Guavapay is a payment platform that drives payment optimization and stability. Guavapay’s full-stack payment ecosystem includes a range of financial technology products and solutions. Our flagship product is MyGuava, the “all things payments app”. In addition to MyGuava, we offer a range of other payment services to businesses and individuals, including card processing, cross-border payments/remittance, merchant acquiring, card issuing and e-wallets.
Key Responsibilities:
Monitor and respond to security events and incidents reported by security monitoring tools (SIEM, IDS/IPS, firewalls, etc.).
Conduct thorough analysis of security incidents to determine impact, severity, and root cause.
Escalate critical incidents to team lead or higher and assist in the resolution process.
Work closely with cross-functional teams, including L1 SOC Analysts, IT, and management to ensure timely and effective incident handling.
Perform security investigations, determine attack vectors, and provide mitigation strategies.
Analyze logs from a variety of security tools and systems for anomalies, threats, and potential breaches.
Provide detailed incident reports and documentation, outlining actions taken and findings.
Conduct proactive threat hunting, identifying emerging threats and weaknesses in the environment.
Keep up to date with the latest security threats, vulnerabilities, and industry best practices.
Support and mentor L1 SOC Analysts to improve their incident handling and troubleshooting skills.
Assist in the development and improvement of incident response procedures, security policies, and playbooks.
Provide recommendations for improving security controls and processes based on findings from incident investigations.
Requirements:
Bachelor's degree in Computer Science, Cybersecurity, or a related field, or equivalent work experience.
Proven experience (2-3 years) in a SOC Analyst role or a similar cybersecurity position.
In-depth knowledge of security monitoring tools such as SIEM (Splunk, QRadar, etc.), IDS/IPS, and endpoint protection platforms.
Hands-on experience with network and security protocols (TCP/IP, DNS, HTTP/S, etc.).
Familiarity with security incident response and investigation techniques.
Strong understanding of cyber threats, attack vectors, malware analysis, and incident handling procedures.
Experience in analyzing and responding to security events and incidents in a fast-paced environment.
Ability to use security tools and perform advanced analysis (e.g., packet analysis, log correlation, etc.).
Familiarity with industry standards and frameworks (e.g., NIST, CIS, ISO 27001, etc.).
Strong communication and reporting skills, with the ability to explain complex security concepts to non-technical stakeholders.
Security certifications (CISSP, BTL1-2, OSCP, OSDA, vendor certification etc.) are a plus.
Preferred Skills:
Knowledge of threat intelligence sources and integration into security operations.
Familiarity with security automation and orchestration tools.
Understanding of data privacy regulations (GDPR, CCPA, etc.).
