Senior Security Analyst

A leading organization is seeking an experienced Senior Security Analyst to join its Security Operations Centre (SOC) team in the Philippines. This role combines hands-on cybersecurity operations with shift leadership responsibilities, ensuring effective monitoring, triage, and response to security events in a 24/7 environment.

The successful candidate will act as a shift lead, overseeing daily SOC activities, supporting junior analysts, and ensuring timely escalation and resolution of security incidents.

• Monitor and investigate security alerts using a range of tools (e.g., SIEM, email security platforms, endpoint detection and response, and cloud security solutions)
• Perform initial triage and analysis of security events using logs and alerts from multiple sources
• Escalate complex or high-risk incidents to higher-tier analysts or incident response teams
• Provide initial findings and recommendations to support deeper investigation and remediation
• Identify and help suppress false positives while highlighting genuine threats

• Act as the designated shift lead for SOC operations
• Coordinate and oversee the activities of analysts during assigned shifts
• Provide guidance, direction, and support to ensure adherence to processes and procedures
• Facilitate effective communication within the team to maintain operational efficiency
• Ensure proper incident handling, documentation, and escalation during the shift

• Support basic threat intelligence activities, including research and analysis of emerging threats
• Gather and analyze data from multiple sources to identify risks and vulnerabilities
• Prepare reports summarizing findings, trends, and recommendations
• Contribute insights on the effectiveness of security tools, processes, and incident response practices

• Participate in ongoing security initiatives, projects, and process improvements
• Perform ad-hoc tasks aligned with team objectives and organizational priorities

• Degree in Cybersecurity, Information Technology, or a related field, or equivalent practical experience

• At least 3 years of experience in a Security Operations Centre (SOC) or similar environment
• Proven hands-on experience with:
• Security monitoring tools (e.g., SIEM, EDR, email security, cloud security tools)
• Incident detection, triage, and response processes
• Threat analysis and investigation
• Experience in leading or managing a team, preferably within a SOC or cybersecurity function
• Demonstrated ability to coordinate team activities and support shift-based operations

• Industry certifications such as CISSP, CISM, or CEH are advantageous

• Understanding of attacker techniques, tactics, and procedures (TTPs)
• Familiarity with threat intelligence practices and tools
• Knowledge of security frameworks, standards, and regulatory considerations
• Experience working with SIEM platforms and log analysis

• Strong leadership and team coordination skills
• Ability to make sound decisions in high-pressure situations
• Solid analytical and problem-solving capabilities
• Effective communication and collaboration skills
• Proficiency in security tools and incident response workflows
• Ability to manage shift-based responsibilities in a 24/7 environment

• Operates within a 24/7 Security Operations Centre setup
• Requires participation in shift rotations, including leadership responsibilities during assigned shifts

• Hands-on experience using multiple security tools (e.g., SIEM, email triage, cloud security, EDR) to investigate suspicious activities
• Minimum of 3 years of SOC or equivalent experience
• Strong background in security monitoring, incident response, and threat analysis
• Prior experience in leading or managing a team within a SOC or cybersecurity environment