Act as the senior on-shift security operations lead for SEA coverage
Serve as the primary escalation point for Tier 1 analysts in the region
Ensure consistent, high-quality alert triage, investigation, and documentation
Review and validate high-risk, ambiguous, or complex alerts before escalation
Perform hands-on investigations alongside analysts when needed
Own shift handoffs with EMEA and US leads to ensure continuity of operations
Maintain situational awareness of ongoing investigations and regional risk
Coach and mentor 1–2 SOC analysts, improving investigation quality and decision-making
Ensure playbooks, runbooks, and escalation paths are followed correctly
Identify recurring alert quality issues, false positives, and process gaps and raise them to global SOC leadership
Contribute to improving detection quality, operational workflows, and documentation standards
Represent SEA operations in cross-region SOC syncs and operational discussions

5+ years of experience in SOC, security operations, or security monitoring roles
Prior experience as a senior analyst, shift lead, or acting lead in a SOC environment
Strong hands-on experience with: Security alert triage and investigation, Incident severity assessment and escalation decisions, Coordinating investigations during active incidents
Strong understanding of: Networking fundamentals (TCP/IP, DNS, HTTP/S), Windows and macOS endpoint behavior, Cloud and SaaS logging concepts, Common attack techniques (phishing, credential abuse, malware, persistence)
Experience working with: SIEM platforms (Splunk, Panther, Sentinel, QRadar, etc.), EDR/XDR tools, and Cloud platforms (AWS, Azure, GCP) in a security operations context
Strong written and verbal English communication skills

Security Operations Lead – SOC

Key skills