SOC - Security Analyst (L2)

Reporting: MSS SOC Manager

Location: Southeast Asia (SEA)

Overview

Sekuro is seeking a dedicated and experienced Mid-level Cyber Security Analyst to operate within our global virtual Security Operations Centre (SOC), a 24/7/365 operation. This role involves timely detection and response to security incidents. Conducting Exploratory Threat hunts, Research, and reporting. The ideal candidate is honest, motivated, and driven, with a solid background in, threat detection, investigation, threat hunting and Security research. You should be eager to learn, contribute to new processes and playbooks, and thrive in a dynamic, high-pressure environment.

Key Responsibilities

Monitoring & Triage:

o Review and analyse alerts from SIEM platforms (e.g., Splunk, Logscale, Sentinel, or Elastic) in a timely manner.

o Perform initial assessments and triage of security anomalies, escalating issues appropriately or investigating incidents using available resources.

Incident Response & Threat Hunting:

o Execute cloud incident response procedures, with strong working knowledge of AWS and Azure environments and service logs.

o Conduct Proactive, Indicator and Exploratory threat hunting based on current threat intelligence and hypothesis development.

o Perform incident response tasks to mitigate risks and limit potential damage.

Process Improvement & Documentation:

o Review and update detection rules, process documentation, and playbooks.

o Collaborate with other teams to enhance understanding of customer environments and emerging threats.

o Identify deficiencies in monitoring systems and propose improvements.

Intelligence & Reporting:

o Analyse regular intelligence briefs to stay updated on the evolving threat landscape.

o Maintain and update dashboards, reports, and alerting mechanisms to ensure effective monitoring.

o Contribute to continuous service improvements within the SOC.

o Conduct

Skills and Experience

Technical Expertise:

o Proven experience with SIEM platforms such as Splunk, Logscale, Sentinel, or Elastic.

o Strong cloud incident response skills, specifically within AWS and Azure environments.

o Prior experience in engineering, threat detection, and threat hunting.

o Proficiency in scripting (e.g., Python, PowerShell, or similar languages) to automate tasks and analyse data.

o Minimum of 2 years experience in a Cyber Security Operation Centre.

Certifications (Preferred):

o OSCP, PNPT, EJPT, BTL2, CDSA, or SANS GCIH.

General Competencies:

o Excellent analytical skills and attention to detail.

o Ability to develop solutions to complex problems under pressure.

o Understanding of best practices in network security, security operations, systems security, policy, and incident response.

o Strong communication skills, both written and verbal.

Education:

o Tertiary education in information or cyber security and/or software development is highly desirable.

Why Join Us

At Sekuro, you will work with cutting-edge security technologies in a collaborative environment where your expertise directly contributes to safeguarding critical infrastructures. We offer continuous professional development, certification support, and opportunities for career advancement within our growing SOC team.