Senior / Lead SOC Analyst (IGT1 Lanka: Sitecore)
Senior / Lead SOC Analyst (IGT1 Lanka: Sitecore)
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
About the role:
Sitecore is looking for a dedicated and detailoriented Senior / Lead Security Analyst with a strong knowledge on Security Operations Center (SOC) functions to support our global cybersecurity operations. Based in Sri Lanka and working in the U.S. time zone the Security Analyst will play a critical role in daily SOC activities including incident triage investigation escalation and reporting.
This position will support our 24x7x365 SOC operations and will involve rotational weekend coverage. The ideal candidate has experience working with SIEM platforms like Microsoft Sentinel collaborating with Managed Security Service Providers (MSSPs) and has a strong understanding of threat detection and incident response processes.
Key Responsibilities
SOC Operations & Incident Management
- Monitor and respond to alerts generated by SIEM and other security platforms in realtime.
- Triage and investigate potential security incidents escalating as needed per incident response procedures.
- Collaborate with the MSSP to ensure timely and accurate incident detection analysis and response.
- Document and track incidents from detection through resolution including postincident analysis and reporting.
- Develop and deploy automated security playbooks to improve incident response efficiency.
Threat Detection & Reporting
- Analyze log data and threat intelligence to identify patterns and potential indicators of compromise (IOCs).
- Produce clear concise and timely reports on incidents trends and operational metrics.
- Participate in daily SOC operations meetings and provide updates on ongoing investigations.
- Develop and implement security detection rules and correlation use cases to enhance threat visibility.
- Conduct proactive threat hunting using SIEM and EDR tools to identify potential security incidents.
Collaboration & Escalation
- Work closely with internal teams (IT Product R&D GRC) to escalate and resolve security issues.
- Ensure all incidents are properly documented and communicated to stakeholders based on severity.
Tool Management & MSSP Coordination
- Utilize and support SIEM tools like Microsoft Sentinel for detection correlation and analysis.
- Work directly with MSSPs to monitor service levels investigate escalated events and continuously improve operations.
- Provide feedback and work with the Security Manager to refine SOC processes and improve incident response maturity.
Shift & Weekend Coverage
- Work hours aligned to U.S. Central or Eastern time zones.
- Participate in a rotational weekend schedule to support 24x7x365 SOC coverage.
- Be available for urgent escalations and highpriority incidents during assigned shifts.
- May involve occasional afterhours support for critical security incidents.
Qualifications :
Preferred Skills and Experience:
- 35 years of experience in a SOC incident response or cybersecurity operations role.
- Handson experience with SIEM tools preferably Microsoft Sentinel.
- Familiarity with working alongside MSSPs in a 24x7 monitoring model.
- Strong understanding of incident response lifecycle threat hunting and alert triage.
- Strong analytical skills for proactive threat detection.
- Handson experience in developing and deploying automated security response playbooks.
- Handson experience in cloud environments Azure and AWS.
- Good knowledge of network security log analysis and common attack techniques.
- Strong communication skills and ability to write clear incident reports and documentation.
- Security certifications such as CySA CEH GCIH CISSP or similar are a plus.
- Ability to work independently manage time across shifts and prioritize tasks effectively.
Remote Work :
No
Employment Type :
Fulltime
Employment Type
Full-time
