Security Operations Analyst responsible for monitoring and responding to cybersecurity threats. Ensuring the confidentiality, integrity, and availability of data per compliance standards.
About the role
- SOC Engineer at Phoenix, leading onboarding activities and optimizing security technologies and processes. Collaborating with teams to ensure effective detection and response in managed services.
Responsibilities
- Lead customer onboarding activities, integrating new environments and configuring detection baselines, automation, and playbooks.
- Deploy, tune, and optimise detection rules and correlation logic to reduce false positives and improve alert fidelity.
- Configure and enhance log ingestion pipelines, enrichment workflows, dashboards, and reporting to support SOC operations and customer visibility.
- Develop, maintain, and improve customer SOPs, runbooks, and playbooks to ensure consistent and effective response processes.
- Work closely with Detection Engineering teams to contribute new detections, refine existing analytics, and validate detection logic.
- Support CI/CD processes for detection content, ensuring safe, controlled deployment of rules, scripts, and automation updates.
- Assist in developing and improving SOAR playbooks, validating automated actions, and ensuring operational reliability.
- Maintain structured repositories of detection queries, SOPs, and operational documentation to keep SOC content accurate and up to date.
- Troubleshoot detection and workflow issues, collaborating with internal teams and customers to resolve technical challenges.
- Partner with architects, analysts, and service managers to improve SOC onboarding processes, tooling, and detection standards.
Requirements
- Good blend of both technical ability and customer facing skills
- Significant experience working in a fast-paced MSSP environment
- Strong skills in designing, tuning, and validating detection logic (MITRE ATT&CK aligned)
- Hands-on experience with SIEM, XDR, SOAR, and log ingestion/detection configuration
- Background in SOC operations such as analysis, detection engineering, IR, or threat hunting
- Ability to design and validate automated workflows and SOAR playbooks
- Experience using CI/CD pipelines and version control (Azure DevOps, GitHub, GitLab)
- Skilled in producing clear SOPs, runbooks, playbooks, and operational documentation
- Experience supporting customer onboarding and tailoring detections to specific environments
- Strong communication and collaboration skills across technical and non‑technical teams
- Proactive, accountable, and able to deliver reliable, high‑quality outcomes
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
No Education Requirement
Tech skills
Location requirements
SOC Analyst responsible for cybersecurity incident management at Algosystems in Greece. Monitoring security threats, conducting investigations, and improving SOC services.
Cyber Operations Lead ensuring coordination of cyber operations between the Security Operations Center and internal business units. Enhancing security through effective incident response and threat management initiatives.
Solution Sales Manager enhancing revenue in financial services, focusing on ServiceNow IRM and Tanium solutions. Collaborating with teams and engaging C - level executives in Austria and Switzerland.
Senior Internal SOC Analyst leading security triage and investigations for Darktrace, utilizing AI - driven cybersecurity technology. Collaborating on incident response and mentorship within a hybrid work environment.
Security Operations Intern responsible for security monitoring at Paddy Power Betfair. Involves data loss prevention investigations and content filtering analysis with a commitment to improving security posture.
SOC Analyst L2 responsible for managing and analyzing security incidents in digital transformation. Contributing directly to the protection of companies and infrastructures.
SOC Analyst L3 managing and analyzing security events and incidents for Var Group. Responsible for incident management and proactive threat analysis.
Senior Manager leading global IT security operations to protect company data and assets at Keenova. Overseeing incident response, monitoring, and cybersecurity capabilities with strategic oversight.
Security Operations Center leader at Woven by Toyota, managing triage and response to security alerts in Japan. Collaborating with global SOCs to ensure 24/7 operations.