Job Openings Senior Security Analyst (SOC – Shift Lead)

About the job Senior Security Analyst (SOC – Shift Lead)

A leading organization is seeking an experienced Senior Security Analyst to join its Security Operations Centre (SOC) team in the Philippines. This role combines hands-on cybersecurity operations with shift leadership responsibilities, ensuring effective monitoring, triage, and response to security events in a 24/7 environment.

The successful candidate will act as a shift lead, overseeing daily SOC activities, supporting junior analysts, and ensuring timely escalation and resolution of security incidents.

Key Responsibilities
SOC Operations & Incident Handling

  • Monitor and investigate security alerts using a range of tools (e.g., SIEM, email security platforms, endpoint detection and response, and cloud security solutions)
  • Perform initial triage and analysis of security events using logs and alerts from multiple sources
  • Escalate complex or high-risk incidents to higher-tier analysts or incident response teams
  • Provide initial findings and recommendations to support deeper investigation and remediation
  • Identify and help suppress false positives while highlighting genuine threats


Shift Leadership

  • Act as the designated shift lead for SOC operations
  • Coordinate and oversee the activities of analysts during assigned shifts
  • Provide guidance, direction, and support to ensure adherence to processes and procedures
  • Facilitate effective communication within the team to maintain operational efficiency
  • Ensure proper incident handling, documentation, and escalation during the shift


Threat Intelligence & Reporting

  • Support basic threat intelligence activities, including research and analysis of emerging threats
  • Gather and analyze data from multiple sources to identify risks and vulnerabilities
  • Prepare reports summarizing findings, trends, and recommendations
  • Contribute insights on the effectiveness of security tools, processes, and incident response practices


Additional Responsibilities

  • Participate in ongoing security initiatives, projects, and process improvements
  • Perform ad-hoc tasks aligned with team objectives and organizational priorities


Required Qualifications
Education

  • Degree in Cybersecurity, Information Technology, or a related field, or equivalent practical experience


Experience

  • At least 3 years of experience in a Security Operations Centre (SOC) or similar environment
  • Proven hands-on experience with:
  • Security monitoring tools (e.g., SIEM, EDR, email security, cloud security tools)
  • Incident detection, triage, and response processes
  • Threat analysis and investigation
  • Experience in leading or managing a team, preferably within a SOC or cybersecurity function
  • Demonstrated ability to coordinate team activities and support shift-based operations


Preferred Qualifications

  • Industry certifications such as CISSP, CISM, or CEH are advantageous


Technical Knowledge

  • Understanding of attacker techniques, tactics, and procedures (TTPs)
  • Familiarity with threat intelligence practices and tools
  • Knowledge of security frameworks, standards, and regulatory considerations
  • Experience working with SIEM platforms and log analysis


Skills & Competencies

  • Strong leadership and team coordination skills
  • Ability to make sound decisions in high-pressure situations
  • Solid analytical and problem-solving capabilities
  • Effective communication and collaboration skills
  • Proficiency in security tools and incident response workflows
  • Ability to manage shift-based responsibilities in a 24/7 environment


Work Environment

  • Operates within a 24/7 Security Operations Centre setup
  • Requires participation in shift rotations, including leadership responsibilities during assigned shifts


Mandatory Requirements (Non-Negotiable)

  • Hands-on experience using multiple security tools (e.g., SIEM, email triage, cloud security, EDR) to investigate suspicious activities
  • Minimum of 3 years of SOC or equivalent experience
  • Strong background in security monitoring, incident response, and threat analysis
  • Prior experience in leading or managing a team within a SOC or cybersecurity environment

Or refer someone