CIS SOC Analyst (L1L3)

Tsukuba - Japan

Monthly Salary: Not Disclosed

Posted on: Yesterday

Vacancies: 1 Vacancy

Job Summary

Choosing Capgemini means choosing a company where you will be empowered to shape your career in the way youd like where youll be supported and inspired bya collaborative community of colleagues around the world and where youll be able to reimagine whats possible. Join us and help the worlds leading organizationsunlock the value of technology and build a more sustainable more inclusive world.

Job Description

SOC Analyst (L1L3)

Responsibilities:

Operations & Monitoring

Oversee daily SOC operations including threat monitoring alert triage incident investigation and response coordination.
Ensure that security incidents are detected analyzed prioritized contained and remediated efficiently.
Maintain operational awareness of active incidents emerging threats and vulnerabilities.
Ensure alignment of SOC processes with organizational policies SLAs and compliance requirements.

Technology & Process Optimization

Manage and optimize SOC tools and technologies including SIEM SOAR EDR/XDR NDR and threat intelligence platforms.
Drive integration and automation initiatives to improve detection efficiency and reduce analyst fatigue.
Collaborate with security engineering teams to fine-tune correlation rules detection logic and data ingestion pipelines.
Develop and maintain incident response playbooks escalation procedures and reporting templates.

Threat Management & Response

Coordinate with the Incident Response Threat Hunting and Threat Intelligence teams for proactive defence and rapid incident containment.
Review major incidents lead post-incident reviews (PIRs) and ensure lessons learned are applied.
Maintain strong situational awareness of the global threat landscape and adjust detection strategies accordingly.
Governance Reporting & Continuous Improvement
Report on SOC performance incident trends and metrics to executive leadership (CISO CIO Risk teams).
Develop SOC policies standard operating procedures (SOPs) and compliance documentation.
Drive maturity improvements based on frameworks such as NIST CSF MITRE ATT&CK and ISO 27001.
Evaluate new technologies and best practices to enhance SOC capabilities and scalability.

Requirements:

From 3 to up to 10 years of experience in cybersecurity operations with hand-on experience in SIEM/SOAR EDR and TI platforms.
Good to have certifications like CISSP CISA CEH ISO27001 (Implementation).

Good to have technical skills:

Understanding of network security endpoint protection cloud security and threat detection technologies.
Expertise in SIEM platforms (e.g. Splunk Azure Sentinel CrowdStrike ELK LogRhythm) and SOAR tools (e.g. Cortex XSOAR Splunk Phantom).
Familiarity with EDR/XDR tools (CrowdStrike Defender Sentinel One) and threat intelligence integration.
Knowledge of adversary tactics and frameworks such as MITRE ATT&CK Cyber Kill Chain and Diamond Model.
Understanding of cloud and hybrid environments (AWS Azure GCP) from a detection and response perspective.

Preferred Certifications:

Certified SOC Analyst (CSA)
GIAC Certified Incident Handler (GCIH)
Certified Information Systems Security Professional (CISSP)
Certified Information Security Manager (CISM)
GIAC Security Operations Manager (GSOM) or GIAC Cyber Threat Intelligence (GCTI)
CompTIA CySA / CASP

Capgemini is an AI-powered global business and technology transformation partner delivering tangible business value. We imagine the future of organizations and make it real with AI technology and people. With our strong heritage of nearly 60 years we are a responsible and diverse group of 420000 team members in more than 50 countries. We deliver end-to-end services and solutions with our deep industry expertise and strong partner ecosystem leveraging our capabilities across strategy technology design engineering and business operations. The Group reported 2024 global revenues of 22.1 billion.
Make it real

Required Experience:

Job Description

SOC Analyst (L1L3)

Responsibilities:

Operations & Monitoring

Oversee daily SOC operations including threat monitoring alert triage incident investigation and response coordination.
Ensure that security incidents are detected analyzed prioritized contained and remediated efficiently.
Maintain operational awareness of active incidents emerging threats and vulnerabilities.
Ensure alignment of SOC processes with organizational policies SLAs and compliance requirements.

Technology & Process Optimization

Manage and optimize SOC tools and technologies including SIEM SOAR EDR/XDR NDR and threat intelligence platforms.
Drive integration and automation initiatives to improve detection efficiency and reduce analyst fatigue.
Collaborate with security engineering teams to fine-tune correlation rules detection logic and data ingestion pipelines.
Develop and maintain incident response playbooks escalation procedures and reporting templates.

Threat Management & Response

Coordinate with the Incident Response Threat Hunting and Threat Intelligence teams for proactive defence and rapid incident containment.
Review major incidents lead post-incident reviews (PIRs) and ensure lessons learned are applied.
Maintain strong situational awareness of the global threat landscape and adjust detection strategies accordingly.
Governance Reporting & Continuous Improvement
Report on SOC performance incident trends and metrics to executive leadership (CISO CIO Risk teams).
Develop SOC policies standard operating procedures (SOPs) and compliance documentation.
Drive maturity improvements based on frameworks such as NIST CSF MITRE ATT&CK and ISO 27001.
Evaluate new technologies and best practices to enhance SOC capabilities and scalability.

Requirements:

From 3 to up to 10 years of experience in cybersecurity operations with hand-on experience in SIEM/SOAR EDR and TI platforms.
Good to have certifications like CISSP CISA CEH ISO27001 (Implementation).

Good to have technical skills:

Understanding of network security endpoint protection cloud security and threat detection technologies.
Expertise in SIEM platforms (e.g. Splunk Azure Sentinel CrowdStrike ELK LogRhythm) and SOAR tools (e.g. Cortex XSOAR Splunk Phantom).
Familiarity with EDR/XDR tools (CrowdStrike Defender Sentinel One) and threat intelligence integration.
Knowledge of adversary tactics and frameworks such as MITRE ATT&CK Cyber Kill Chain and Diamond Model.
Understanding of cloud and hybrid environments (AWS Azure GCP) from a detection and response perspective.

Preferred Certifications:

Certified SOC Analyst (CSA)
GIAC Certified Incident Handler (GCIH)
Certified Information Systems Security Professional (CISSP)
Certified Information Security Manager (CISM)
GIAC Security Operations Manager (GSOM) or GIAC Cyber Threat Intelligence (GCTI)
CompTIA CySA / CASP

Required Experience:

Key Skills

Computer Science
Cobol
Active Directory
Information Technology
Data Collection
C++
Information Security
JavaScript
Technical Expertise
Troubleshoot
PC
Management System
Setup
hardware
Dns

Apply Now

About Company

Capgemini

A global leader in consulting, technology services and digital transformation, we offer an array of integrated services combining technology with deep sector expertise.

View Profile View Profile

AI AutoApply

Apply to 100+ jobs with one click