• Competitive
  • Singapore
  • Permanent, Full time
  • Citibank NA
  • 2019-01-17

Security Operations Center SOC Threat Analyst Level 1

Security Operations Center SOC Threat Analyst Level 1

  • Primary Location: Singapore,Singapore,Singapore
  • Education: Bachelor's Degree
  • Job Function: Technology
  • Schedule: Full-time
  • Shift: Day Job
  • Employee Status: Regular
  • Travel Time: No
  • Job ID: 18060724


  • The Security Operations Center Threat Analyst will be part of the SOC Team. The team monitors, analyzes and responds to cyber threats and vulnerabilities on a 24x7 basis
Principle Responsibilities:
  • The analyst performs monitoring, research, assessment and analysis on intrusion detection and prevention tools, as well as, anomaly detection systems, firewalls, antivirus systems, and proxy devices (ArcSight, Arbor PeakFlow, Palo Alto Networks, etc.) which requires demonstrable security incident response experience
  • Follow pre-defined actions to handle BAU and High severity issues including escalating to other support groups
  • Execute daily ad hoc tasks or lead small projects as needed
  • Create and maintain operational reports for Key Performance Indicators and weekly and monthly metrics
  • Perform assessment as well as troubleshooting to help isolate issues with IDS/IPS sensors, antivirus servers, and vulnerability scanners
  • Participate in daily and ad hoc conference calls and quality assurance and documentation related tasks
  • Identify areas for tuning use cases or signatures to enhance monitoring value


Job Skills/Qualifications:
  • 4+ years working in the security & operations fields
  • Bachelor's Degree or higher preferred
  • Ability to professionally communicate effectively both orally and in writing.
  • Excellent knowledge of Intrusion Detection analysis (deep TCP/IP knowledge, and cyber security), various operating systems (Windows/UNIX), and web technologies (focusing on Internet security)
  • Ability to read and understand packet level data, Network Security Products (IDS/IPS, firewalls, etc) and Host Security Products (HIPS, AV, VA scanners, etc)
  • Knowledge of cutting edge threats, vulnerabilities, and recent cyber attacks
  • Experience with vulnerability assessment as well as penetration testing or forensic analysis fields is a plus
  • Familiarity with cloud security techniques and technologies is preferred plus
  • Certifications from EC-Council, GIAC, (ISC)² are preferred [CISSP, C|EH, GCIA, CCNA]