoring, triage, and response to security events in a 24/7 environment.
The successful candidate will act as a shift lead, overseeing daily SOC activities, supporting junior analysts, and ensuring timely escalation and resolution of security incidents.
Key Responsibilities
SOC Operations & Incident Handling
- Monitor and investigate security alerts using a range of tools (e.g., SIEM, email security platforms, endpoint detection and response, and cloud security solutions)
- Perform initial triage and analysis of security events using logs and alerts from multiple sources
- Escalate complex or high-risk incidents to higher-tier analysts or incident response teams
- Provide initial findings and recommendations to support deeper investigation and remediation
- Identify and help suppress false positives while highlighting genuine threats
Shift Leadership
- Act as the designated shift lead for SOC operations
- Coordinate and oversee the activities of analysts during assigned shifts
- Provide guidance, direction, and support to ensure adherence to processes and procedures
- Facilitate effective communication within the team to maintain operational efficiency
- Ensure proper incident handling, documentation, and escalation during the shift
Threat Intelligence & Reporting
- Support basic threat intelligence activities, including research and analysis of emerging threats
- Gather and analyze data from multiple sources to identify risks and vulnerabilities
- Prepare reports summarizing findings, trends, and recommendations
- Contribute insights on the effectiveness of security tools, processes, and incident response practices
Additional Responsibilities
- Participate in ongoing security initiatives, projects, and process improvements
- Perform ad-hoc tasks aligned with team objectives and organizational priorities
Required Qualifications
Education
- Degree in Cybersecurity, Information Technology, or a related field, or equivalent practical experience
Experience
- At least 3 years of experience in a Security Operations Centre (SOC) or similar environment
- Proven hands-on experience with:
- Security monitoring tools (e.g., SIEM, EDR, email security, cloud security tools)
- Incident detection, triage, and response processes
- Threat analysis and investigation
- Experience in leading or managing a team, preferably within a SOC or cybersecurity function
- Demonstrated ability to coordinate team activities and support shift-based operations
Preferred Qualifications
- Industry certifications such as CISSP, CISM, or CEH are advantageous
Technical Knowledge
- Understanding of attacker techniques, tactics, and procedures (TTPs)
- Familiarity with threat intelligence practices and tools
- Knowledge of security frameworks, standards, and regulatory considerations
- Experience working with SIEM platforms and log analysis
Skills & Competencies
- Strong leadership and team coordination skills
- Ability to make sound decisions in high-pressure situations
- Solid analytical and problem-solving capabilities
- Effective communication and collaboration skills
- Proficiency in security tools and incident response workflows
- Ability to manage shift-based responsibilities in a 24/7 environment
Work Environment
- Operates within a 24/7 Security Operations Centre setup
- Requires participation in shift rotations, including leadership responsibilities during assigned shifts
Mandatory Requirements (Non-Negotiable)
- Hands-on experience using multiple security tools (e.g., SIEM, email triage, cloud security, EDR) to investigate suspicious activities
- Minimum of 3 years of SOC or equivalent experience
- Strong background in security monitoring, incident response, and threat analysis
- Prior experience in leading or managing a team within a SOC or cybersecurity environment
