Lead Security Analyst

Overview

Lead SOC analyst overseeing threat monitoring, incident response, and team mentorship.

Key Responsibilities

• incident response
• security monitoring
• network operations
• vulnerability research
• technical lead
• change management

Tasks

A lead technical role in the Security Operations Center (SOC) responsible for providing operation support on monitoring the MSS platform and incident response. Primary responsibility will be to follow procedures to triage and investigate security alerts, monitoring and responding to security threats, investigating cases, and taking immediate action or recommending a course of action to mitigate the threat. Facilitates the ingress, implementation and egress of complex client trouble / change requests for managed premise, cloud, NextGen UTM firewall, MDDoS, Threat Intelligence and Secure Log Management products. Provides mentoring, training and escalation support to Security Analysts and be involved with maturing incident response procedures and evaluating new security technologies. Represents security operations as technical lead and point of escalation with clients, vendors and internal corporate organizations. Takes ownership and leads on projects. -Provide technical lead support to clients, vendors and coworkers as required; -Identification and resolution of complex issues in customer environments. Develop resolution and implementation plans; -Coordinate repair and maintenance of security system with security integrators. Liaise directly with third party vendors / suppliers; -Perform tasks associated with the installation, turn up and maintenance of security infrastructure and escalation of same; -Work in collaboration with other security and company departments (operations, legal, sales) to help identify / resolve chronic issues and assist with the creation and implementation of corrective / preventative action plans; -Responsible for operation, maintenance, and monitoring of network hardware and related control software providing a variety of customer services. Observe and control the status and performance of all security components of company products and services; -Proactively identify indicators of compromise and generate and execute Incident Response Plan upon detection; -Research and implement customer generated change requests for MSS products; -Provide Incident remediation and prevention documentation; -Handle User and Entity Behavior Analytics (UEBA) use cases of potential security incidents and security events in accordance with SOC processes and procedures; -Initiate escalation procedure to counteract potential threats/vulnerabilities; -Conduct security training, new hire training and network impact reviews; -Research, analyze and identify potential vulnerabilities and security deficiencies; -Responsible for development and execution of incident response plans for escalated response processes; -Participate in company sponsored job related activities plus training to further develop your management and technical skills. -Serve as a Team Lead / Tier 3 level for complex technical and procedural escalations

Requirements

• cissp
• splunk
• elastic stack
• python
• soc experience
• incident response

What You Bring

(EA Licence No. 14C7000) -Experience using commercial and open source software and malware reverse engineering tools; -Knowledge/experience with Operating Systems (e.g. Windows Server, CentOS Linux); -Possible security technology certifications (e.g. CISSP, SANS (GCIA, GCIH, GSEC)); -Strong leader and delegator; -Exceptional customer service skills; -5 - 10 years’ of professional work experience in Information Security with at least a couple of years of SOC based experience; -Good to have programming and scripting skills (e.g. C++, Bash, Python, Perl, Powershell); -Experience working a SOC and doing incident response is preferred; -Demonstrated proficiency exercising a detailed depth and breadth of technical subject knowledge to SME levels; -Detail oriented individuals that work well in a team environment and have a hunger to learn; -Knowledge of Threat Monitoring Procedures; -Knowledge/experience of networking and firewalls (e.g. Cisco ASA, Palo Alto, Checkpoint, Juniper, Fortinet, Arbor, Radware); -Foundational Knowledge of Enterprise Anti-Virus, IDS, Full Packet Capture and Host/Network Threat Analysis; -Strong verbal/written communication and interpersonal skills are required to document and communicate findings, escalate critical incidents, and interact with customers, managers and vendors. -BS/BA degree in Computer Science, Information Technology, or related discipline or equivalent experience; -Working knowledge of Elastic Stack (Elasticsearch, Kibana) and Log Management/SIEM (e.g. Splunk, QRadar, ArcSight); -Experience identifying vulnerabilities and modifications to hardware; -Strong analytical skills to define risk, identify potential threats, document and develop action/mitigation plan; -Experience with securing various environments preferred;

People Also Searched For

About Global Search Partners

-Delivers global placements through a tightly integrated and discreet search methodology. -Places senior candidates in Real Estate & Infrastructure, Industrial and Engineering, IT, Aviation and Luxury Retail. -Maintains specialist teams for functional roles in IT, Sales, Engineering and HR—offering cross‑industry reach. -Each search is personally managed by senior consultants, ensuring consistency from brief to placement. -Built deep regional networks, with teams across Singapore, Hong Kong and offices spanning four continents. -Exposes clients’ blind spots and turns limitations into strategic strengths through focused relationships.

Sector Specialisms