Senior Security Operations Center Analyst

Be a key player at the forefront of the digital assets movement, propelling your career to new heights! Join a dynamic and rapidly expanding company that values and rewards talent, initiative, and creativity. Work alongside one of the most brilliant teams in the industry.

• 5+ years in Security Operations / Incident Response / Blue Team
• 3+ years in Security Engineering, SRE, or platform engineering roles (can be combined with the above)
• Deep familiarity with SIEM/SOAR platforms (e.g., Elastic, Splunk, Sentinel, Cortex XSOAR)
• Advanced understanding of cloud services (AWS/GCP), Linux, as well as network and endpoint forensics
• Strong familiarity with security standards (OWASP Top 10, OWASP ASVS, NIST CSF, CIS Benchmarks)
• Strong scripting and automation skills (Python, Bash, etc.)
• Demonstrated experience contributing to process improvement, documentation, and response strategy
• Understanding of regulatory frameworks (DORA, ISO 27001, PCI DSS) and how they shape incident response requirements
• Strong experience in high-tempo environments with incident response lifecycle, root cause analysis documentation, and on-call participation
• Excellent written and verbal communication; able to translate technical findings for non-technical stakeholders

Responsibilities:

• Investigate complex and high-severity security incidents with autonomy and technical depth
• Perform root cause analysis and contribute to post-incident reviews and knowledge-sharing
• Develop and refine advanced threat hunting queries both proactively and in time-critical incident response settings
• Contribute to the continuous evolution of response playbooks for emerging threats
• Support and guide more junior analysts through technical reviews and pairing where appropriate
• Participate in internal and external red teaming exercises and contribute actionable technical feedback
• Identify improvements and contribute to strategies to tune and optimize SIEM/SOAR alerts to reduce noise and increase fidelity
• Identify gaps in detection coverage and propose relevant log sources and telemetry
• Collaborate with SIEM engineering to improve logging and data normalisation
• Participate in alert reviews and retrospective sessions, contributing with hands-on expertise
• Automate repetitive SOC processes (e.g., alert enrichment, triage workflows)
• Build preferably code-based integrations between third party and in-house products for SOAR/security platform pipelines
• Contribute to tooling design that improves triage speed and consistency
• Act as a technical contributor on cross-functional initiatives involving SIEM, IAM, AppSec, InfraSec, Compliance, and Risk teams
• Deliver security enhancements across monitoring, containment, and remediation layers
• Provide technical input on platform changes to ensure coverage and visibility for SOC is maintained
• Support alignment of SOC processes with DORA, ISO 27001, PCI DSS, etc.
• Support evidence generation and control effectiveness testing
• Work closely with Audit, GRC, and Compliance functions