About BTSE:
BTSE Group is a global leader in fintech and blockchain technology, anchored by three core business pillars: Exchange, Payments, and Infrastructure Development. Serving over 100 corporate clients worldwide, we provide white-label exchange and payment solutions. Our offerings encompass everything from exchange infrastructure hosting and development to custody, wallets, payments, blockchain integration, trading, and
more. We are looking for talented professionals in marketing, operations, customer support,
and other departments. The roles offered may be on-site, remote, or hybrid, in collaboration with our local partner.
About the Opportunity:
We are seeking a Cyber Security Operations Center (CSOC) Analyst with a minimum of 2 years of experience in security monitoring, incident detection, and response. The role involves working within a fast-paced security environment to safeguard organizational assets from emerging cyber threats. You will collaborate with cross-functional teams to ensure timely detection, analysis, and escalation of security incidents.
Responsibilities:
- Perform continuous monitoring of security alerts and logs from various sources (SIEM, EDR, firewall, cloud, etc.).Conduct initial triage, coordinate incident response and analysis of security incidents to determine severity and impact.
- Develop, configure, and tune SIEM detection rules to improve threat detection and minimize false positives.
- Review detection coverage and recommend new rules or improvements based on recent incidents, threat reports, or security assessments.
- Maintain and update detection rules, playbooks, and operational documentation.
- Conduct threat hunting, vulnerability assessment, and log analysis activities.
- Generate regular reports and metrics on incident trends and CSOC performance.
- Support continuous improvement of security operations processes and detection capabilities.
- Collaborate with internal and external stakeholders, including regional partners, where Chinese language skills may be required.
Requirements:
- Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field.
- Minimum 2 years of experience in a Security Operations Center (SOC) or equivalent security monitoring role.
- Hands-on experience with SIEM tools (e.g., Splunk, Sumo Logic, QRadar, Elasticsearch, etc.).
- Detection rule and use case development (rule-based and ML-based)
- Automation and integrations using APIs, webhooks, and SOAR-style workflows
- Alert triage, enrichment, and case management with ticketing systems
- Knowledge of common attack techniques, malware behavior, and network security principles.
- Familiarity with incident response frameworks (e.g., NIST, SANS).
- Strong analytical and problem-solving skills with attention to detail.
- Able to be on stand-by for on-call when the need arises.
Nice to Haves
- Good understanding of cloud security (AWS, Azure, or GCP).
- Good understanding in microservices architecture, multi-cloud environment and varied operating systems (e.g., Windows, Linux, Mac, etc)
- Effective communication and documentation skills.
- Chinese language proficiency (reading, writing, and/or speaking) is a strong advantage.
- Relevant certifications (e.g., CISSP, GCIH, GCFA, CompTIA Security+, CySA+, CEH, or similar) are desirable.
Perks & Benefits
- Competitive total compensation package.
- Various team-building programs and company events.
- And many more! Apply and let us tell you more!
#LI-MC1