About the jobOur client is a global IT solution provider specializing in cybersecurity, cloud infrastructure, and digital transformation. They are now looking for a Senior Security Analyst to develop SOC in Hong Kong and to build new Managed Security Service (MSS) offerings.Key Responsibilities: Incident Response & Investigation: Serve as a key point for security incident handling by performing in-depth Level 2 analysis and investigation to determine root cause. CSIRT Escalation & Collaboration: Escalate critical incidents to the CSIRT team for further investigation, demonstrating excellent collaboration skills to ensure timely resolution and minimize customer impact. Remediation & Customer Support: Develop and provide detailed remediation recommendations to customers within agreed SLAs, offering implementation assistance when required. Proactive Threat Management: Proactively collaborate with customers to build threat detection use cases, reduce incident noise, and develop correlation logic. Enable junior regional analysts to focus on high-priority incidents. Threat Intelligence Integration: Evaluate and integrate third-party threat intelligence feeds into our Managed Security Services (MSS) platforms to enhance customer value. Reporting & Presentation: Prepare and customize monthly SOC reports based on business requirements. Present these reports to customers, clearly articulating risks and proposed mitigation plans. Project Leadership for Onboarding: Lead new customer deployment projects by coordinating closely with the customer, regional teams, and stakeholders during the build phase, taking end-to-end responsibility for a successful go-live. Process Improvement: Identify gaps in existing SOC processes and work with internal teams to develop and modify Standard Operating Procedures (SOPs). Drive the automation of routine tasks to enhance operational efficiency. Knowledge Management & Enablement: Empower regional security analysts to deliver seamless L1 support by developing comprehensive SOC playbooks and a robust knowledge base. Team Leadership: Lead and mentor junior analysts in day-to-day operations, ensuring effective incident handling, adherence to SLAs, and professional responses to customer requests.Please note that due to the high number of applications only shortlisted candidates will be contacted. If you do not hear from us in the next 5 business days, we regret to inform you that your application for this position was unsuccessful.

Job Requirements: With a Bachelor’s degree in Computer Science/IT/Information security Candidate should have at least 3 years of experience working in SOC and MSS environments, Excellent hands-on experience in implementations, incident analysis of SIEM technologies e.g. Sentinel, Splunk, QRader, Alienvault, etc. Hands on experience on any Endpoint Protection (EPP) or Endpoint Detection Response (EDR) technologies. Preferred if CrowdStrike, Cisco AMP for endpoint. Hands on experience on email security solutions. Preferred if that is on Cisco Email Solutions. Exposure to firewall technologies such as Cisco, Palo Alto, Checkpoint, Fortinet. Good understanding of WIN, LINUX environments and well versed with basic LINUX commands and troubleshooting, with a proven Unix (Solaris, Linux, BSD) experience. Knowledge on any shell scripting language, and to apply them to automate mundane operations tasks. Understanding of basic network concepts and advantage if exposure to cloud technologies.