{bc}
indeed

Senior SOC Analyst

Deriv.com
Dubai, UAE
Full Time
Senior
Yesterday
SOCThreat HuntingIncident ResponseDFIREDRSIEM
Free

Job Fit Check

Base Career helps you apply smarter for this job.

?%
Ready to Scan

Key skills for this role

SOCThreat HuntingIncident Response
Smart Apply

Full Job Posting

Job Description

  • We're not hiring a security engineer to keep up with threats. We're hiring someone to make threats irrelevant before they become incidents.
  • At Deriv, we're building an autonomous security operations platform that hunts proactively, responds automatically, and learns continuously.
  • Deriv's mission is Trading for Anyone, Anywhere, Anytime. Millions of traders across the globe, around the clock, across regulatory environments.

What You’ll Do

  • Hunt proactively across infrastructure, cloud, identity, and endpoint, working from hypotheses, not just waiting on alerts.
  • Build, tune, and maintain detections mapped to real attacker TTPs (MITRE ATT&CK), not whatever ships default from the vendor.
  • Own incidents end to end: triage, containment, root cause, and a report that leads to an actual fix.
  • Push back on any tuning decision, exclusion, or 'known good' assumption that trades visibility for noise reduction.
  • Partner with Red Team on purple team exercises, turning every finding into a detection.
  • Extend detection and monitoring coverage into our AI agent stack: prompt injection, tool misuse, credential exposure in agent workflows.
  • Do enough malware analysis and reverse engineering to actually understand what you're looking at.
  • Mentor junior analysts and raise the bar on what 'triaged' actually means.

Who You Are

  • 6+ years in a SOC, threat hunting, or DFIR role, with real incident ownership, not just alert queue work.
  • GCFA, GCIH, GCIA, or equivalent DFIR/detection engineering credential strongly preferred.
  • Real depth in at least three of: EDR internals and endpoint telemetry, cloud security monitoring (AWS/GCP), network forensics, malware analysis, SIEM and detection as code, identity threat hunting.
  • Comfortable writing your own detection logic and tooling in Python or a proper query language.
  • You think like an attacker when you write a detection.
  • You know the difference between reducing noise and creating a blind spot.
  • You can write a report that gets fixed, not filed.

The Honest Reality

  • You'll sit inside a Security & AI Engineering org that treats detection and response as a real discipline.
  • You'll work across Dubai and Malaysia with a team that runs actual incident response.
  • You'll have a direct line from catching something to it getting closed for good.

Apply for this job in 1 click

Skip the repetitive application forms

Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.

Sarah M.James T.Maya R.

Trusted by over 500,000 job seekers on Base Career

Start Free Today

More from this employer

More jobs at Deriv.com