Sr. SOC Analyst, APAC

Sr. SOC Analyst (Tier 3)

Dentsply Sirona is the world's largest manufacturer of professional dental products and technologies, with over a century of innovation and service to the dental industry and patients worldwide. Dentsply Sirona develops, manufactures, and markets a comprehensive solutions offering including dental and oral health products as well as other consumable medical devices under a strong portfolio of world class brands. Dentsply Sirona's products provide innovative, high-quality, and effective solutions to advance patient care and deliver better and safer dental care. Dentsply Sirona's headquarter is located in Charlotte, North Carolina. The company's shares are listed in the United States on NASDAQ under the symbol XRAY.

Scope of Role

The Sr. SOC Analyst (Tier 3) plays a critical role in Dentsply Sirona's 24×7 global security monitoring and incident response capability. This position provides advanced analysis, containment, and response expertise for cybersecurity incidents while supporting strategic SOC initiatives across cloud, enterprise, and manufacturing environments. This Tier 3 analyst (APAC coverage) ensures continuous global coverage, working closely with Tier 3 counterparts in the Americas and EMEA, as well as 3rd Party Tier 1–2 operations.

Role Scope Includes:

• Serving as the primary regional Tier 3 responder for APAC time zones.
• Leading complex investigations and coordinating containment actions.
• Enhancing detections, automation, and response playbooks.
• Supporting SIEM/SOAR engineering, tuning, and log onboarding.
• Participating in threat hunting and threat intelligence activities.
• Ensuring compliance with global and regional regulatory requirements (e.g., GDPR, APAC data privacy laws).
• Contributing to SOC maturity and continuous improvement initiatives.

Responsibilities for Employment

• Incident Response & Investigation: Lead advanced investigations escalated from Tier 1–2 and internal teams. Perform deep forensic analysis across endpoints, servers, cloud environments, and network telemetry. Coordinate containment and remediation actions with IT, Cloud, and business teams. Provide expert input during major incident handling and support crisis communication workflows.
• Detection Engineering & SIEM/SOAR Development: Tune SIEM correlation rules, queries, and analytics. Develop new detections based on emerging threats, TTPs, and threat intelligence. Collaborate with Security Architecture to onboard new log sources and validate telemetry quality. Build and test automation playbooks to improve consistency and speed of response.
• Threat Hunting & Threat Intelligence: Conduct proactive threat hunts across enterprise and cloud environments. Leverage TI from MSTIC, Mandiant, ISAC, and other sources to enrich investigations. Identify new adversary behaviors and recommend new alerts or controls.
• Compliance & Governance: Ensure SOC processes align with ISO/IEC 27001, NIST CSF, and regional privacy regulations. Support audits and reporting for security frameworks and regulatory compliance.
• SOC Maturity & Continuous Improvement: Participate in post-incident reviews, documenting lessons learned and systemic fixes. Contribute to global SOC process improvement, playbook updates, and capability uplift. Support quarterly DR exercises and technical tabletop simulations. Assist the Senior SOC Manager with operational reporting and KPI development (MTTD, MTTR).
• Collaboration & Communication: Partner with Tier 3 peers in EMEA and Americas to enable seamless 24×7 global handoff. Coordinate regularly with IT, Cloud, OT, and Security Architecture stakeholders. Provide clear, concise reporting suitable for both technical and executive audiences.

Qualifications

• Education: Bachelor's degree in Cybersecurity, Computer Science, Information Systems, or related field. Equivalent military or professional experience considered.
• Experience: 4–7 years of professional experience in SOC operations, cyber defense, or incident response. Strong experience with SIEM analysis (Google SecOps, Splunk, or other industry-leading SIEMs preferred). Hands-on experience with Microsoft Defender (Endpoint/Identity/Office) or comparable XDR platforms. Experience working with MSSPs or co-managed SOC environments highly preferred. Demonstrated expertise analyzing endpoint, network, identity, and cloud-based detections.
• Key Skills & Knowledge: In-depth understanding of the incident response lifecycle and MITRE ATT&CK. Strong proficiency in KQL (Kusto Query Language) or equivalent SIEM languages. Experience building or tuning SOAR automation workflows. Familiarity with GCP / Azure security architecture; exposure to AWS or Alibaba is a plus. Strong forensic analysis capability (endpoint, logs, memory, identity). Ability to communicate clearly under pressure and in cross-cultural settings.
• Certifications Preferred Core: Networking+, CySA+, Security+, GCIA, GCIH, GCFA, GMON Cloud: AZ-500, SC-200/300, CCSK or CCSP (optional) Advanced: CISSP, CASP+, (optional)

Key Leadership Behaviors

Actively articulates and promotes Dentsply Sirona's vision, mission and values. Advocates on behalf of the customer. Promotes high performance, innovation and continual improvement. Consistently meets Company standards, ethics and compliance requirements. Clear and effective communication with stakeholders, which span across multiple levels, socio-geographic areas and functional expertise.

Environmental Requirements

Professional Work environment: Work primarily performed in an office/Home Office environment.

Equal Opportunity Employer: Dentsply Sirona is an Equal Opportunity Employer. All qualified applicants will be considered without unlawful discrimination or regard for race, color, religion, sex, sexual orientation, sexual or gender identity, national or ethnic origin, age, marital status, disability, genetic factors, military and veteran status, or any other characteristics protected by applicable local law. Eligibility: All successful applicants must be eligible to work in the country the position is based. Assistance: If you need assistance with completing the online application due to a disability, please send an accommodation request to View email address on click.appcast.io . Agencies: Please note that Dentsply Sirona does not accept or respond to unsolicited requests or applications submitted by Recruitment Agencies/ Search Firms. Notice on Fraudulent Job Offers: Unfortunately, we are aware of third parties that pretend to represent our company offering unauthorized employment opportunities. If you think a fraudulent source is offering you a job, please have a look at the following information: careers.dentsplysirona.com.