Senior NSOC Analyst

hace 2 semanas

Asunción, Asunción, Paraguay Deriv A tiempo completo ₲ 900.000 - ₲ 1.200.000 al año

Key Responsibilities

Threat Monitoring, Detection & Response

Monitor Deriv's corporate and production infrastructure (servers, network, endpoints, applications) and proactively identify abnormal activity and indicators of compromise.
Investigate and lead response efforts on complex incidents such as malware outbreaks, unauthorized access, privilege escalation, or policy violations.
Maintain real-time situational awareness of threats, escalating high-impact incidents to security management and key stakeholders.

Security Incident Management & Documentation

Triage alerts, perform root cause analysis, and drive incident response workflows according to established protocols.
Own the tracking, documentation, and closure of incidents in collaboration with other teams.
Conduct daily NSOC handover briefings, ensuring continuity across shifts and teams.
Deliver security insights, trends, and incident reports to internal stakeholders in a clear and actionable manner.

Process Improvement & Security Readiness

Recommend enhancements to security processes, playbooks, detection rules, and monitoring coverage based on post-incident reviews and threat trend analysis.
Stay current with the latest threat intelligence, attack vectors, and incident response techniques, applying them to improve Deriv's security resilience.

Security Metrics & Reporting

Track and report key security operations metrics (e.g., incident volume, time to detect/respond, false positive rates) to drive accountability and improvement.
Refine detection logic and improve data quality and visibility.

AI & Automation Enhancements

Leverage AI tools to streamline triage of security alerts, reducing noise and enabling faster prioritization of true positives.
Automate execution of common incident response playbooks to ensure consistency, speed, and reduced manual effort.
Enhance documentation workflows using AI to auto-generate incident summaries, timelines, and handover notes for reporting and audit purposes.

Who You Are

5–8 years of experience in a SOC, NSOC, role within an enterprise environment.
Strong working knowledge of cybersecurity principles, attack lifecycles, and network forensics.
Hands-on experience with SIEM platforms, log analysis, and endpoint/network detection tools.
Demonstrated ability to lead incident response efforts and drive containment, eradication, and recovery phases.
Experience collaborating across IT, security, and business teams in a fast-paced, global environment.
Comfortable documenting technical details, writing post-incident reports, and briefing non-technical stakeholders.
Ability to work independently with a proactive, security-first mindset.
Familiarity with ISO 27001, NIST, MITRE ATT&CK, and related frameworks is a plus.
Professional certifications such as CompTIA Security , GCIH, or equivalent are preferred.

What We Offer

A high-impact role in a global fintech environment focused on secure growth and innovation.
Exposure to diverse infrastructure and a front-row seat to enterprise security operations.
Autonomy to drive improvements in incident handling, monitoring, and threat response.
Competitive compensation, benefits, and hybrid working flexibility in Paraguay.
Opportunities to grow into SIEM, security engineering, or leadership tracks within Security Operations.

Why Join Deriv?

Senior Software Business Analyst