Senior SOC Analyst
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
Deriv is hiring a Senior SOC Analyst to proactively hunt threats, build detections, and own incident response end-to-end. The role requires deep expertise in EDR, cloud security, and malware analysis, with a focus on autonomous security operations and AI agent security.
Key Skills for This Role
Responsibilities
- Hunt proactively across infrastructure, cloud, identity, and endpoint, working from hypotheses
- Build, tune, and maintain detections mapped to real attacker TTPs (MITRE ATT&CK)
- Own incidents end to end: triage, containment, root cause, and a report that leads to an actual fix
- Push back on any tuning decision, exclusion, or 'known good' assumption that trades visibility for noise reduction
- Partner with Red Team on purple team exercises, turning every finding into a detection
- Extend detection and monitoring coverage into our AI agent stack: prompt injection, tool misuse, credential exposure in agent workflows
- Do enough malware analysis and reverse engineering to actually understand what you're looking at
- Mentor junior analysts and raise the bar on what 'triaged' actually means
Requirements
- 6+ years in a SOC, threat hunting, or DFIR role, with real incident ownership
- GCFA, GCIH, GCIA, or equivalent DFIR/detection engineering credential strongly preferred
- Real depth in at least three of: EDR internals and endpoint telemetry, cloud security monitoring (AWS/GCP), network forensics, malware analysis, SIEM and detection as code, identity threat hunting
- Comfortable writing your own detection logic and tooling in Python or a proper query language
- You think like an attacker when you write a detection
- You know the difference between reducing noise and creating a blind spot
- You can write a report that gets fixed, not filed
Full Job Posting
Why This Matters
- Deriv's mission is Trading for Anyone, Anywhere, Anytime. Millions of traders across the globe, around the clock, across regulatory environments.
- Our Security Operations team is protecting a living, distributed system that processes transactions 24/7.
What You’ll Do
- Hunt proactively across infrastructure, cloud, identity, and endpoint, working from hypotheses, not just waiting on alerts
- Build, tune, and maintain detections mapped to real attacker TTPs (MITRE ATT&CK), not whatever ships default from the vendor
- Own incidents end to end: triage, containment, root cause, and a report that leads to an actual fix
- Push back on any tuning decision, exclusion, or 'known good' assumption that trades visibility for noise reduction, and catch it before it ships
- Partner with Red Team on purple team exercises, turning every finding into a detection
- Extend detection and monitoring coverage into our AI agent stack: prompt injection, tool misuse, credential exposure in agent workflows
- Do enough malware analysis and reverse engineering to actually understand what you're looking at, not just what a sandbox report says
- Mentor junior analysts and raise the bar on what 'triaged' actually means
Who You Are
- 6+ years in a SOC, threat hunting, or DFIR role, with real incident ownership, not just alert queue work
- GCFA, GCIH, GCIA, or equivalent DFIR/detection engineering credential strongly preferred
- Real depth in at least three of: EDR internals and endpoint telemetry, cloud security monitoring (AWS/GCP), network forensics, malware analysis, SIEM and detection as code, identity threat hunting
- Comfortable writing your own detection logic and tooling in Python or a proper query language, not copy pasting from a vendor blog
- You think like an attacker when you write a detection, because that's the only way to catch one
- You know the difference between reducing noise and creating a blind spot, and you've caught that mistake before it cost someone
- You can write a report that gets fixed, not filed
The Honest Reality
- You'll sit inside a Security & AI Engineering org that treats detection and response as a real discipline, not a compliance checkbox.
- You'll work across Dubai and Malaysia with a team that runs actual incident response, not tabletop exercises with fake scenarios.
- You'll have a direct line from catching something to it getting closed for good, and room to build the hunts and detections that shape how we defend the AI agents everyone else is still figuring out how to even think about.
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career
More from this employer
More jobs at Deriv
Senior Regulatory Compliance Executive
Dubai, UAE
Deriv seeks a Senior Regulatory Compliance Executive to manage compliance for entities in investment services, banking, and virtual assets. You will conduct compliance monitoring, gap analyses, manage licensing with CMA
Senior Offensive Security Engineer
Dubai, UAE
Deriv is hiring a Red Team Lead/Operator to lead offensive security operations across infrastructure, applications, cloud, and people. The role involves full-kill-chain red team engagements, social engineering, cloud and
Senior Data Analyst
Dubai, UAE
Deriv is hiring a Senior Data Analyst to transform complex datasets into actionable insights, shape products, and drive business growth. The role requires 5+ years of experience, strong SQL and Python/R skills, and exper
Senior Account Executive
Dubai, UAE
Deriv is looking for an early-career finance professional to join its Trading Finance team in Dubai. You will prepare journal entries, reconciliations, support month-end close, and work with regulated entities. This role
Senior Specialist - Taxation
Dubai, UAE
Deriv is seeking a Senior Tax Specialist to own multi-jurisdiction tax compliance, tax accounting, transfer pricing, and automation. Requires 12-15 years tax experience with strong foundation in corporate income tax acro
Senior Data Engineer
Dubai, UAE
Deriv is looking for a Senior Data Engineer to build reliable data infrastructure powering trading decisions, product analytics, compliance, and AI/ML systems. You will own data accuracy end-to-end, design governed pipel
IT Operations Engineer
Dubai, UAE
Deriv is looking for an IT Operations Engineer to maintain and automate IT infrastructure across global offices. The role involves managing endpoints, networking, and automation, with opportunities to grow into security,
Senior Regulatory Compliance Manager – Crypto Exchange & Virtual Assets
Dubai, UAE
As the Senior Regulatory Compliance Manager at Deriv’s crypto exchange and virtual asset business, you will play a critical role in ensuring adherence to global regulatory frameworks governing digital assets. You will de
Senior Regulatory Compliance Executive
Dubai, UAE
Senior Offensive Security Engineer
Dubai, UAE
Senior Data Analyst
Dubai, UAE
Senior Account Executive
Dubai, UAE
Senior Specialist - Taxation
Dubai, UAE
Senior Data Engineer
Dubai, UAE
IT Operations Engineer
Dubai, UAE
Senior Regulatory Compliance Manager – Crypto Exchange & Virtual Assets
Dubai, UAE