Senior SOC Analyst

About Arcanys Arcanys launched in 2010 to help entrepreneurs and innovators from Australia, Europe and other parts of the globe accelerate their software development with dedicated remote engineers from the Philippines. Why work with us? There’s a unique spirit to Arcanys—manifested in our amazing talents, passion for technology, and a strong focus on everyone’s career and personal development. As a company rooted in people, we make a point to offer exciting work opportunities and foster a culture that everyone can meaningfully contribute to. Join us as a: Senior SOC Analyst

In this role you’ll get to:

Detect, investigate, and respond to security incidents across on-premises, cloud, and hybrid environments Analyze and correlate data from SIEM, EDR, IDS/IPS, and Threat Intelligence Platforms to identify threats Conduct digital forensics on Windows and Linux endpoints, including event logs, registry, scheduled tasks, processes, and system artifacts Investigate Active Directory and identity-based attacks, including credential theft, lateral movement, and persistence techniques Hunt for threats using MITRE ATT&CK, Cyber Kill Chain, and NIST CSF frameworks Develop and tune detection rules using query languages such as KQL, SPL, CQL, and Yara-L Analyze cloud environments (Azure/M365, AWS, GCP) for misconfigurations, suspicious activity, and identity-related attacks Identify and respond to malware, phishing, insider threats, supply chain attacks, and zero-day exploits Lead incident response, including containment, eradication, recovery, and timeline correlation Mentor junior analysts and assist in maintaining SOC playbooks, procedures, and detection engineering practices

What you’ll need to succeed:

5+ years of experience in SOC, threat hunting, or incident response roles Strong knowledge of core cybersecurity principles, including CIA Triad, risk assessment, and incident response frameworks (PICERL/NIST IR) Proficiency with SIEM platforms (Splunk, Microsoft Sentinel, Chronicle, Sumo Logic) and EDR solutions (CrowdStrike, Defender, SentinelOne) Experience with network protocols (DNS, HTTP/S, SMTP, SMB, LDAP, TLS/SSL), ports, and network security fundamentals Strong Windows and Linux administration and forensics skills, including command line, event logs, Sysmon, cron jobs, and systemd services Knowledge of Active Directory architecture, authentication protocols, and credential-based attacks Familiarity with persistence mechanisms, lateral movement techniques, and post-exploitation tactics Understanding of cloud security for Azure/M365, AWS, and GCP, including IAM, audit logs, and security monitoring Ability to write clear documentation, incident reports, and communicate with technical and non-technical stakeholders

It’s Great if you have:

Advanced knowledge of Kerberos attacks, ADCS exploitation, token manipulation, and APT tradecraft Experience with automation or scripting using Python or PowerShell for SOC tasks Exposure to Red Team tools and techniques, including C2 frameworks and in-memory execution methods Knowledge of container and serverless security (Docker, Kubernetes, Lambda, Cloud Functions) Relevant certifications such as GCFA, GCFE, GCFR, or cloud security certifications (Azure, AWS, GCP)

The Perks:

We like to make sure the talent is well taken care of, and here are just some of the benefits you will enjoy:

• Top compensation based on expertise – we are only looking for top talent and pay accordingly.
• Long-term work from home + allowances - we let you work from the comfort of your home + amazing allowances you get to enjoy!
• Reimbursable allowance of up to 15K for your home office setup
• Standard 5 day work week from Monday to Friday.
• Flexible working schedule. You can choose your working hours (within reason).
• Flat management style and open-door policy - no micromanagement and your voice is being heard!
• Work with the latest technologies - you can hone your skills and work with Australian and European clients + a chance to earn more through our self-training program.
• Enrolment to HMO for a maximum of 3 immediate dependents on your 1st day.
• Incentive-based wellness program.
• Toastmasters, English classes, and other learning opportunities.

Free consultations with Arcanys registered nutritionist-dietitians. Free access to our very own Arcanys CrossFit gym (or get a company-sponsored membership in a different gym, whichever suits your needs best).