SOC Tier 3 Analyst (GTS - Command Centre)

As Singapore’s longest established bank, we have been dedicated to enabling individuals and businesses to achieve their aspirations since 1932. How? By taking the time to truly understand people. From there, we provide support, services, solutions, and career paths that meet their individual needs and desires.

 Today, we’re on a journey of transformation. Leveraging technology and creativity to become a future-ready learning organisation. But for all that change, our strategic ambition is consistently clear and bold, which is to be Asia’s leading financial services partner for a sustainable future.

 We invite you to build the bank of the future. Innovate the way we deliver financial services. Work in friendly, supportive teams. Build lasting value in your community. Help people grow their assets, business, and investments. Take your learning as far as you can. Or simply enjoy a vibrant, future-ready career.

Your Opportunity Starts Here.

Why Join
Protecting our customers' assets and data is at the heart of everything we do at OCBC. As a Cyber Engineering - Risk professional, you'll play a critical role in safeguarding our systems and networks from cyber threats. You'll be part of a team that's shaping the future of cybersecurity in the financial industry.
How you succeed
The candidate will be part of the Cyber Security Operations team and will be responsible for threat monitoring, threat response, operational enhancements and operational guidance to SOC analysts. The candidate will also act as a senior escalation point for complex and high-severity cyber threats.
What you do

• Provide guidance to Tier 1 and Tier 2 SOC analysts.

• Assist in managing daily SOC operations.

• Collaborate with other stakeholders to support the overall cyber defence strategy.

• Prioritise tasks appropriately and formulate clear responses or recommendations to stakeholders in a fast-paced environment.

• Lead investigation of cyber security incidents and support coordinated response activities.

• Prepare incident summaries, technical timelines, post-incident reports and lessons-learnt documentation for technical and non-technical audiences.

• Develop repeatable and efficient processes, runbooks and analyst guides to monitor, detect, analyse and remediate potential cyber security incidents.

• Review detection effectiveness, false positives, coverage gaps and recurring alert patterns, and recommend improvements to prevention, detection and response capabilities.

• Support development, validation and finetuning of detection use cases, SOAR playbooks and AI-assisted SOC workflows.

• Optimise usage of SOC tools, including SIEM, SOAR, EDR/XDR and AI-enabled SOC platforms, and evaluate new technologies where required.

• Support threat hunting across security-relevant data sets based on threat intelligence, MITRE ATT&CK techniques, emerging attacker behaviours and identified control gaps.

• Identify opportunities where AI-assisted triage, automation or agentic workflows can safely reduce analyst effort, improve investigation consistency or accelerate response.

• Participate in tabletop exercises, purple team activities, detection reviews, operating reviews and post-incident retrospectives.

• Identify opportunities for SOC improvements, including metrics definition, after-action reviews, playbook enhancements, AI-assisted workflow improvements and analyst capability uplift.

Who you are

• 8 or more years of experience in a SOC environment or related cybersecurity field.

• At least 3 years of experience as a senior SOC analyst, Tier 3 analyst, cyber incident responder, threat hunter, or equivalent escalation role.

• Strong hands-on experience with SOC tools such as SIEM, SOAR, EDR, XDR or UEBA.

• Strong proficiency in SIEM, network traffic, host event, and security event log analysis.

• Strong understanding of Windows, Linux, Active Directory, identity compromise, network protocols, cloud/SaaS logs, endpoint artefacts, and common attacker techniques.

• Experience investigating cyber threats and managing cyber security incidents, including hands-on log analysis and host/network forensic analysis in support of incident response.

• Experience designing, developing, deploying, and finetuning security monitoring use cases based on frameworks such as MITRE ATT&CK.

• Experience developing threat detection content and SIEM/SOAR use cases or playbooks.

• Ability to write clear technical and management-facing reports.

• Ability to prioritise effectively, manage competing operational demands, and make sound escalation decisions.

• Familiarity with AI-assisted security operations, SOC copilots, automated enrichment, agentic workflows or machine-assisted triage is a plus.

• Experience in banking, financial services, critical infrastructure, or highly regulated environments is a plus.

• Relevant certifications such as GCIH, GCIA, GCFA, GNFA, GREM, OSCP or equivalent are preferred.

Who we are
As Singapore's longest established bank, we have been dedicated to enabling individuals and businesses to achieve their aspirations since 1932. How? By taking the time to truly understand people. From there, we provide support, services, solutions, and career paths that meet their individual needs and desires.
Today, we're on a journey of transformation. Leveraging technology and creativity to become a future-ready learning organisation.
But for all that change, our strategic ambition is consistently clear and bold, which is to be Asia's leading financial services partner for a sustainable future.
We invite you to build the bank of the future. Innovate the way we deliver financial services. Work in friendly, supportive teams. Build lasting value in your community. Help people grow their assets, business, and investments. Take your learning as far as you can. Or simply enjoy a vibrant, future-ready career. Your Opportunity Starts Here.

Competitive base salary. A suite of holistic, flexible benefits to suit every lifestyle. Community initiatives. Industry-leading learning and professional development opportunities. Your wellbeing, growth and aspirations are every bit as cared for as the needs of our customers.