Senior SOC Analyst – Security Operations (SecOps)

Context

We are supporting a fast-growing tech company operating at scale, with strong security and reliability requirements.

The Security Operations team is responsible for maintaining the security posture of the platform, with a strong focus on monitoring, alert triage, and incident response in a cloud-native environment.

The goal of this role is to take ownership of day-to-day security operations, allowing the rest of the team to focus on more complex engineering and security initiatives.

This is a hands-on, operational role, requiring strong execution and the ability to quickly understand context and systems.

Mission

The consultant will join the Security Operations team and focus on run activities and SOC operations.

Security Monitoring & Alert Triage

• Monitor security tools and dashboards to detect suspicious activity

• Triage alerts from SIEM (Google SecOps), EDR, and internal systems

• Investigate alerts using existing runbooks and playbooks

• Escalate issues to the appropriate teams when needed

• Improve alert quality (reduce noise, fix misconfigurations)

Incident Response

• Handle and prioritize security incidents based on severity and business impact

• Perform initial investigations and root cause analysis

• Coordinate with engineering and infrastructure teams for resolution

• Document incidents and actions clearly

Vulnerability Triage

• Analyze outputs from vulnerability scanning tools

• Assess severity and business impact of vulnerabilities

• Follow up with relevant teams to ensure remediation

Security Operations Support

• Act as a “security point of contact” during working hours

• Respond to internal requests (Slack, tickets, alerts)

• Route topics to the right stakeholders when needed

• Contribute to maintaining clear and usable documentation

Tech Environment

• Cloud: GCP (primary), AWS

• Security: Google SecOps (SIEM), Wiz, Adaptive Shield, Trufflehog

• Infrastructure: Kubernetes, Terraform

• Observability: Datadog

• Identity & Access: Okta

• Edge Security: Cloudflare, Zscaler

• DevOps: GitHub, CircleCI

• Collaboration: Jira, Confluence

Profile

• Strong experience in SOC / Security Operations (L2 / L3 level)

• Hands-on experience with SIEM tools (Google SecOps is a strong plus)

• Solid experience in alert triage and incident response

• Experience working with runbooks and operational processes

• Ability to quickly understand context and navigate complex environments

• Comfortable working in high-paced, scale-up environments

• Good understanding of cloud environments (GCP or AWS)

• Strong communication skills and ability to coordinate across teams

• Fluent English required

Nice to Have

• Experience with vulnerability management tools

• Familiarity with MITRE ATT&CK

• Previous experience in high-growth / international environments