Senior Analyst, Cyber Defence (SOC)

Role: SOC Analyst

Title: Senior Analyst, (Cyber Defence - SOC)

Location: Bangalore, India 

About Circles

Founded in 2014, Circles is a global technology company reimagining the telco industry with its SaaS platform - Circles X, helping telco operators launch and operate successful digital brands through its offerings.

Having pioneered a successful blueprint for disrupting the telco space in Singapore, Circles has since launched its own digital telco, Circles.Life, in Singapore, Taiwan and Australia. Circles has also partnered with other telco operators to launch digital services, enabling our partners to accelerate growth and capture market share within a short period of time.

Today, Circles is partnering with operators in 14 countries to deliver delightful digital experiences to millions of people through our businesses.

We are backed by global investors such as Sequoia, Warburg Pincus, EDBI and Founders Fund – renowned backers of industry-shaking innovators.

What You'll Do

In the role of a Security Incident Specialist, your responsibilities will involve providing support to Circles’ Group SOC team, including cyber security incident response, automating SOC alert handling, reducing manual efforts, increasing efficiency and productivity of the SOC team. 

Your duties encompass managing threat intelligence, monitoring security events, conducting security incident investigations, performing forensic analysis, and coordinating security incident responses for Circles' global systems and data. You will have a pivotal role in carrying out cyber security incident response with DevSecOps mindset. 

What we are looking are looking for: -

Essential:

• Bachelor’s degree (or equivalent experience) in Computer Science, Engineering, or other technical field.
• 1+ years of direct information security and or Security Operations Center (SOC) experience in a global IT environment.

• Demonstrate a track record of successfully correlating events and conducting effective assessments of observed indicators of attacks (IOA).
• Showcase expertise in utilizing Security Information and Event Management (SIEM) systems, coupled with a refined alert triage process.
• Leverage substantial experience in building sophisticated Security Orchestration, Automation, and Response (SOAR) workflows.
• Possess a deep understanding of the OWASP Top 10 and the ability to intricately link vulnerabilities to real-world threat scenarios.
• Apply strong analytical and problem-solving skills to proactively identify and address emerging security challenges.
• Expertise in scripting (e.g., Python, Bash) and programming languages (e.g., PowerShell, JavaScript) is vital for automating tasks and bolstering incident response capabilities, reflecting the dynamic nature of cybersecurity. Adaptability and ongoing learning are essential traits in our environment.

Requirements:

Alert Triage:

• Analyze and assess security alerts with precision to identify potential threats.
• Prioritize alerts based on severity, potential impact, and risk to the organization.
• Execute incident response processes and procedures to effectively address security incidents.
• Demonstrate technical proficiency in using alert triage tools, including SIEM systems and related security technologies.
• Effectively communicate findings, collaborate with security professionals, and document triage processes accurately.
• Distinguish between false positives and actual security incidents with attention to detail.
• Apply knowledge of common attack vectors, tactics, techniques, and procedures (TTPs).
• Collaborate with team members and cross-functional departments to ensure effective response to security incidents.
• Stay updated on the latest threats, vulnerabilities, and security technologies through continuous learning.
• Proficient in log parsing, pipeline creation, and filtering techniques, along with data normalization for improved alert triaging and ability to apply contextual analysis during log processing to grasp the broader security implications of entries.

Automation Experience

• Engaged in hands-on activities to build and refine automated workflows within a SOAR framework.
• Integrated the SOAR platform with diverse security tools and APIs, employing both pre-built and custom applications.
• Identified, assessed, and proposed innovative improvements for SOAR processes and playbooks.
• Proficient in employing scripting languages like Bash, Go, Python, or JSON to automate SOC functions.
• Demonstrated strong proficiency in Linux, shell scripting, and executing API and Microservices calls.
• Experience with SOAR tools such as SwimLane or Shuffle SOAR framework would be an added benefit.
• OSCP, GCIH/GCIA certifications or has plan to obtain in future is good to have.

Flexibility:

Ability to work in 24x7 environments as per business needs.

To all recruitment agencies: Circles will only acknowledge resumes shared by recruitment agencies if selected in our preferred supplier partnership program.

Please do not forward resumes to our jobs alias, Circles employees or any other company location. Circles will not be held accountable for any fees related to unsolicited resumes not uploaded via our ATS.

Circles is committed to a diverse and inclusive workplace. We are an equal opportunity employer and do not discriminate on the basis of race, national origin, gender, disability or age.