CrawlJobs Logo

SOC Incident Responder

https://www.citi.com/ Logo

Citi

Location Icon

Location:
Singapore , Singapore

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

The Info Sec Tech Lead Analyst is a senior level professional position responsible for driving efforts to prevent, monitor and respond to information/data breaches and cyber-attacks. The overall objective of this role is to ensure the execution of Information Security directives and activities in alignment with Citi's data security policy.

Job Responsibility:

  • Identify opportunities to automate and standardize information security controls and for the supported groups
  • Resolve any vulnerabilities or issues detected in an application or infrastructure
  • Analyze source code to mitigate identified weaknesses and vulnerabilities within the system
  • Review and validate automated testing results and prioritize actions that resolve issues based on overall risk
  • Scan and analyze applications with automated tools, and perform manual testing if necessary
  • Reduce risk by analyzing the root cause of issues, their impact, and required corrective actions
  • Direct the development and delivery of secure solutions by coordinating with business and technical contacts
  • Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency.

Requirements:

  • 6-10 years of relevant experience
  • Advanced proficiency with Microsoft Office tools and software
  • Consistently demonstrates clear and concise written and verbal communication
  • Proven influencing and relationship management skills
  • Proven analytical skills
  • Bachelor’s degree/University degree or equivalent experience
  • Master’s degree preferred

Additional Information:

Job Posted:
December 29, 2025

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
Citi - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for SOC Incident Responder

Principal Cybersecurity Incident Response Analyst

Principal Cybersecurity Incident Response Analyst role at HPE's Cyber Defense Ce...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree (or equivalent work experience) required, preferably in computer science, engineering or related area of study
  • Typically 8+ years of relevant experience
  • SOC team/Incident response/Advanced threat analyst experience is required
  • Proven track record of leading complex cybersecurity initiatives and managing ambiguous incidents
  • Extensive understanding of adversary tactics, techniques, and procedures (TTPs)
  • Extensive Cyber and IT security knowledge
  • Extensive understanding of Cyber and IT security risks, best practices, threats and prevention measures
  • Extensive understanding of SQL and relevant scripting languages
  • Extensive data security system analysis skills
  • Extensive risk assessment and management skills
Job Responsibility
Job Responsibility
  • Lead and coordinate responses to the most severe and complex cybersecurity incidents
  • Guide cross-functional teams through containment, eradication, and recovery
  • Provide executive-level oversight and decision-making during critical incidents
  • Effectively analyze associated logs and respond to high severity incidents
  • Contribute to the company's security response methods
  • Mentor and provide technical guidance to less experienced cybersecurity professionals
  • Stay at the forefront of cybersecurity trends, threats, and technologies
  • Foster a culture of continuous improvement and innovation
  • Provide insight and guidance through after action reviews
What we offer
What we offer
  • Health & Wellbeing benefits
  • Personal & Professional Development programs
  • Unconditional Inclusion environment
  • Comprehensive benefits suite supporting physical, financial and emotional wellbeing
  • Fulltime
Read More
Arrow Right

L2 SOC Analyst

Quzara, a leading Cyber Security Firm, is seeking a highly skilled and experienc...
Location
Location
United States
Salary
Salary:
Not provided
quzara.com Logo
Quzara
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • At least 5+ years of experience in a SOC Analyst role at a SOC/MXDR or MSSP with L2 experience
  • Strong understanding of networking technologies
  • Experience with Microsoft security technologies such as Microsoft Sentinel and M365 Defender
  • Strong understanding of security best practices and incident response procedures
  • Experience with deep threat intelligence
  • Strong proficiency with KQL Queries
  • Strong verbal and written communication skills
  • Strong analytical and problem-solving skills
  • Azure experience working with azure security is a must
  • Experience with scripting languages such as Python, PowerShell, and JavaScript
Job Responsibility
Job Responsibility
  • Monitor and analyze security events utilizing advanced security technologies and tools such as Microsoft Sentinel, Defender technologies, and Log Analytics
  • Utilize deep threat intelligence to identify and investigate potential security threats
  • Respond to and triage security incidents, escalating as necessary
  • Utilize proficiency in KQL Queries to conduct investigations and gain insights into potential security threats
  • Collaborate with other teams to resolve security incidents and improve overall security posture
  • Participate in incident response efforts and assist in forensic investigations, adhering to NIST guidelines
  • Continuously improve security operations through the identification of trends and anomalies
  • Communicate security incidents and findings to stakeholders and management
  • Fulltime
Read More
Arrow Right

Director - Cyber Incident Response

The Cyber Incident Response Director will play a key role in building and leadin...
Location
Location
India , Pune
Salary
Salary:
Not provided
cencora.com Logo
Cencora
Expiration Date
February 28, 2026
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or a related discipline required
  • Master’s degree preferred
  • 10–15 years of progressive experience in cybersecurity
  • at least 5 years focused on SOC operations or incident response
  • Minimum of 5 years in a people management role, leading incident response or SOC analyst teams
  • Hands-on experience with SIEM, EDR, SOAR, and forensic tools (e.g., Splunk, CrowdStrike, Microsoft Defender, etc)
  • Proven experience responding to advanced threats, ransomware, phishing campaigns, and insider incidents
  • Demonstrated success in building or scaling SOC teams in a global enterprise environment
  • Strong communication skills, with the ability to brief technical and non-technical stakeholders during incidents
  • Strong knowledge of incident response methodology, SOC operations, and security frameworks (e.g., NIST, MITRE ATT&CK)
Job Responsibility
Job Responsibility
  • Build, lead and manage the SOC team in Pune, including hiring, training, mentoring, and performance management of analysts and responders
  • Oversee daily incident detection, analysis, containment, eradication, and recovery efforts
  • Serve as the escalation point for high-priority or complex cyber incidents, ensuring timely response and communication to global stakeholders
  • Develop and maintain incident response playbooks, runbooks, and standard operating procedures
  • Partner with global SOC teams to align processes, technology, and reporting standards
  • Collaborate with threat intelligence, vulnerability management, forensics, and insider threat teams to drive a unified defense strategy
  • Manage relationships with key stakeholders in IT, Legal, Compliance, and Corporate Security during incident investigations
  • Provide executive-level reporting and updates on incident trends, SOC performance metrics, and operational risks
  • Ensure incident response activities comply with global regulatory and organizational requirements
  • Drive continuous improvement of detection rules, automation, and response workflows in the SOC
  • Fulltime
Read More
Arrow Right

Operations Security Consultant

The Operations Security Consultant is responsible for the end-to-end management ...
Location
Location
India , Chennai
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8 to 12 years experience
  • B.E./ B.Tech./ MCA degree
  • Hands-on expertise with QRadar SIEM, SOC operations, and incident response
  • Proficiency in security frameworks: NIST CSF, CIS Controls, DORA, GDPR
  • Experience with vulnerability management, threat hunting, and risk assessment methodologies
  • Familiarity with automation, SOAR solutions, and operational workflow optimization
  • Strong experience on at least one technical environment: Cloud (AWS/Azure), Mainframe, Datawarehouse, Database, O365
  • CISSP or CISM certification preferred
Job Responsibility
Job Responsibility
  • Oversee Daily security operations and maintain operational excellence
  • Manage 24/7 monitoring, triage, investigation, and resolution of security incidents via SIEM (QRadar)
  • Coordinate incident management efforts across internal teams and external stakeholders
  • Develop, fine-tune, and manage security detection rules, use cases, and threat intelligence integration
  • Implement continuous improvement processes using KPIs, operational reviews, and performance metrics
  • Manage Lead SOC analysts, threat hunters, and incident responders
  • Facilitate collaboration across engineering, compliance, and client teams
  • Ensure compliance with ISO 27001, NIST CSF, CIS Controls, DORA, GDPR, and client-specific standards
  • Lead preparation of audits, client reports, and executive dashboards
  • Maintain risk treatment plans aligned with ISO 27001 standards
What we offer
What we offer
  • Commitment to fighting against all forms of discrimination
  • Inclusive and respectful work environment
  • Positions open to people with disabilities
  • Fulltime
Read More
Arrow Right

Managed Services Operations Specialist

The Managed Services Operations Specialist is a skilled cybersecurity specialist...
Location
Location
Romania , Bucuresti
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • At least 1 year of experience working in an industry standard SOC in security analysis/incident handling and security monitoring
  • Experience or at least knowledge of Cloud technologies (Azure preferred)
  • Experienced in SIEM (Sentinel, Splunk, QRadar Chronicle, McAfee, CryptoSIM, Logsign etc.) and SOAR products
  • Knowledgeable in security topics such as next gen firewalls (Fortinet, PaloAlto, CheckPoint) and other network security devices and software such as WAF, DLP, anti-virus/anti-malware, threat intelligence, etc.
  • General understanding of attacker tools, tactics and techniques and referencing on MITRE ATT&CK, knowledge of MITRE Shield
  • Familiar with tools for malware analysis, open-source threat Intelligence and SOAR
  • Detail-oriented, problem-solving mindset with critical and analytical thinking
  • Ethical integrity, good at teamwork, responsible and highly motivated
  • Result-oriented, inquisitive, eager to learn new threats, technologies, and security practices
  • Fluent in English to read and interpret global reports and technical articles published in the field of cybersecurity
Job Responsibility
Job Responsibility
  • Monitor security access and identify security incidents using Security Information and Event Management (SIEM) tools
  • Ensure continuity and availability of the modular platform components and security systems required
  • Perform initial analysis and investigation of security alerts to differentiate false positives from true incidents. This includes understanding attack vectors, malware behavior, and the potential impact of different types of threats
  • Document security incidents and actions taken in response
  • Escalate complex incidents to higher-level SOC threat responders and experts for further analysis and resolution, working in partnership with the L2 Central SOC teams and other SOCs
  • Participate in developing incident response protocols and procedures
What we offer
What we offer
  • Hybrid working regime 2 days from the office, 3 days remote
  • Special discounts for Vodafone employees, Friends & Family offers
  • Demo telephone subscription - unlimited (voice and data)
  • Voucher for the purchase of a mobile phone
  • Medical subscription to a top private clinic & other medical benefits
  • Insurance for hospitalization and surgical interventions
  • Life insurance
  • Meal tickets
  • Bookster subscription
  • Participation in development programs and challenging projects in the leadership area
  • Fulltime
Read More
Arrow Right

Gaming Principal, Cloud Threat Detection & Incident Response Engineer

We are seeking a Gaming Principal, Cloud Threat Detection & Incident Response En...
Location
Location
United States , Multiple Locations
Salary
Salary:
139900.00 - 274800.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR equivalent experience
Job Responsibility
Job Responsibility
  • Architect and drive Gaming’s cloud-first detection and response vision by integrating Azure, AWS, and GCP (Google Cloud Platform) native security services and telemetry sources into TDIR (Threat Detection, Investigation, and Response) workflows
  • Lead adoption and optimization of Microsoft Defender for Cloud, Sentinel, Entra ID security, Defender for Cloud Apps, and other cloud-native security controls
  • Establish standards and reference architectures for cloud telemetry ingestion, normalization, enrichment, and threat analytics across diverse studio environments
  • Build and maintain high-fidelity, cloud-native detections targeting threat actors across identity, SaaS, PaaS, IaaS, and Kubernetes environments
  • Develop behavioral detections leveraging KQL (Kusto Query Language), automation, analytics, and ML-assisted methodologies
  • Partner with threat intelligence to map adversary TTPs (Tactics, Techniques, and Procedures) to cloud control surfaces and turn insights into durable detection engineering roadmaps
  • Serve as principal technical authority during major cloud-related incidents, providing expert guidance on identity compromise, lateral movement, key/material theft, resource manipulation, and multi-cloud attack paths
  • Formalize standards for cloud investigations, including telemetry requirements, visibility gaps, and automated triage workflows
  • Drive post-incident cloud hardening by influencing product teams, studio engineering, and platform owners
  • Architect and implement automation for detection deployment, evidence collection, containment, and remediation using Azure Functions, Logic Apps, and modern SOAR patterns
  • Fulltime
Read More
Arrow Right

Sr. Manager, Security Engineering

This is a high-visibility leadership role within the Security organization, repo...
Location
Location
United States
Salary
Salary:
232000.00 - 278000.00 USD / Year
illumio.com Logo
Illumio
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Demonstrable experience leading and managing global teams in a technology company
  • At least 3 years in a people management position
  • 3-5 years hands-on technical experience in Incident Response and Security Operations roles
  • Cloud Security experience required, preferably across multiple cloud platforms such as Azure and AWS
  • Deep understanding of Security Tools and Technologies such as Sentinel, Defender for Cloud, CSPM tools, WAF, IAM, EDR, DLP
  • Experience measuring SOC/SIEM performance and reporting metrics
Job Responsibility
Job Responsibility
  • Help shape the strategic direction of the Security Program with knowledge and experience in all facets of Detection, Response and Recovery
  • Guide and support a global team of SOC Analysts, Security Engineers, Incident Responders and Threat Hunters
  • Drive use of Illumio’s own products to keep us secure and improve core capabilities for our customers by providing direct feedback to our Product Management teams
What we offer
What we offer
  • Medical, Dental, Vision Coverage
  • Health and Dependent Savings Accounts
  • Life and Disability Programs
  • Paid Parental Leave
  • Voluntary Benefit Programs
  • Company Sponsored Wellness Program
  • Wellness Reimbursement Program
  • Retirement Savings
  • Equity Opportunities
  • Paid time off and Paid Holidays
  • Fulltime
Read More
Arrow Right

Security Operations Analyst

The Security Operations Analyst is a member of the IT Infrastructure & Security ...
Location
Location
India , Gurugram
Salary
Salary:
Not provided
spectramedix.com Logo
SpectraMedix
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2–4 years of experience in security operations, SOC, or incident response roles
  • Hands-on experience monitoring and responding to security alerts
  • Familiarity with endpoint detection and response (EDR), SIEM, and log monitoring tools
  • Working knowledge of: Networking items (TCP/IP, DNS, HTTPS, SSH, SFTP). Authentication and access control concepts. Intrusion detection, malware, phishing, and common attack techniques
  • Experience working within documented procedures and escalation models
  • Must have worked with US based clients in onsite/off shore delivery model
  • Strong verbal and written communication, technical articulation, listening, and presentation skills are essential
  • Should have proven analytical and problem-solving skills
  • Demonstrated expertise in prioritization, time management, and stakeholder management (both internal and external) is necessary
  • Should be a quick learner, self-starter, proactive, and an effective team player
Job Responsibility
Job Responsibility
  • Monitor, triage, and investigate security alerts generated by security tools (e.g., Sophos, Azure Monitor, Log360, server OS and application logs)
  • Act as the first responder for confirmed security events, including malware detections, suspicious logins, anomalous system behavior, and phishing reports
  • Perform containment actions (e.g., isolate endpoints, disable accounts, block indicators) following approved procedures
  • Escalate incidents to the IT Security Analyst or Incident Response team with documented findings and evidence
  • Maintain accurate incident records, timelines, and response actions in incident tracking systems
  • Execute daily, weekly, monthly, quarterly, and annual security operational tasks as defined in the System Security Plan and security runbooks
  • Review endpoint, server, and system logs for indicators of compromise or policy violations
  • Validate vulnerability scan results and assist with remediation tracking
  • Assist with access reviews, security control verification, and operational evidence collection
  • Analyze reported phishing emails and user-submitted security issues or concerns
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy