Senior Cyber Security Operations Analyst

Senior Cyber Security Operations Analyst At ASW, we believe in our people, in teamwork and the importance of your personal growth. If you are looking for the opportunity to join our award-winning international family with over 17,000 stores across 31 markets in Asia and Europe, the ASW family welcomes you… You can enjoy: Convenient office location, less than 5 min. walk from MTR Free round-trip lunchtime shuttle bus services to Shatin Comprehensive Medical and Life insurance coverage, including your spouse and children Well-equipped Gym inside our office building Onsite Clinic and Lactation Room Role Purpose: The primary responsibility of the SOC L3 role is to support Group IT Security with activities related to the Security Operations Centre. This position oversees daily SOC operations, including supervising L1/L2 analysts, leading and organizing investigations, and providing expert advice on escalated security events. The individual must coordinate fully with various teams on detected and escalated security events, ensuring proper follow‑up until resolution. Additionally, this role acts as the management point of contact for any incident, initiating actions in response to incidents. A typical day in this Role: SOC Detection and Response Lead the security monitoring, advanced investigation, and remediation. Review all the pending cases within and outside the team, ensure that it is being handled and communicated to the involved team. Act as a point of escalation from SOC L1 / L2 for detected security events within and outside the team. Ensure various tickets and escalated security issues are handled in a timely manner. Provide quality assurance (review the work of SOC analysts – Triage and analysis, tickets and email response, events suppression and whitelisting, remediation). Conduct basic forensic investigation and malware analysis utilizing our available tools. Work with the BU IT and Infra Team on the agreed action items. Daily Operations Ensure that the daily checklist and e-mails from various mailboxes are being handled by assigned analyst. Perform advanced threat hunting, create custom detection rules and adding/removing of IOC/IOA when necessary. Review and authorise the change request submitted by SOC L2 and SOC Engineering Team. Execute the change based on the agreed RACI. Manage SOC ticketing tools, dashboards, and generate required reports. Lead the creation of technical procedures, handling guidelines and playbooks. Security Projects & Deployments Participate on the Use Case Development supported by the SIEM and security tools. Coordinate and enhance all SIEM components. Make modifications as assigned. Lead the integration, deployment, and various testing. Support onboarding for new Business Units or Operating Companies and offer expert advice when required. This job is a good fit for You if: You are an EVALUATOR. You analyze information and ideas both from within and outside the team and study your feasibility in terms of the team’s objectives. You are a CONNECTOR. You forge deep relationships beyond networking or teamwork. You will find ways to avoid confrontation by employing skillful collaboration. You are a TEAM PLAYER. Your focus is on the relationships within the team. You are optimistic, energetic and feel energized when working with others. You are a COLLABORATOR. You explore outside resources and develop contacts that may be helpful to the team. You are high energy and outgoing. Success will depend on: Academic background in Computer Science, Engineering, or related field; GIAC Cyber Security Cert or CISSP is a strong plus. Experience with multinational firms and leadership across diverse background is preferred. Extensive experience working with Microsoft Sentinel and Defender XDR Platform within a SOC environment, with a strong emphasis on incident management, threat hunting, and advanced query development. Strong problem‑solving skills and quick learner. Effective liaison, teamwork, and commitment. Excellent interpersonal and communication skills. Proficient in spoken Cantonese and written English; Mandarin is a strong asset. Experience with ITSM tools. Candidates with more experience would be considered as SOC Lead. What is holding you back? Don’t miss out on this great chance to shape Your life Apply now We are an equal opportunity employer and welcome applications from all qualified candidates. The information provided will be treated in strict confidence and be used only for consideration of your application for relevant / similar posts within the AS Watson Group. Applicants not hearing from us within 6 weeks from the date of advertisement may consider their applications unsuccessful. All personal data of unsuccessful applicants will be destroyed within 12 months from the date of application. Seniority level Associate Employment type Full-time Job function Information Technology Industries Retail #J-18808-Ljbffr