Job Closed

This listing is no longer active.

Kora logo
Kora

Payment Infrastructure! Plug and play solution for businesses to launch a tailored payment experience to their customers

Security Operations Center, (SOC) Analyst

Location

Nigeria

Posted

69 days ago

Salary

0

Seniority

Mid Level

No structured requirement data.

Job Description

Security Operations Center, (SOC) Analyst

Kora

Role Description As a SOC Analyst, you will be responsible for monitoring, detecting, analyzing, and responding to cybersecurity threats and incidents within the organization. This role plays a critical part in maintaining the organization’s security posture by leveraging security tools, threat intelligence, and established processes to identify and mitigate risks in real time. - Monitor security events and alerts from SIEM, EDR, IDS/IPS, firewalls, and cloud security tools - Analyze logs and alerts to identify potential security incidents or anomalies - Perform initial triage to determine severity, impact, and scope of threats - Escalate validated incidents based on defined procedures - Investigate and respond to security incidents (e.g., phishing, malware, unauthorized access) - Contain and remediate threats in collaboration with IT, Engineering and security teams - Document incidents, actions taken, and lessons learned - Support post-incident reviews and root cause analysis - Leverage threat intelligence feeds to identify emerging threats and indicators of compromise (IOCs) - Conduct proactive threat hunting activities to detect hidden threats - Update detection rules and use cases based on the evolving threat landscape - Support vulnerability management activities (scan review, prioritization, remediation tracking) - Assist in patch validation and security control effectiveness testing - Collaborate with engineering teams to improve security controls and detection capabilities - Maintain accurate incident logs and case management records - Prepare daily/weekly SOC reports and dashboards - Develop and update incident response playbooks and runbooks - Other duties as assigned by the CISO Qualifications - 2–4 years of experience in a SOC, cybersecurity, or IT security role - Minimum of a Bachelor’s degree certificate - Hands-on experience with security tools such as SIEM (e.g., Splunk, QRadar), EDR (e.g., CrowdStrike, Defender), and firewalls - Understanding of network protocols, operating systems, and common attack vectors - Familiarity with incident response processes and frameworks - Knowledge of frameworks such as MITRE ATT&CK, NIST, or ISO 27001 - Scripting or automation skills (Python, PowerShell, Bash) is preferred - Good communication & interpersonal skills - Positive attitude - Ability to handle stress appropriately and interact well with others Key Skills - Strong analytical and investigative mindset - Ability to work under pressure in a fast-paced, 24/7 environment - Attention to detail and critical thinking skills - Effective communication and incident documentation skills - Team collaboration and cross-functional coordination - Continuous learning mindset to stay ahead of evolving threats Benefits - Health insurance - Sponsored and tailored training - Paid parental leave - Paid time-off - Flexible work style - Low-interest loans - Group Life Insurance - Access to up to four therapy sessions monthly - Day off on your birthday 🎂 🎁 🎉 - Employee interest groups that provide supportive communities within Kora - Great company culture and the opportunity to work with a highly collaborative team building something great! Equal Opportunity Employer Kora is an equal-opportunity employer dedicated to building an inclusive and diverse workforce. All employment decisions are based on qualifications, experience, and business needs. We strongly encourage applications from underrepresented communities and diverse ethnic groups to apply. Please feel free to inform us if you need any accommodations to facilitate your participation in the recruitment process. Any details you share will be used solely to ensure we can support and accommodate your needs appropriately.

Related Categories

Related Job Pages

More Security Operations Jobs

Full TimeRemoteTeam 11-50

Role Description The Engineering & Operations Lead, Information Security will be responsible for driving the design, implementation, optimization, and operational management of Qore’s cybersecurity engineering and security operations capabilities. The role requires deep expertise in cybersecurity engineering, security operations, threat detection and response, infrastructure security, cloud security, and operational resilience within highly regulated financial environments. The successful candidate will lead security engineering initiatives that protect enterprise systems, cloud environments, customer platforms, APIs, data assets, and operational infrastructure against evolving cyber threats while ensuring compliance with regulatory and industry security standards. Reporting directly to the Group Head, Information Security, the incumbent will collaborate closely with Engineering, DevOps, Infrastructure, Product, Risk, Compliance, and Executive Leadership teams to build and sustain a world-class security operations environment. Responsibilities - Cybersecurity Engineering - Lead the design, implementation, and continuous improvement of enterprise cybersecurity architecture and engineering controls. - Develop and manage security technologies across cloud, network, endpoint, application, and infrastructure environments. - Drive secure-by-design principles across enterprise platforms and engineering workflows. - Implement and optimize security tooling including SIEM, SOAR, EDR/XDR, IAM, DLP, vulnerability management, WAF, and cloud security platforms. - Support secure API infrastructure and fintech platform security initiatives. - Security Operations & Incident Response - Lead day-to-day security operations monitoring, detection, investigation, and incident response activities. - Develop and maintain operational security playbooks, escalation procedures, and response frameworks. - Coordinate response to cybersecurity incidents, threats, vulnerabilities, and operational security events. - Oversee threat intelligence integration, threat hunting, and proactive security monitoring capabilities. - Ensure continuous monitoring and rapid remediation of security vulnerabilities and operational risks. - Infrastructure & Cloud Security - Strengthen security controls across hybrid and cloud-native infrastructure environments. - Collaborate with DevOps and Infrastructure teams to implement secure cloud architectures and CI/CD security practices. - Ensure hardening of systems, servers, databases, APIs, and enterprise infrastructure. - Drive implementation of Zero Trust, identity security, and privileged access management initiatives. - Governance, Risk & Compliance Support - Support compliance with financial services regulatory requirements, security frameworks, and industry standards including: ISO 27001, PCI DSS, SOC 2, NDPR/GDPR, and Cloud security standards. - Participate in audits, assessments, penetration testing, and remediation initiatives. - Maintain security documentation, operational procedures, and technical standards. - Operational Excellence - Collaborate cross-functionally to align security engineering & operations with business and operational objectives. - Ensure strict adherence to operational KPIs, security metrics, dashboards, and reporting mechanisms. - Drive continuous improvement across security operations, tooling, automation, and engineering maturity. Qualifications - BSc in Computer Science, Cybersecurity, Information Technology, Engineering, Information Systems, or related technical disciplines from an accredited and reputable tertiary institution. - One or more of the following certifications will be highly advantageous: CISSP, CISM, CEH, GIAC, CompTIA Security+, CCSP, Azure Security Engineer, AWS Security Specialty, Cisco Security Certifications. - Minimum of 3 years’ experience in Cybersecurity Engineering, Security Operations, Security Architecture, Infrastructure Security, Cloud Security, or a similar field, preferably in the Fintech, Banking, or other related Financial Services or Technology industry. - Strong experience within fintech, banking, payments, SaaS, or highly regulated enterprise environments. - Hands-on experience managing enterprise security technologies and operational security platforms. - Proven experience handling complex cybersecurity incidents and operational risk management. - Experience supporting cloud-native and API-driven technology environments is strongly preferred. - Strong understanding of SIEM/SOC Operations, Threat Detection and Response, Cloud Security Architectures, Network Security, Endpoint Protection, IAM/PAM, Vulnerability Management, API Security, Security Automation & Orchestration, and Secure DevSecOps practices. - Familiarity with AWS, Azure, Kubernetes, container security, and modern cloud infrastructure. - Strong analytical, troubleshooting, and problem-solving capabilities with the ability to communicate technical risks to executive and non-technical stakeholders. - Highly proactive with strong operational discipline, with strong leadership and stakeholder management capabilities. - Calm and decisive under pressure during incident response situations with a passion for cybersecurity innovation and operational excellence. - Detail-oriented with a strong sense of accountability and ownership, with the ability to thrive in fast-paced, high-growth fintech environments. - Experience with web security, application security, and strong blue team security experience is essential. Benefits - Very Competitive & Rewarding Pay - Flexible work option (i.e., Remote) - Paid Lunch for onsite work - Lifelong Learnings

Laos
IFS logo

Lead SOC Analyst

IFS

Be your best when it really matters. At the #MomentOfService

Full TimeRemoteTeam 5,001-10,000Since 1983H1B Sponsor

• Act as the technical lead and primary escalation point for Security Operations and Vulnerability Management. • Provide mentorship and guidance to intermediate analysts, supporting capability development and operational consistency. • Drive team maturity, process standardization, and operational excellence across detection, response, and remediation functions. • Lead complex investigations across AWS & Azure environments, identity systems, endpoints, and SaaS infrastructure. • Oversee incident response activities including containment, remediation, and post-incident analysis. • Lead the end-to-end vulnerability management lifecycle including identification, prioritization, tracking, remediation, and validation. • Collaborate closely with Security Architecture, R&D, CloudOps, IT, and Platform teams.

Canada
$95K - $125K / year
Job Closed
Coretek logo

SOC Analyst, Level 1

Coretek

Coretek is the #1 Microsoft Azure Partner in the U.S. and an Azure Expert Managed Service Provider.

Full TimeRemoteTeam 51-200H1B Sponsor

• Monitor alerts from SIEM, firewalls, IDS/IPS, and other systems to spot incidents • Triage alerts by severity, impact, and urgency using set criteria • Collect initial alert details like source, target, timestamp, and logs • Use playbooks and SOPs for preliminary analysis to check for false positives or escalation needs • Perform containment actions per playbooks, such as blocking IPs or isolating systems • Verify remediation effectiveness and document actions with timestamps • Collaborate with teams to solve blockers innovatively • Escalate advanced incidents based on severity, impact, or complexity thresholds • Provide detailed logs, analysis, and context for smooth handoff to Level 2 • Notify Level 2 or response teams quickly, noting urgency and risks • Document incidents accurately per SOC standards, including alerts and outcomes • Keep records organized, timestamped, and accessible for audits • Update supervisors and Level 2 on status, key findings, and actions needed

United States
Job Closed
Blackbaud logo

Manager, Defensive Cyber SecOps

Blackbaud

Blackbaud is a large, private company founded in 1981 to provide technology solutions to nonprofit organizations. The company helps its clients with fundraising

Role Description We’re hiring a Manager, Defensive Cyber Operations to mature, scale, and continuously iterate our agentic SOC. This is a hands-on player/coach role: you will lead a small team of engineers and analysts while personally owning critical technical outcomes across detection engineering, SOAR automation, breach and attack simulation, and insider threat. This role is ideal for a technical leader who improves existing systems, writes production‑quality detection and automation, leads investigations, and raises the operational bar through disciplined iteration. What you’ll do - Lead and develop a small defensive operations team. - Manage, mentor, and grow a small team of security engineers and analysts focused on detection, response, and automation. - Act as the primary technical escalation point for high‑severity incidents; lead investigations and response decision‑making. - Set and reinforce quality standards for investigations, detections, automation, documentation, and on‑call readiness. - Mature and iterate on an agentic SOC. - Evolve and refine agentic SOC workflows that improve triage speed, consistency, and decision quality through automated enrichment, correlation, and recommended or automated response actions. - Iterate on existing SOC workflows, converting repeatable analyst effort into safe, reliable automation with clear guardrails, validation, and auditability. - Define and track operational metrics such as detection coverage, alert fidelity, automation success rates, and MTTD/MTTR improvements. - Own detection engineering outcomes end‑to‑end: alert logic, correlation rules, anomaly thresholds, tuning, and continuous improvement. - Mature a detection‑as‑engineering operating model, including requirements, testing, rollout, post‑deployment measurement, and documentation. - Design, iterate on, and maintain SOAR playbooks for alert enrichment, containment, remediation, and case management. - Enhance custom automation, integrations, and enrichment logic to reduce manual analyst effort and improve response consistency. - Ensure automation remains resilient, production‑grade, well‑documented, and operationally safe at scale. - Mature an existing breach & attack simulation capability to continuously validate detection and response effectiveness. - Translate BAS findings into prioritized detection, automation, and response improvements on a repeatable cadence. - Advance insider threat detection and response capabilities, including use‑case refinement, signal quality, investigation workflows, and playbooks. - Balance speed, precision, and appropriate controls while improving investigative consistency. Qualifications - 5+ years experience leading security operations, detection engineering, incident response, and/or security engineering teams, with direct ownership of operational outcomes. - Strong hands‑on background in intrusion analysis using SIEM/log analytics, packet captures, and investigation tooling. - Proven experience maturing SOAR automation and/or custom tooling to drive repeatable response actions. - Strong detection engineering fundamentals, including alert fidelity, correlation, and continuous tuning. - Experience operating in cloud‑first environments, with hands‑on security detection or response exposure in AWS and Azure. - Comfort operating as both technical leader and people manager in on‑call, real‑time security environments. Preferred qualifications - Experience iterating on AI‑assisted or agentic SOC workflows with measurable operational impact. - Strong scripting experience (e.g., Python) for automation, integrations, and enrichment logic. - Experience with breach and attack simulation, purple team exercises, or continuous control validation programs. - Detection and response experience across AWS and Azure, including cloud-native logs, identity signals, and workload telemetry. - Working knowledge of adversary tradecraft and defensive frameworks (e.g., MITRE ATT&CK, NIST‑aligned approaches). - Security+, CEH, GSEC, CISSP, GCIA, GCIH, GSOC (Equivalent or comparable security engineering, detection, or incident response certifications are welcome.) Benefits - Medical, dental, and vision insurance. - Remote-flexible workforce. - Wellness Programs. - 401(k) program with employer match. - Flexible paid time off. - Generous Parental Leave. - Donations for Doers. - Pet insurance, legal and identity protection. - Tuition reimbursement program.

United States
$117.2K - $157.5K / year
Job Closed