Tier3 SOC Analyst (DSC/JH) - #1097275

ST Engineering


Date: 1 day ago
District: Ang Mo Kio
Contract type: Full time
Work schedule: Full day
ST Engineering

Job Summary

The Tier 3 MSSP SOC Analyst provides leadership for SOC operations. The role includes advanced threat hunting, incident analysis, process optimization, and team mentorship, ensuring the highest level of security operations for MSSP clients.

Responsibilities

Leadership and Oversight

  • Lead Tier 1 and Tier 2 analysts by example and provide technical guidance.

  • Conduct training sessions, provide coaching, and ensure continuous skill development for the team.

  • Plan relevant certifications for Tier 1 and Tier 2 analysts, ensuring proper progression with certifications arranged yearly.

Threat Hunting and Incident Analysis

  • Actively hunt for threats, identify unknown vulnerabilities, and close security gaps within networks.

  • Identify all security attack vectors, classify incidents, and assess their impact.

  • Review all escalations from Tier 1 and Tier 2 analysts, ensuring comprehensive analysis and daily updates to the SOC Manager and Head of SOC.

  • Proactively update documentation, processes, workflows, and other operational aspects for continuous improvement.

SIEM/SOAR/Ticketing and Incident Response

  • Oversee and optimize SIEM operations, ensuring effective log correlation and alert management.

  • Manage SOAR platform implementations to automate incident response workflows and reduce manual intervention.

  • Supervise ticketing systems to ensure proper incident tracking, escalation, and resolution documentation.

  • Lead complex incident response activities, coordinating with internal teams and external stakeholders.

False Positive Management

  • Work closely with Tier 2 analysts to gather feedback and evidence on false positives.

  • Collaborate with the Threat Detection Team to reduce false positives across all customers.

  • Ensure consistent application of false positive reduction measures for all MSSP clients.

Threat Intelligence

  • Disseminate threat intelligence news and updates to all security analysts, ensuring the team remains informed about emerging threats and attack techniques.

Operational Excellence

  • Maintain oversight of SOC processes to ensure compliance and operational effectiveness.

  • Plan and implement improvements to SOC operations, focusing on proactive threat detection and response.

  • Monitor and "police" SOC workflows, providing tracking and daily updates to SOC leadership.

Requirements

Essential Experience and Skills

  • Extensive experience in SOC operations, including threat hunting and advanced incident analysis.

  • Strong understanding of SIEMs, threat intelligence platforms, and security tools.

  • Hands-on experience with SIEM/SOAR platforms and ticketing systems for incident response management.

  • Leadership experience with a track record of mentoring and developing security teams.

  • Excellent communication, documentation, and organizational skills.

  • Ability to handle high-pressure situations and critical security incidents effectively.

  • A collaborative mindset to work effectively with other SOC tiers and managers.

  • Strong analytical and problem-solving skills to address complex security challenges.

Preferred Technology Experience

  • GoogleSecOps (Google Security Operations) platform experience highly preferred.

  • Fortinet security solutions experience preferred.

  • Cloudflare security services experience preferred.

Professional Development and Certifications

  • Minimum certification requirement: ECIH (EC-Council Certified Incident Handler) or GCIH (GIAC Certified Incident Handler) or equivalent incident handling certification.

  • Additional preferred certifications: CISSP, CISM, GIAC, OSCP, GCFA.

  • Commitment to continuous learning to stay updated with the latest security trends and technologies.

  • Adherence to SOC playbooks, standard operating procedures, and compliance requirements.

Work Environment and Schedule

  • Primary schedule: Office hours (standard business hours).

  • Must be willing to support shift operations during High Severity Incidents, which may include:

    • Being activated to work on-shift during critical incidents, or

    • Remaining on standby to provide operational support as needed.

  • Willingness to support outside of regular hours during operational exigencies.

Work Location: Ang Mo Kio

How to apply

To apply for this job you need to authorize on our website. If you don't have an account yet, please register.

Post a resume

Similar jobs

Procurement Officer (International Sourcing) DP52

Trust Recruit, Ang Mo Kio
$3,000 - $4,000 / month
1 day ago
Responsibilities Actively source, assess and research potential suppliers for machine components, materials and procurement products from both local and overseas. Make on-going efforts to identify new suppliers and review current suppliers to maintain a pool of qualified suppliers. Communicate with...
Trust Recruit

Quantity Surveyor

Jupiter Builder Pte Ltd, Ang Mo Kio
$3,600 - $4,500 / month
1 day ago
Job Details:   5.5 day work week  Working Hours: Monday to Friday 8.30am to 5.30pm Saturday 8.30am to 12.30pm   Fresh Graduates are Welcomed Infrastructure and Civil Engineering construction company requires:   QS that is familiar with Quantity Surveying, Tender Taking Off, Prepare...
Jupiter Builder Pte Ltd

System Engineer (Linux) - Singaporeans Only

APBA TG Human Resource Pte Ltd, Ang Mo Kio
$5,000 - $7,000 / month
1 week ago
Job Description Manage and monitor all installed systems and infrastructure Install, configure, test and maintain operating systems, application software and system management tools Proactively ensure the highest levels of systems and infrastructure availability Monitor and test application performance for potential...
APBA TG Human Resource Pte Ltd