SOC Cyber Threat Senior Analyst Job at Citi (Singapore)

Senior Cybersecurity Incident Response Analyst

You will work as a Senior Cybersecurity Incident Response Analyst as part of Hew...

Location

Ireland , Galway

Salary:

Not provided

Hewlett Packard Enterprise

Expiration Date

Until further notice

Requirements

Bachelor's degree (or equivalent work experience) required, preferably in computer science, engineering or related area of study
typically 4+ years of relevant experience
SOC team/Incident response analyst experience is required
proven track record of leading complex cybersecurity initiatives and managing ambiguous incidents
advanced understanding of adversary tactics, techniques, and procedures (TTPs)
advanced Cyber and IT security knowledge
advanced understanding of Cyber and IT security risks, best practices, threats and prevention measures as well as containment and remediation actions
advanced understanding of SQL and relevant scripting languages
advanced data security system analysis skills
advanced risk assessment and management skills

Job Responsibility

Lead and coordinate responses to the most complex cybersecurity incidents, guiding cross-functional teams through containment, eradication, and recovery
analyze associated logs and respond to high severity incidents
suggest automation opportunities to enhance IR
mentor and provide technical guidance to less experienced cybersecurity professionals
stay at the forefront of cybersecurity trends, threats, and technologies
foster a culture of continuous improvement and innovation
encourage the adoption of new technologies and methodologies
provide insight and guidance through after action reviews working with stakeholders.

What we offer

Comprehensive suite of benefits supporting physical, financial and emotional wellbeing
programs for professional and personal career development
unconditional inclusion and flexibility to manage work and personal needs.

Fulltime

Threat Intelligence Analyst

Threat Intelligence Analyst - initial 3-6 month contract. We're seeking a highly...

Location

United Kingdom , Portsmouth or London

Salary:

Not provided

TRIA

Expiration Date

Until further notice

Requirements

5+ years' experience in Threat Intelligence, SOC or Incident Response
Strong working knowledge of MITRE ATT&CK and threat actor lifecycle analysis
Hands-on experience with threat intelligence platforms such as MISP, Recorded Future, Anomali or similar
Strong experience with Microsoft security tooling, ideally Sentinel and Defender
Proficiency in KQL and working knowledge of Python for automation and enrichment
Experience integrating intelligence into SIEM, EDR/XDR, and cloud security platforms (Microsoft, AWS, CrowdStrike, etc.)
Deep understanding of the UK cyber threat landscape, particularly critical national infrastructure and public sector threats
Comfortable operating as a sole senior threat intelligence specialist while collaborating across SOC and InfoSec teams

Job Responsibility

Lead threat actor tracking and attribution, focusing on APTs, ransomware, supply chain attacks and UK-relevant campaigns
Maintain adversary profiles using MITRE ATT&CK, Diamond Model and sector-specific threat frameworks
Correlate internal security telemetry with external intelligence feeds (e.g. MISP, Recorded Future, ISACs, Microsoft TI)
Operationalise STIX/TAXII feeds and enrich IOC/IOA pipelines for SOC and Incident Response teams
Translate threat intelligence into actionable detections, working with engineers on KQL/SPL queries and proactive threat hunts
Produce regular threat reports and briefings for SOC leadership, CISO and senior stakeholders, including board-level risk narratives
Manage and oversee a third-party cyber threat intelligence provider, ensuring quality, relevance and value
Engage with UK threat-sharing communities and maintain internal threat intelligence documentation and playbooks

Fulltime

New

Security Operations Center (SOC) Cyber Threat Senior Analyst

The Security Operations Center (SOC) Cyber Threat Analyst will be part of the Gl...

Location

Singapore , Singapore

Salary:

Not provided

Citi

Expiration Date

Until further notice

Requirements

4-8 years of relevant experience in Cyber
Proven influencing and relationship management skills
Understand the life cycle of network threats, web attacks, attack vectors, and methods of exploitation
Ability to conduct analysis utilizing network traffic (packet capture), web logs, endpoint logs and others to identify unusual behavior that may indicate malicious activity
Proven and strong analytical skills
Attentive to detail and possess a strong investigative mindset
A good team player, self-driven and able to act as individual contributor
Consistently demonstrates clear and concise written and verbal communication
Relevant cyber security certification is a bonus
Regular weekly work shift will include one of the weekends (e,g, Saturday, Sunday)

Job Responsibility

Analyze security events to identify potential threats and intrusions. Events include but not limited to Intrusion Detection/Prevention tools, anomaly detection systems, Firewalls, Antivirus and EDR systems, proxy devices, cloud security solution and data leakage prevention system
Assess and investigate potential security threats sourced from other channel leveraging variety of data and tools
Drive a continuous effort to improve SOC process. Execute adhoc tasks or small projects as needed
Undertakes root cause analysis of events, perform risk assessment on threat or vulnerability and make recommendations to improve detection capability
Drive a continuous effort to review and fine tune detection rule/use case/signature to reduce unnecessary noise and increase alert fidelity
Handle threat incidents call like DDOS incidents, adhoc high severity cases including collaboration and escalation to other support groups
Participate in daily and adhoc conference calls, self-assessment processes and documentation related tasks
Stay updated with the latest cybersecurity trends, emerging threats and technologies

Fulltime

SOC Operations Manager

This is an exceptional opportunity to lead, shape, and elevate a Security Operat...

Location

United Kingdom , Hemel Hempstead

Salary:

80000.00 - 90000.00 GBP / Year

Fynity

Expiration Date

Until further notice

Requirements

Proven experience leading SOC operations in a 24×7 or multi-client environment
Strong background in incident management, threat detection, and escalation processes
Technical depth across SIEM/SOAR tooling, preferably Splunk or Microsoft Sentinel
A passion for developing teams — coaching analysts and building collaborative, high-performing cultures
Strong understanding of frameworks and standards such as NIST, MITRE ATT&CK, ISO 27001, CREST, and ITIL
Excellent communication skills, with the ability to translate technical risks into clear business impacts
Security Clearance – Willing and Able to go through the DV process
Have held budgetary responsibility

Job Responsibility

Lead and develop a skilled SOC team, inspiring a culture of continuous learning and technical excellence
Oversee the full lifecycle of security incidents — from detection through to resolution and review
Manage and optimise SIEM and SOAR platforms (Splunk, Sentinel, Elastic) to enhance detection and automation capabilities
Drive continuous improvement through ITIL-aligned processes and adherence to CREST standards
Oversee vulnerability management, threat intelligence, and incident response plans
Communicate security posture, risks, and incident outcomes clearly to senior stakeholders
Ensure operational readiness and contribute to maintaining industry accreditations

Fulltime

Senior Threat Intelligence Analyst

To deliver timely, actionable threat intelligence that enables the organization ...

Location

Finland , Espoo

Salary:

5600.00 - 6500.00 EUR / Month

ICEYE

Expiration Date

Until further notice

Requirements

Proven experience (5+ years) in information security, threat intelligence, national CERT/CSIRT, intelligence, or law enforcement environments
Extensive hands-on experience (minimum 4 years) using threat intelligence platforms (e.g. MISP) and analysis frameworks such as MITRE ATT&CK in a customer-facing or operational role
Strong capability in analyzing infrastructure-related threats and conducting open-source, deep web, and dark web research
Demonstrated expertise in utilizing STIX/TAXII feeds and automated intelligence sharing solutions
Solid understanding of the Finnish Cyber Security Act (NIS2), GDPR, and applicable local regulations
Industry-recognized certifications such as GIAC Cyber Threat Intelligence (GCTI) or equivalent
Excellent English communication skills, with the ability to translate complex threat intelligence into actionable insights for diverse audiences

Job Responsibility

Integrating actionable threat intelligence into SOC, incident response, and vulnerability management workflows to improve detection and response effectiveness
Analyzing malicious infrastructure, malware, and adversary artifacts to extract high-fidelity IOCs and map TTPs using frameworks such as MITRE ATT&CK
Enabling threat detection, attribution, and information sharing through the effective use of threat intelligence platforms, STIX/TAXII feeds, and automated intelligence sharing mechanisms
Producing and disseminating clear, timely operational and tactical intelligence products, including threat briefings, reports, and summaries tailored to technical teams and senior leadership
Providing expert intelligence support during major security incidents by correlating external threat data with internal telemetry
Enhancing threat hunting activities by supplying contextual intelligence that identifies emerging threats and suspicious behaviors within the environment
Delivering actionable cyber resilience recommendations based on threat intelligence and OSINT analysis, aligned with regulatory and legal requirements

What we offer

Occupational healthcare, occupational, and accident insurance
A yearly benefit budget to spend as you wish (i.e. on sport, transport, bike benefit, wellness, lunch, etc.)
Phone subscription with iPhone of choice
Relocation support (i.e. flight tickets, accommodation, relocation agency support)
Time for self-development, research, training, conferences, or certification schemes
Inspiring and collaborating offices and silent workspaces enable you to focus

Fulltime

Senior Detection Engineer

This is a detection engineering role that leverages knowledge of monitoring, ana...

Location

Singapore , Singapore

Salary:

Not provided

Marriott Bonvoy

Expiration Date

Until further notice

Requirements

Bachelor’s degree in Computer Sciences or related field or equivalent experience/certification
3+ years of collective experience in Splunk SIEM (Splunk Enterprise Security) threat detection use case development or UEBA (Exabeam) use case development for insider threat use case development
5+ years of experience in security functions such as SOC, CIRT, security engineering, risk management, vulnerability management or technical infrastructure operations, administration, or systems engineering
scripting or programming language, including Python
Current information security certification such as Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP) preferred
offensive and defensive security certifications such as CEH, IGAC Cyber Defense, OSCP or other related certifications preferred
Splunk Certification, including Splunk Enterprise Security Certified Admin preferred
use case development experience on the Exabeam platform preferred
working knowledge of the NIST Cyber Security Framework and ISO/IEC 27001:2022 preferred
working knowledge of the MITRE ATT&CK Framework preferred

Job Responsibility

Lead collaboration sessions within the cyber security tower and other business units to devise security monitoring use cases
engage and collaborate with other security engineers and architects as needed to keep pace with the evolution of corporate infrastructure and applications and share that knowledge with peers as appropriate
document prospective security monitoring use cases with MITRE ATT&ACK mappings using standard templates and methodologies
inform and consult other cyber ops teams of required data onboarding and integrations for use case development
develop analytics, correlation searches, dashboards, reports and alerts within the SIEM and UEBA platforms
solicit feedback for pre-production security monitoring content through peer review process and user acceptance testing for tuning
document developed security monitoring content in a documentation registry using department standard templates and methodologies
manage field mapping and transmission of security monitoring alerts to the security incident response platform for SOC analyst consumption as outlined in process documentation
provide governance support for the content development function entailing content development standards compliance, change management approvals for SIEM or UEBA content, and lifecycle management of developed security monitoring content
service operational requests in queue such as analytics content performance tuning, filtering, search refinement, parsing issues

Fulltime

Senior SOC Analyst

We are seeking a Senior SOC Analyst to lead advanced security monitoring, incide...

Location

South Africa , South Africa

Salary:

Not provided

Overture Rede

Expiration Date

Until further notice

Requirements

Bachelor’s degree in Cybersecurity, Information Technology, or a related field
3–5 years of experience in SOC operations, incident response, or advanced security monitoring roles
One or more of the following advanced certifications: GIAC GCFA (Forensic Analyst) or GNFA (Network Forensics Analyst) GIAC GCTI (Cyber Threat Intelligence) GIAC GSOC (Security Operations Certified) CREST Registered Intrusion Analyst (CRIA) Advanced tool/vendor certifications (e.g., Splunk Enterprise Security Admin, Elastic Security Specialist)
Strong expertise in digital forensics, incident handling, and threat intelligence
Advanced knowledge of MITRE ATT&CK and threat actor TTPs
Proficiency in SIEM query languages (SPL, KQL, Lucene)
Experience working in 24×7 enterprise or MSSP SOC environments
Strong reporting, documentation, and stakeholder communication skills

Job Responsibility

Lead advanced incident response activities, including containment, eradication, and recovery
Perform digital and network forensic investigations to support incident analysis
Conduct proactive threat hunting and advanced detection engineering
Analyze threat intelligence and correlate with internal security events
Design, tune, and optimize SIEM and SOAR use cases and detection rules
Serve as an escalation point for complex security incidents
Provide mentorship and technical leadership to junior and intermediate SOC analysts
Develop SOC playbooks, procedures, and post-incident reports
Collaborate with security architecture and risk teams to improve security posture

What we offer

Higher responsibility than junior role
Career growth opportunity
Strong job security

Fulltime

SOC Analyst Senior Cyber Security Engineer

Job Description: Minimum 2-year experience working in security operations enviro...

Location

India , Noida

Salary:

Not provided

Sopra Steria

Expiration Date

Until further notice

Requirements

Minimum 2-year experience working in security operations environment or 2 years’ experience in IT operations Data Centre, SOC/NOC
Should know and able to contribute to MSSP services (Managed Security Services Provider)
Ensure thorough knowledge of Protection of Personal Identifiable Information and GDPR
Certification (Must): SC:200 / SC:900
CC2 - Certified in CyberSecurity
Engineering graduate - preferably B.E. /B.Tech in IT or Computer Engineering
At least one Certification Preferred - CC2 - Certification in CyberSecurity
SC-900: Microsoft Security, Compliance, and Identity Fundamentals certified
SC-200: Microsoft Security Operations Analyst
ready for 24x7 support services

Job Responsibility

Ensure all threats at customer environment are detected and notified in timely manner
Continuous review of Incidents to ensure compliance with standard operating procedures
Provide training and feedback to Security Analysts to ensure quality deliverables
Identify and execute continuous improvements in monitoring, including threat scenarios and operating procedures
Interact with customers on queries and improvements related to service deliverables
Perform root cause analysis for any errors /deficiencies pointed out in the monitoring service
Review the alert to determine relevancy and urgency, create new trouble tickets for incident

SOC Cyber Threat Senior Analyst

Citi

Location:
Singapore , Singapore

Category:
IT - Administration

Contract Type:
Not provided

Salary:

Job Description:

Job Responsibility:

Requirements:

Nice to have:

Additional Information:

Job Posted:
January 04, 2026

Looking for more opportunities? Search for other job offers that match your skills and interests.

Similar Jobs for SOC Cyber Threat Senior Analyst