Senior Director of Global Security Operations at CyrusOne strategizing and managing security across global data centers. Driving execution, governance, and operational excellence in a high - availability environment.
About the role
- SOC Analyst monitoring security events and responding to incidents at Junglee Games. Collaborating on security protocols to ensure protection of digital assets.
Responsibilities
- Monitor security consoles and SIEM dashboards 24/7 (Roaster) to identify, categorise, and prioritise security alerts.
- Perform initial triage and deep-dive analysis of security events to determine if they are false positives or legitimate threats.
- Conduct log analysis across various sources, including firewalls, web proxies, EDR tools, and email gateways, to reconstruct attack timelines.
- Respond to and contain security incidents such as malware infections, phishing attempts, and unauthorised access requests.
- Assist in the containment of compromised hosts and accounts by disabling credentials or isolating endpoints from the network.
- Document all investigative steps, findings, and remediation actions clearly within the ticketing system for audit and compliance purposes.
- Analyze suspicious emails and URLs reported by users to identify phishing campaigns and credential harvesting attempts.
- Research emerging threats, vulnerabilities, and "Zero Day" exploits to understand how they might impact the organisation’s environment.
- Support the maintenance and health monitoring of security tools to ensure consistent visibility across the network.
- Participate in regular training and tabletop exercises to improve response times and technical proficiency.
- Contribute to the creation and refinement of standard operating procedures (SOPs) and response playbooks.
Requirements
- 3+ years of experience working in a 24/7 SOC (Shift Work) environment
- Proficiency with SIEM platforms to monitor dashboards, run search queries, and filter through high volumes of log data.
- Solid understanding of Network Protocols (TCP/IP, DNS, HTTP/S, SMTP) and the ability to interpret traffic patterns and packet captures (PCAP) to identify anomalies.
- Hands-on experience with EDR and Antivirus tools (e.g., CrowdStrike, SentinelOne, or Microsoft Defender) for endpoint investigation and threat containment.
- Knowledge of Common Attack Vectors and the ability to map suspicious activity to stages of the Cyber Kill Chain or the MITRE ATT&CK framework.
- Experience with Email Security Gateways and manual analysis of email headers, attachments, and URLs to identify phishing and business email compromise (BEC) attempts.
- Familiarity with Operating System Internals (Windows, Linux, and macOS), specifically regarding common persistence mechanisms, registry changes, and process execution.
- Ability to perform basic Log Analysis across diverse sources, including firewalls, VPNs, web proxies, and cloud audit logs (AWS CloudTrail, Azure Activity Logs).
- Strong documentation habits, with the ability to write clear, concise technical summaries of investigations within a ticketing system like Jira.
- Basic Scripting skills (Python, PowerShell, or Bash) are highly preferred to assist with data parsing or minor task automation.
- Adaptability for Shift Work, including the ability to work nights, weekends, and holidays as part of a rotating 24/7 coverage schedule.
- Critical thinking and problem-solving skills, with the discipline to follow Standard Operating Procedures (SOPs) while identifying when an incident requires immediate escalation.
Benefits
- Not specified
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
No Education Requirement
Tech skills
Location requirements
Cybersecurity generalist at PwC providing security solutions and maintaining the protection of client systems. Involves monitoring security alerts, incident response, and collaboration with stakeholders.
Security Operations Manager overseeing safety measures for corporate office locations and events at Whatnot. Responsible for developing security frameworks and managing vendor relationships across global operations.
Manager overseeing technical security operations for the Protection Services department. Responsible for managing security systems, staff training, and interdepartmental collaboration.
Principal in Security Monitoring Response at Mastercard managing global crises and resilience operations. Leading incident response efforts and ensuring the safety of people and assets.
SOC Analyst II providing real time security monitoring and threat hunting services for clients in various industries. Assisting in identifying security incidents and managing vulnerabilities.
Senior Security Operations Engineer at Field Nation; leading security operations and incident response to enhance cybersecurity posture.
Security Incident Response Orchestration Lead at Bank of America defining automation for security incident workflows with a focus on Splunk SOAR and Tines. Collaborating with security operations and engineering teams to implement scalable solutions.
SOC Analyst II providing tier II cybersecurity support in a Security Operations Center environment. Conducting vulnerability assessments and analyzing cyber threats while training junior staff members.
Security Operations Analyst responsible for monitoring and responding to cybersecurity threats. Ensuring the confidentiality, integrity, and availability of data per compliance standards.