As a Cybersecurity SOC (Security Operations Center) Operations Analyst, you will be responsible for monitoring, detecting, and responding to security incidents within the organization's IT environment. You will play a crucial role in maintaining the security posture of the organization by identifying and mitigating potential threats and vulnerabilities. This position requires a strong understanding of cybersecurity principles, technologies, and incident response procedures. Additionally, as a senior-level analyst, you should be able to independently take ownership of all aspects of cyber operations functions with minimal guidance from your manager.
JOB RESPONSIBILITIES:
1. Security Monitoring and Incident Detection:
Monitor security alerts, logs, and event data from various sources, such as SIEM (Security Information and Event Management) systems, intrusion detection systems (IDS), and firewalls, to identify potential security incidents.
Analyze network traffic, system logs, and other relevant data to detect unauthorized access attempts, malware infections, or other suspicious activities.
Investigate and triage security events, classify incidents, and escalate critical issues to the appropriate teams for further analysis and response.
Analyze user reported emails.
2. Initial Incident Response and Investigation:
Respond to security incidents in a timely and effective manner, following established incident response procedures and playbooks.
Conduct detailed analysis and investigation of security incidents, determining the root cause, extent of compromise, and impact on the organization's systems and data.
Collaborate with incident response teams to contain and mitigate security incidents, minimize the impact, and restore normal operations.
3. Threat Intelligence and Research:
Stay updated on the latest cybersecurity threats, vulnerabilities, and attack techniques through research, threat intelligence feeds, and industry reports.
Analyze threat intelligence data to identify emerging threats, indicators of compromise (IOCs), and potential vulnerabilities that may affect the organization's systems.
Leverage threat intelligence insights to proactively improve security controls, detect advanced threats, and strengthen the organization's security posture.
4. Security Incident Reporting and Documentation:
Prepare accurate and comprehensive incident reports, documenting incident details, analysis findings, response actions taken, and recommended improvements.
Maintain incident documentation, including evidence logs, incident timelines, and any other relevant information required for compliance and auditing purposes.
Collaborate with stakeholders to communicate incident updates, impact assessments, and recommended remediation strategies.
5. Thought leadership:
Lead relevant projects and act as a resource for colleagues with less experience
6. Other task:
Handle internal tickets under Cybersecurity responsibility.
Read and follow the Underwriters Laboratories Code of Conduct and follow all physical and digital security practices.
1-2+ years' experience working in security operations center
College degree preferred
Experience working with end point protection tools, case management/ticketing tools.
Strong understanding and usage of SIEM, EDR, O365 Ecosystem & Ticketing system.
Ability to document and create runbooks and generate reports
At least one relevant security certifications highly required
The schedule may change based on team requirements and operational needs.
Perform other duties as directed
Copyright © 2026 Grabjobs Pte.Ltd. All Rights Reserved.