MSSP SOC Analyst (Tier 2)
Recruitery PauseTechnical Support Data Analyst SOC Analysis SOC Security
Location
Benefits
Laptop/desktop for works
Travel/company trips
Yearly salary review
Other benefits
Full social insurance
Flexible working time
Work-from-home
Job Overview And Responsibility
The Tier 2 MSSP SOC Analyst is responsible for advanced investigation, analysis, and resolution of security incidents. Acting as the shift lead, the Tier 2 Analyst ensures effective incident management and communication with customers while collaborating with Tier 1, Tier 3, and SOC Managers to continuously improve SOC operations. Responsibilities: • Shift Leadership: o Serve as the Team In-Charge (IC) for the assigned shift, providing guidance and leadership to Tier 1 analysts. o Oversee shift operations and ensure incident tickets are managed effectively. • Advanced Incident Management: o Receive escalated incidents from Tier 1 and perform in-depth investigations and analysis. o Correlate threat intelligence to identify threat actors, the nature of attacks, and affected systems or data. o Define and execute containment, remediation, and recovery strategies for internal SOC operation system alerts. o Perform pre- and post-incident analysis to improve processes and reduce future risks. • Customer and Stakeholder Engagement: o Act as the primary point of contact for customer communications and handle customer requests and requirements. o Maintain proactive communication with customers, Customer Success Managers (CSMs), Tier 3 (SOC Leads), and SOC Managers to drive improvements. • False Positive Management: o Identify and assess false positives, providing evidence-based assessments and recommendations. o Escalate findings to Tier 3 (SOC Leads) and SOC Managers for discussion and resolution. o Communicate resolved findings to the CSM for final action. • Tool and Process Optimization: o Recommend and assist in configuring updates for SOC tools and SIEM rules. o Participate in retrospective analysis sessions or post-incident reviews to ensure learnings are captured and implemented. • Escalation Documentation: o Use standardized templates as a base but proactively amend escalation emails based on current investigations and analysis without referring to past emails.
Required Skills and Experience
• Proven experience (3+ years of experience) in handling escalated incidents and performing detailed analysis in a SOC environment. • Strong understanding of SIEM tools, threat intelligence, and network/system security. • Familiarity with tools and technologies such as IDS/IPS, SIEMs, firewalls, and malware detection systems. • Excellent communication and leadership skills to manage shifts and collaborate with stakeholders. • Ability to manage stress and handle critical incidents with professionalism. • A collaborative mindset to work effectively with other SOC tiers and managers. • Strong analytical and problem-solving skills to address complex security challenges. • Commitment to continuous learning to stay updated with the latest security trends and technologies. • Adherence to SOC playbooks, standard operating procedures, and compliance requirements. • Willingness to work in a dynamic 24/7 SOC environment. • Willingness to work on a 24/7 rotating shift schedule. • Willingness to work on 12-hour shifts
Why Candidate should apply this position
ST Engineering is one of Asia's largest defense and engineering groups. It has also diversified over the years, and now supplies both military customers and commercial ones in over 100 countries, which cover its four core businesses -- aerospace, land systems, electronics and marine. - Meal allowance & transportation allowance - Private insurance for employees from probation - Laptop - 100% salary from probation - Training from probation - Free learning of all courses on LinkedIn e-learning - SHUI is paid on total Gross Base salary - Annual performance review - Annual salary review - Lots of periodic company gatherings and events.
Preferred skills and experiences
• Relevant certifications (e.g., CISSP, CISM, CEH) are preferred.
Report to
SOC Manager
Interview process
Online interview (in English), additional interviews if needed
Completed jobs (27)
