Cybersecurity Operations Analyst II

We don’t think about job roles in a traditional way. We are anti-silo. Anti-career stagnation. Anti-conventional. 

Beyond ONE is a digital services provider radically reshaping the personalised digital ecosystems of consumers in high growth markets around the world. We’re building a digital services aggregator platform, with a strong telco foundation, and a profitable growth strategy that empowers users to drive their own experience—subscribe once, source from many, and only pay for what you actually use. 

Since being founded in 2021, we’ve acquired Virgin Mobile MEA, Friendi Mobile MEA and Virgin Mobile LATAM (with 6.5 million subscribers) and 1600 dedicated  colleagues across Chile, Colombia, KSA, Kuwait, Mexico, Oman and UAE. 

To disrupt for good takes a rebellious spirit, a questioning mind and a warm heart. We really care about how to get things done and not who manages who. We benefit from our diversity, and together, we disrupt the way we and others thinkin about our lives for good.  

Do you want to exchange ideas, learn from each other and leave your mark on our journey? This is the place for you. 

Role Purpose:

In today’s digital world, cybersecurity threats continue to evolve at an unprecedented rate. At Beyond ONE, our mission is to enable secure innovation and protect our operations across multiple OpCos. This role is essential in ensuring the integrity, availability, and confidentiality of our systems and data. As part of our growing Cybersecurity Operations team, you’ll act as the first line of defense—doing the critical work of identifying threats, investigating incidents, and improving our overall security posture across the group.

You won't just be working in security—you'll be living it..

Key Responsibilities:

• Monitor, validate, and analyze security alerts received from the MSSP or internal tools
• Investigate, triage, and respond to security incidents in a timely and effective manner
• Coordinate with MSSP and internal security engineering teams across OpCos for incident resolution
• Support the maintenance and tuning of SIEM rules and other detection mechanisms
• Assist in the development and documentation of standard operating procedures (SOPs), playbooks, and incident response workflows
• Perform root cause analysis for security incidents and produce post-incident reports
• Collaborate with cross-functional teams on threat intelligence sharing, vulnerability management efforts, and policy enforcement
• Work in shifts (if required) to ensure 24/7 coverage of SOC functions
• Participate in tabletop exercises and red/blue team simulations
• Stay abreast of emerging cybersecurity threats, trends, and technologies to improve detection and response.

Qualifications & Attributes:

Education:

• Bachelor’s degree in Computer Science, Information Security, Cybersecurity, or a related field
• Relevant certifications are a strong plus (e.g., PSAA, GCIP, GCIH, CompTIA Security+ or similar).
• Excellent problem-solving and security investigative abilities.
• Good communication and interpersonal skills.
• Ability to work independently and as part of a team.

Experience:

• 3-5 years of professional experience in cybersecurity operations or a Security Operations Center (SOC) environment
• Hands-on experience in security alert triage, incident response, and threat hunting
• Experience working with Managed Security Service Providers (MSSPs)
• Solid understanding of network protocols, endpoint security, malware behavior, and attack vectors

Technical Skills:

• Proficiency in working with Security Information and Event Management (SIEM) platforms (e.g., QRadar, Splunk, ArcSight, or equivalent)
• Proficiency in working with Threat Intelligence platforms and capabilities (e.g. SOCRadar, Group-IB)
• Familiarity with EDR tools and technologies (e.g., CrowdStrike, SentinelOne, Carbon Black)
• Understanding of MITRE ATT&CK framework and its application in detection/response
• Knowledge of scripting and automation (Python, Bash, or PowerShell) is a strong plus
• Solid grasp of firewall logs, intrusion detection/prevention systems, and endpoint logs
• Exposure to cloud platforms (AWS, Azure, or GCP) and their associated security services
• Hands-on experience working with security controls for cloud environments (AWS, GCP) would be a plus.
• Solid understanding of networking concepts (TCP/IP, DNS, VPNs, VLANs, etc.) would be a plus
• Familiarity with security frameworks lie ISO 27001, NIST CSF, is a plus.
• Experience working in a multinational environment and/or familiarity with international regulatory requirements is a plus.

What we offer:

• Rapid learning opportunities - we enable learning through flexible career paths, exposure to challenging & meaningful work that will help build and strengthen your expertise.
• Hybrid work environment - flexibility to work from home 2 days a week.
• Healthcare and other local benefits offered in market.

By submitting your application, you acknowledge and consent to the use of Greenhouse & BrightHire during the recruitment process. This may include the storage and processing of your data on servers located outside your country of residence. For further information, please contact us at dataprivacy@beyond.one.