Security Operations Center Analyst

About the role

The Security Operations Center (SOC) Analyst will join the bank’s cyber‑defense team, monitoring the network for threats, responding to incidents, and supporting security tooling. The role requires a solid understanding of the bank’s technical environment and the ability to differentiate malicious activity from normal behavior.

Key responsibilities

• Detect, identify, and alert on potential attacks, intrusions, and anomalous activities.
• Research, analyze, and correlate data from multiple security sources.
• Respond to incidents 24/7, assess escalation risk, and coordinate mitigation actions.
• Produce daily, weekly, and monthly reports on network events and cyber‑defense activities.
• Maintain accurate incident records and develop knowledge‑base articles for recurring issues.
• Monitor threat‑intelligence feeds and perform weekly backups and health checks of security devices.
• Coordinate with OEMs and support providers for updates, upgrades, and technical issues.
• Implement, configure, and fine‑tune SIEM solutions, including correlation rule creation.
• Manage security infrastructures such as DLP, EDR, XDR, antivirus, data security, and data classification tools.
• Create templates and conduct vulnerability assessments of the IT infrastructure.

Required profile

• Strong knowledge of computer networking concepts, protocols, and network security methodologies.
• Understanding of cyber threats, vulnerabilities, and incident response processes.
• Familiarity with vulnerability information sources (alerts, advisories, bulletins).
• Knowledge of intrusion detection techniques, network traffic analysis, and emerging cybersecurity technologies.
• Awareness of cybersecurity and privacy principles (confidentiality, integrity, availability, authentication, non‑repudiation).

Required skills

• SIEM implementation, administration, and rule development.
• DLP, EDR, XDR, antivirus, and data classification tools.
• Vulnerability assessment and penetration testing tools (e.g., Nmap, fuzzing tools).
• Network analysis tools for identifying vulnerabilities.
• Social engineering techniques (phishing, baiting, tailgating).
• Endpoint security solutions (EDR, XDR, AV).
• Threat‑intelligence feed monitoring.