Senior Security Analyst (SOC) (IGT1 Lanka: CFC)

Colombo, WP, Sri Lanka

IFS

Learn more about global enterprise software solutions from IFS today. Find out how you can deliver amazing moments of service with tailored business software.

View all jobs at IFS

Apply now Apply later

Company Description

About IGT1 Lanka

IGT1 Lanka is a rapidly growing offshore technology and talent solutions company based in Port City Colombo. We are a fully owned subsidiary of IGT I Holdings Sweden AB, funded by the three of world’s leading private equity firms; EQT Group, Hg, and TA Associates. We’re also proud to be a sister company of IFS, Sri Lanka’s largest and most established technology company.

At IGT1 Lanka, we partner with global businesses to scale operations, accelerate innovation, and build world-class SaaS platforms through high-quality offshore delivery. Our people-first culture champions diversity, teamwork, and continuous learning, creating an environment where talent thrives.

With a team of over 300 professionals and counting, we are always looking for passionate, skilled individuals who want to make a global impact while being part of something extraordinary.

Through our offshore collaboration model, you'll be embedded within the team of one of our esteemed international clients, contributing directly to high-impact, enterprise-level initiatives.

About the client: CFC

CFC is a specialist insurance provider, pioneer in emerging risk and market leader in cyber. Our global insurance platform uses cutting-edge technology and data science to deliver smarter, faster underwriting and protect customers from today’s most critical business risks.

Headquartered in London with offices across Europe, USA and Australia, CFC has over 1000 employees and is trusted by more than 150,000 businesses in 90 countries. Learn more at cfc.com and LinkedIn.

Job Description

Key responsibilities & accountabilities

We are seeking a skilled and proactive Senior Security Analyst to join our Global CISO team. This role is pivotal in maintaining and enhancing our business-as-usual (BAU) security posture. The successful candidate will be responsible for triaging and actioning SOC tickets, responding to alerts from security controls, supporting vendor engagements, and contributing to the development of playbooks and incident response processes.

Key Responsibilities Include:

SOC Ticket Triage & Response:

  • Monitor, triage, and respond to security events and incidents raised via the Security Operations Centre (SOC).
  • Prioritize and escalate incidents based on severity and impact.
  • Ensure threat intelligence capability is fed into decision making for ticket triage and updates to the management team

Alert Management:

  • Action alerts generated by BAU security controls (e.g., SIEM, EDR, IDS/IPS).
  • Perform initial investigation and remediation steps, ensuring timely resolution.
  • Action tickets from tech teams.

Vendor Support & Configuration:

  • Collaborate with third-party vendors to support tool configuration updates, troubleshooting, and enhancements.
  • Participate in regular vendor calls to ensure alignment with operational needs and security standards.

Playbook Development:

  • Draft and maintain security playbooks to standardise response procedures for common incidents and alerts.
  • Continuously improve playbooks based on lessons learned and evolving threat landscapes.

Incident Response Contribution:

  • Support incident response activities including containment, eradication, and recovery.
  • Assist in post-incident reviews and root cause analysis.

Continuous Improvement:

  • Identify gaps in existing security controls and processes, recommending improvements.
  • Stay current with emerging threats, vulnerabilities, and industry best practices.

Reporting:

  • Develop and send out a daily report on alerts, triaging status and control coverage

 

Skills & Ability           

  • Proven experience in a SOC or security analyst role.
  • Strong understanding of security technologies including SIEM, EDR, firewalls, and vulnerability management tools.
  • Experience with incident response and playbook development.
  • Excellent communication and stakeholder management skills.
  • Relevant certifications (e.g., CISSP, GIAC, CompTIA Security+) are a plus.
  • Experience working in multiple time zones

Qualifications

Essential Knowledge & Experience

  • 2+ years of experience in a security operation role
  • Experience using a range of security tools
  • Experience using ticketing systems for triage
  • Experience in financial services or regulated industries.
Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  1  0  0

Tags: CISO CISSP CompTIA EDR Firewalls GIAC IDS Incident response IPS SaaS SIEM SOC Threat intelligence Vulnerabilities Vulnerability management

Perks/benefits: Career development Team events

Region: Asia/Pacific
Country: Sri Lanka

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.