Senior Cyber Security Operations Analyst

Senior Cyber Security Operations Analyst At ASW, we believe in our people, in teamwork and the importance of your personal growth. If you are looking for the opportunity to join our award‑winning international family with over 17,000 stores across 31 markets in Asia and Europe, the ASW family welcomes you… Benefits Convenient office location, less than 5 min. walk from MTR Free round‑trip lunchtime shuttle bus services to Shatin Comprehensive Medical and Life insurance coverage, including your spouse and children Well‑equipped Gym inside our office building Onsite Clinic and Lactation Room Role Purpose The primary responsibility of the SOC L3 role is to support Group IT Security with activities related to the Security Operations Centre. This position oversees daily SOC operations, including supervising L1/L2 analysts, leading and organizing investigations, and providing expert advice on escalated security events. The individual must coordinate fully with various teams on detected and escalated security events, ensuring proper follow‑up until resolution. Additionally, this role acts as the management point of contact for any incident, initiating actions in response to incidents. Typical Day SOC Detection and Response Lead the security monitoring, advanced investigation, and remediation. Review all pending cases within and outside the team, ensuring they are handled and communicated to the involved team. Act as a point of escalation from SOC L1/L2 for detected security events within and outside the team, ensuring response in a timely manner. Provide quality assurance – review the work of SOC analysts (triage and analysis, tickets and email response, events suppression and whitelisting, remediation). Conduct basic forensic investigation and malware analysis utilizing our available tools. Work with the BU IT and Infra Team on the agreed action items. Daily Operations Ensure that the daily checklist and e-mails from various mailboxes are handled by assigned analyst. Perform advanced threat hunting, create custom detection rules and add/remove IOC/IOA when necessary. Review and authorise the change request submitted by SOC L2 and SOC Engineering Team. Execute the change based on the agreed RACI. Manage SOC ticketing tools, dashboards, and generate required reports. Lead the creation of technical procedures, handling guidelines and playbooks. Security Projects & Deployments Participate on the Use Case Development supported by the SIEM and security tools. Coordinate and enhance all SIEM components. Make modifications as assigned. Lead the integration, deployment, and various testing. Support onboarding for new Business Units or Operating Companies and offer expert advice when required. Fit for You EVALUATOR – You analyze information and ideas from both within and outside the team and study their feasibility in terms of the team’s objectives. CONNECTOR – You forge deep relationships beyond networking or teamwork. You find ways to avoid confrontation by employing skillful collaboration. TEAM PLAYER – Your focus is on the relationships within the team. You are optimistic, energetic, and feel energized when working with others. COLLABORATOR – You explore outside resources and develop contacts that may be helpful to the team. You are high energy and outgoing. Success will depend on Academic background in Computer Science, Engineering, or related field; GIAC Cyber Security Cert or CISSP is a strong plus. Experience with multinational firms and leadership across diverse background is preferred. Extensive experience working with Microsoft Sentinel and Defender XDR Platform within a SOC environment, with a strong emphasis on incident management, threat hunting, and advanced query development. Strong problem‑solving skills and quick learner. Effective liaison, teamwork, and commitment. Excellent interpersonal and communication skills. Proficient in spoken Cantonese and written English; Mandarin is a strong asset. Experience with ITSM tools. Candidates with more experience would be considered as SOC Lead. What is holding you back? Don’t miss out on this great chance to shape Your life Apply now We are an equal opportunity employer and welcome applications from all qualified candidates. The information provided will be treated in strict confidence and be used only for consideration of your application for relevant / similar posts within the AS Watson Group. Applicants not hearing from us within 6 weeks from the date of advertisement may consider their applications unsuccessful. All personal data of unsuccessful applicants will be destroyed within 12 months from the date of application. #J-18808-Ljbffr