Security Operations Center Analyst

About the role

We are looking for an Incident Response Analyst to join our global Information Security team. You will detect, analyze, contain and respond to security incidents across the enterprise, working in shift‑based hours to support worldwide operations.

Key responsibilities

• Provide Tier 2 incident response support for global security operations.
• Investigate and resolve security incidents within defined SLAs.
• Analyze alerts, logs, endpoint telemetry and network activity to determine scope and impact.
• Support the full incident response lifecycle: preparation, identification, containment, eradication, remediation, recovery and lessons learned.
• Create and improve detection rules for suspicious or malicious behavior.
• Utilise SIEM, IDS/IPS, EDR/XDR, packet‑capture and log‑management platforms.
• Conduct static and dynamic malware analysis and assist with forensic examinations.
• Support vulnerability‑management initiatives using tools such as Qualys or Nessus.
• Perform threat‑hunting activities using threat intelligence and attacker TTPs.
• Contribute to security procedures, documentation, training materials and reporting.

Required profile

• 4–5 years of relevant cybersecurity or incident‑response experience.
• Hands‑on experience providing L2/L3 incident‑response support across the full lifecycle.
• Strong understanding of TCP/IP, DNS and other network protocols.
• Experience investigating compromised hosts or malware‑related incidents.
• Familiarity with vulnerability‑management tools such as Qualys or Nessus.
• Excellent written and verbal English communication skills.
• Willingness to work in a shift‑based global support environment.
• Good‑to‑have: experience with digital‑forensics tools (EnCase, FTK, Sleuth Kit, X‑Ways), reverse‑engineering malware, and security certifications (GSEC, GCIH, GCFE, GRE, MCISSP, SSCP).

Required skills

• L2/L3 incident response
• SIEM platforms
• IDS/IPS
• EDR/XDR technologies
• Packet‑capture tools
• Log‑management tools
• Static and dynamic malware analysis
• Threat hunting
• Vulnerability management (Qualys, Nessus)
• Digital forensics (EnCase, FTK, Sleuth Kit, X‑Ways)
• Reverse engineering
• TCP/IP, DNS, network protocols
• Security certifications (GSEC, GCIH, GCFE, GRE, MCISSP, SSCP)