CrawlJobs Logo

SOC Incident Responder

https://www.citi.com/ Logo

Citi

Location Icon

Location:
Singapore , Singapore

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

The Info Sec Tech Lead Analyst is a senior level professional position responsible for driving efforts to prevent, monitor and respond to information/data breaches and cyber-attacks. The overall objective of this role is to ensure the execution of Information Security directives and activities in alignment with Citi's data security policy.

Job Responsibility:

  • Identify opportunities to automate and standardize information security controls and for the supported groups
  • Resolve any vulnerabilities or issues detected in an application or infrastructure
  • Analyze source code to mitigate identified weaknesses and vulnerabilities within the system
  • Review and validate automated testing results and prioritize actions that resolve issues based on overall risk
  • Scan and analyze applications with automated tools, and perform manual testing if necessary
  • Reduce risk by analyzing the root cause of issues, their impact, and required corrective actions
  • Direct the development and delivery of secure solutions by coordinating with business and technical contacts
  • Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency.

Requirements:

  • 6-10 years of relevant experience
  • Advanced proficiency with Microsoft Office tools and software
  • Consistently demonstrates clear and concise written and verbal communication
  • Proven influencing and relationship management skills
  • Proven analytical skills
  • Bachelor’s degree/University degree or equivalent experience
  • Master’s degree preferred

Additional Information:

Job Posted:
December 29, 2025

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
Citi - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for SOC Incident Responder

Principal Cybersecurity Incident Response Analyst

Principal Cybersecurity Incident Response Analyst role at HPE's Cyber Defense Ce...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree (or equivalent work experience) required, preferably in computer science, engineering or related area of study
  • Typically 8+ years of relevant experience
  • SOC team/Incident response/Advanced threat analyst experience is required
  • Proven track record of leading complex cybersecurity initiatives and managing ambiguous incidents
  • Extensive understanding of adversary tactics, techniques, and procedures (TTPs)
  • Extensive Cyber and IT security knowledge
  • Extensive understanding of Cyber and IT security risks, best practices, threats and prevention measures
  • Extensive understanding of SQL and relevant scripting languages
  • Extensive data security system analysis skills
  • Extensive risk assessment and management skills
Job Responsibility
Job Responsibility
  • Lead and coordinate responses to the most severe and complex cybersecurity incidents
  • Guide cross-functional teams through containment, eradication, and recovery
  • Provide executive-level oversight and decision-making during critical incidents
  • Effectively analyze associated logs and respond to high severity incidents
  • Contribute to the company's security response methods
  • Mentor and provide technical guidance to less experienced cybersecurity professionals
  • Stay at the forefront of cybersecurity trends, threats, and technologies
  • Foster a culture of continuous improvement and innovation
  • Provide insight and guidance through after action reviews
What we offer
What we offer
  • Health & Wellbeing benefits
  • Personal & Professional Development programs
  • Unconditional Inclusion environment
  • Comprehensive benefits suite supporting physical, financial and emotional wellbeing
  • Fulltime
Read More
Arrow Right

Operations Security Consultant

The Operations Security Consultant is responsible for the end-to-end management ...
Location
Location
India , Chennai
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8 to 12 years experience
  • B.E./ B.Tech./ MCA degree
  • Hands-on expertise with QRadar SIEM, SOC operations, and incident response
  • Proficiency in security frameworks: NIST CSF, CIS Controls, DORA, GDPR
  • Experience with vulnerability management, threat hunting, and risk assessment methodologies
  • Familiarity with automation, SOAR solutions, and operational workflow optimization
  • Strong experience on at least one technical environment: Cloud (AWS/Azure), Mainframe, Datawarehouse, Database, O365
  • CISSP or CISM certification preferred
Job Responsibility
Job Responsibility
  • Oversee Daily security operations and maintain operational excellence
  • Manage 24/7 monitoring, triage, investigation, and resolution of security incidents via SIEM (QRadar)
  • Coordinate incident management efforts across internal teams and external stakeholders
  • Develop, fine-tune, and manage security detection rules, use cases, and threat intelligence integration
  • Implement continuous improvement processes using KPIs, operational reviews, and performance metrics
  • Manage Lead SOC analysts, threat hunters, and incident responders
  • Facilitate collaboration across engineering, compliance, and client teams
  • Ensure compliance with ISO 27001, NIST CSF, CIS Controls, DORA, GDPR, and client-specific standards
  • Lead preparation of audits, client reports, and executive dashboards
  • Maintain risk treatment plans aligned with ISO 27001 standards
What we offer
What we offer
  • Commitment to fighting against all forms of discrimination
  • Inclusive and respectful work environment
  • Positions open to people with disabilities
  • Fulltime
Read More
Arrow Right

Managed Services Operations Specialist

The Managed Services Operations Specialist is a skilled cybersecurity specialist...
Location
Location
Romania , Bucuresti
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • At least 1 year of experience working in an industry standard SOC in security analysis/incident handling and security monitoring
  • Experience or at least knowledge of Cloud technologies (Azure preferred)
  • Experienced in SIEM (Sentinel, Splunk, QRadar Chronicle, McAfee, CryptoSIM, Logsign etc.) and SOAR products
  • Knowledgeable in security topics such as next gen firewalls (Fortinet, PaloAlto, CheckPoint) and other network security devices and software such as WAF, DLP, anti-virus/anti-malware, threat intelligence, etc.
  • General understanding of attacker tools, tactics and techniques and referencing on MITRE ATT&CK, knowledge of MITRE Shield
  • Familiar with tools for malware analysis, open-source threat Intelligence and SOAR
  • Detail-oriented, problem-solving mindset with critical and analytical thinking
  • Ethical integrity, good at teamwork, responsible and highly motivated
  • Result-oriented, inquisitive, eager to learn new threats, technologies, and security practices
  • Fluent in English to read and interpret global reports and technical articles published in the field of cybersecurity
Job Responsibility
Job Responsibility
  • Monitor security access and identify security incidents using Security Information and Event Management (SIEM) tools
  • Ensure continuity and availability of the modular platform components and security systems required
  • Perform initial analysis and investigation of security alerts to differentiate false positives from true incidents. This includes understanding attack vectors, malware behavior, and the potential impact of different types of threats
  • Document security incidents and actions taken in response
  • Escalate complex incidents to higher-level SOC threat responders and experts for further analysis and resolution, working in partnership with the L2 Central SOC teams and other SOCs
  • Participate in developing incident response protocols and procedures
What we offer
What we offer
  • Hybrid working regime 2 days from the office, 3 days remote
  • Special discounts for Vodafone employees, Friends & Family offers
  • Demo telephone subscription - unlimited (voice and data)
  • Voucher for the purchase of a mobile phone
  • Medical subscription to a top private clinic & other medical benefits
  • Insurance for hospitalization and surgical interventions
  • Life insurance
  • Meal tickets
  • Bookster subscription
  • Participation in development programs and challenging projects in the leadership area
  • Fulltime
Read More
Arrow Right

Cybersecurity Operations Analyst

We are seeking an experienced Cybersecurity Operations Analyst to support securi...
Location
Location
United States , Ames
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree and 2+ years of Security Operations or SOC experience
  • 3+ years of experience as a SOC Analyst, Incident Responder, or similar role
  • Understanding of core security controls (malware protection, firewalls, IDS/IPS, proxies, encryption, log management, etc.)
  • Strong analytical and critical thinking skills
  • Excellent time management, attention to detail, and ability to adapt to changing priorities
  • Ability to work in a hybrid schedule and travel occasionally within the region
Job Responsibility
Job Responsibility
  • Monitor security events using SIEM and EDR platforms
  • Assist with configuration and tuning of SIEM and EDR tools
  • Participate in an on‑call rotation for after-hours security support
  • Conduct internal phishing simulations and analyze reported phishing incidents
  • Support threat modeling efforts by assessing business impact and analyzing vulnerabilities
  • Assist with internal and external audit activities as required
  • Participate in the organization’s Cybersecurity Incident Response Team, using established processes to detect, respond to, and recover from security incidents
  • Stay current on Cybersecurity trends and emerging technologies to provide informed recommendations
  • Perform Identity & Access Management functions, including approval of RBAC and temporary access escalations
  • Create and maintain internal security awareness training, including content related to incident response, phishing, and role‑based training requirements
What we offer
What we offer
  • medical
  • vision
  • dental
  • life and disability insurance
  • 401(k) plan
Read More
Arrow Right

Gaming Principal, Cloud Threat Detection & Incident Response Engineer

We are seeking a Gaming Principal, Cloud Threat Detection & Incident Response En...
Location
Location
United States , Multiple Locations
Salary
Salary:
139900.00 - 274800.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR equivalent experience
Job Responsibility
Job Responsibility
  • Architect and drive Gaming’s cloud-first detection and response vision by integrating Azure, AWS, and GCP (Google Cloud Platform) native security services and telemetry sources into TDIR (Threat Detection, Investigation, and Response) workflows
  • Lead adoption and optimization of Microsoft Defender for Cloud, Sentinel, Entra ID security, Defender for Cloud Apps, and other cloud-native security controls
  • Establish standards and reference architectures for cloud telemetry ingestion, normalization, enrichment, and threat analytics across diverse studio environments
  • Build and maintain high-fidelity, cloud-native detections targeting threat actors across identity, SaaS, PaaS, IaaS, and Kubernetes environments
  • Develop behavioral detections leveraging KQL (Kusto Query Language), automation, analytics, and ML-assisted methodologies
  • Partner with threat intelligence to map adversary TTPs (Tactics, Techniques, and Procedures) to cloud control surfaces and turn insights into durable detection engineering roadmaps
  • Serve as principal technical authority during major cloud-related incidents, providing expert guidance on identity compromise, lateral movement, key/material theft, resource manipulation, and multi-cloud attack paths
  • Formalize standards for cloud investigations, including telemetry requirements, visibility gaps, and automated triage workflows
  • Drive post-incident cloud hardening by influencing product teams, studio engineering, and platform owners
  • Architect and implement automation for detection deployment, evidence collection, containment, and remediation using Azure Functions, Logic Apps, and modern SOAR patterns
  • Fulltime
Read More
Arrow Right

Senior SOC Analyst

We are working with a leading UK IT solutions and managed services provider that...
Location
Location
United Kingdom
Salary
Salary:
50000.00 GBP / Year
dynamicsearch.co.uk Logo
Dynamic Search Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong background in SOC operations, digital forensics, incident response or threat detection
  • Experience leading complex security investigations and responding to high severity incidents
  • Advanced experience working with SIEM platforms, ideally Microsoft Sentinel and Defender XDR
  • Strong KQL knowledge for threat hunting and detection development
  • Experience using scripting languages such as Python or PowerShell for automation
  • Familiarity with digital forensics and investigation tools such as Velociraptor, KAPE or sandbox environments
  • Excellent written and verbal communication skills with the ability to present technical findings clearly
  • Comfortable mentoring junior team members and contributing to team development
Job Responsibility
Job Responsibility
  • Incident Response & Forensics: Lead complex security incidents from detection to remediation, coordinate containment, analyse attacker activity, and support client decision-making during high-severity events
  • Threat Hunting & Detection Engineering: Proactively hunt for threats using advanced KQL analytics, tune SIEM/EDR detections, and develop signatures aligned with MITRE ATT&CK
  • Malware Analysis & Reverse Engineering: Perform malware triage and behavioural analysis, using reverse-engineering tools when required
  • Client Reporting & Communication: Produce clear, high-quality investigation reports, timelines, and intelligence summaries for both technical and non-technical audiences
  • SOC Leadership & Continuous Improvement: Contribute to SOC playbooks, mentor junior analysts, support onboarding of new clients, and enhance processes and tooling
  • On-Call Support: Participate in the 24×7 on-call rota to provide expert support during critical incidents
What we offer
What we offer
  • Fully remote working across the UK
  • Competitive salary with additional benefits depending on experience
  • Opportunity to work within a mature and well supported Security Operations environment
  • Ongoing professional development and training opportunities
  • Exposure to a wide range of client environments and security challenges
  • Supportive culture with a strong focus on collaboration and continuous improvement
  • Fulltime
Read More
Arrow Right

Principal Cybersecurity Incident Analyst

The Principal Analyst Cybersecurity Incident is a key role responsible for manag...
Location
Location
Australia , Melbourne
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Information Technology or Computer Science preferred
  • Relevant certifications such as SANS GIAC Security Essentials (GSEC)
  • At least 5 years of experience in the technology information security industry
  • Hands-on experience in administering & managing SIEM platforms Palo Alto XSIAM, Splunk, Microsoft Sentinel etc.
  • Hands-on experience to Analyse logs/events from SIEM solution, wireshark and other infrastructure
  • Deep knowledge of cybersecurity concepts, technologies, and best practices
  • Experience in working in Security Operation Centre and Network Security operations
  • Hands-on experience in administering & managing Vulnerability Management solutions like Qualys, Tenable etc.
  • Hands-on experience in administering & managing SOAR Palo Alto Cortex XSOAR or other SOAR solutions
  • Expertise in writing new and interpreting query language SPL, KQL, XQL
Job Responsibility
Job Responsibility
  • Act like a SIEM consultant who provides expertise and guidance to organizations in setting up, managing, and improving their SOC capabilities
  • Look over dashboards, and reports from the previous day or shift, including checking for any new threats and identifying malware
  • Prepare for and respond to system breaches or attacks
  • Respond to hacks or network insecurities and working to prevent new ones
  • Participate in a shift roster which may comprise of shifts business hours and after hours
  • Assessing SIEM maturity: Evaluating the existing SIEM setup and capabilities of an organization
  • Developing or refining the SIEM infrastructure, the architecture, tools, processes, and workflows of a SOC
  • Implementing security technologies when necessary: Assessing, selecting, and implementing various security technologies such as SIEM, SOAR systems, intrusion detection systems, threat intelligence platforms, and incident response tools
  • Support the Security Management Lifecycle including: monitoring, investigation, research, correlation, trend analysis, remediation and siem configuration
  • Developing security policies and procedures: Assisting in developing, documenting, maintaining SOC standard operating procedures (SOPs), incident response plans, playbooks, and other security policies
  • Fulltime
Read More
Arrow Right

Sr. Manager, Security Engineering

This is a high-visibility leadership role within the Security organization, repo...
Location
Location
United States
Salary
Salary:
232000.00 - 278000.00 USD / Year
illumio.com Logo
Illumio
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Demonstrable experience leading and managing global teams in a technology company
  • At least 3 years in a people management position
  • 3-5 years hands-on technical experience in Incident Response and Security Operations roles
  • Cloud Security experience required, preferably across multiple cloud platforms such as Azure and AWS
  • Deep understanding of Security Tools and Technologies such as Sentinel, Defender for Cloud, CSPM tools, WAF, IAM, EDR, DLP
  • Experience measuring SOC/SIEM performance and reporting metrics
Job Responsibility
Job Responsibility
  • Help shape the strategic direction of the Security Program with knowledge and experience in all facets of Detection, Response and Recovery
  • Guide and support a global team of SOC Analysts, Security Engineers, Incident Responders and Threat Hunters
  • Drive use of Illumio’s own products to keep us secure and improve core capabilities for our customers by providing direct feedback to our Product Management teams
What we offer
What we offer
  • Medical, Dental, Vision Coverage
  • Health and Dependent Savings Accounts
  • Life and Disability Programs
  • Paid Parental Leave
  • Voluntary Benefit Programs
  • Company Sponsored Wellness Program
  • Wellness Reimbursement Program
  • Retirement Savings
  • Equity Opportunities
  • Paid time off and Paid Holidays
  • Fulltime
Read More
Arrow Right
Remote jobs Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog Salaries About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy