Tier 3 Mssp SOC Analyst

Job ID: 19170 - Location: ST Engineering Jurong East Bui, SG - Description: - **Job Summary** The Tier 3 MSSP SOC Analyst is a senior-level role that provides leadership for SOC operations. The role includes advanced threat hunting, incident analysis, process optimization, and team mentorship, ensuring the highest level of security operations for MSSP clients. **Responsibilities** Leadership and Oversight - Lead Tier 1 and Tier 2 analysts by example and provide technical guidance. - Conduct training sessions, provide coaching, and ensure continuous skill development for the team. - Plan relevant certifications for Tier 1 and Tier 2 analysts, ensuring proper progression with certifications arranged yearly. Threat Hunting and Incident Analysis - Actively hunt for threats, identify unknown vulnerabilities, and close security gaps within networks. - Identify all security attack vectors, classify incidents, and assess their impact. - Review all escalations from Tier 1 and Tier 2 analysts, ensuring comprehensive analysis and daily updates to the SOC Manager and Head of SOC. - Proactively update documentation, processes, workflows, and other operational aspects for continuous improvement. SIEM/SOAR/Ticketing and Incident Response - Oversee and optimize SIEM operations, ensuring effective log correlation and alert management. - Manage SOAR platform implementations to automate incident response workflows and reduce manual intervention. - Supervise ticketing systems to ensure proper incident tracking, escalation, and resolution documentation. - Lead complex incident response activities, coordinating with internal teams and external stakeholders. False Positive Management - Work closely with Tier 2 analysts to gather feedback and evidence on false positives. - Collaborate with the Threat Detection Team to reduce false positives across all customers. Threat Intelligence - Disseminate threat intelligence news and updates to all security analysts, ensuring the team remains informed about emerging threats and attack techniques. Operational Excellence - Maintain oversight of SOC processes to ensure compliance and operational effectiveness. - Plan and implement improvements to SOC operations, focusing on proactive threat detection and response. - Monitor and "police" SOC workflows, providing tracking and daily updates to SOC leadership. **Requirements**: Essential Experience and Skills - Extensive experience in SOC operations, including threat hunting and advanced incident analysis. - Strong understanding of SIEMs, threat intelligence platforms, and security tools. - Hands-on experience with SIEM/SOAR platforms and ticketing systems for incident response management. - Leadership experience with a track record of mentoring and developing security teams. - Excellent communication, documentation, and organizational skills. - Ability to handle high-pressure situations and critical security incidents effectively. - A collaborative mindset to work effectively with other SOC tiers and managers. - Strong analytical and problem-solving skills to address complex security challenges. Preferred Technology Experience - GoogleSecOps (Google Security Operations) platform experience highly preferred. - Fortinet security solutions experience preferred. - Cloudflare security services experience preferred. Professional Development and Certifications - Minimum certification requirement: ECIH (EC-Council Certified Incident Handler) or GCIH (GIAC Certified Incident Handler) or equivalent incident handling certification. - Additional preferred certifications: CISSP, CISM, GIAC, OSCP, GCFA. - Commitment to continuous learning to stay updated with the latest security trends and technologies. - Adherence to SOC playbooks, standard operating procedures, and compliance requirements. Work Environment and Schedule - Primary schedule: Office hours (standard business hours). - Must be willing to support shift operations during High Severity Incidents, which may include: - Being activated to work on-shift during critical incidents, or - Remaining on standby to provide operational support as needed. - Willingness to support outside of regular hours during operational exigencies. Work Location: Ang Mo Kio.