SECURITY THREAT ANALYST

Pasay, PH / Manila, PH (Onsite)  •  9 hours ago
Apply
Save Job
Mark Applied Mark Interviewed Mark Offered
Hide Job Report Job
AI can make mistakes so check important info. Chat history is never stored.

Job Description

Entry level position in the SOC team. Triage specialist whose responsibility is to review real-time event data, monitor alert queue on a rotating 24 x 7 x 365 basis, and to determine relevance and urgency of the threat alerts. Perform initial analysis and response to incidents. Monitors health of security sensors and endpoints, keeping abreast of intelligence from IT security community and other industry sources. Conducts asset discovery and vulnerability scanning; track and monitor remediation efforts including report preparations.

Specific Duties & Responsibilities:

  • Continuously monitor security events from various SOC log sources, and analyze threat alerts to determine relevance and urgency (triaging).
  • Monitors health of security sensors and endpoints
  • Perform system/network inventory and validation, log collection, investigate threat alerts to reach the root cause and respond to incidents/threat alerts.
  • Prepare alert tickets, collects alert information, follow incident playbooks and provide the context of an incident to L2 analyst for further investigation and resolution.
  • Runs vulnerability scans and reviews vulnerability assessment reports.
  • Manages security monitoring tools, enroll log sources and provides input on tuning and optimizing security systems.
  • Develops and implement security event and threat detection logic (Use Cases)
  • Provide input to constantly improve SOC security process, policies, procedures and incident response playbooks.
  • Staying up-to-date with emerging security threats and vulnerabilities including applicable regulatory security requirements.
  • Other tasks that may be assigned

Job Specifications:

  • A Bachelor's Degree in a relevant area of study with a preference for Information Security, Computer Science or Computer Engineering
  • Demonstrate a foundational understanding of IP networking, routing and switching, including multiple operating systems (Windows, Solaris, *nix) and system administration.
  • Self-starter, analytical thinker and must possess a genuine passion for Information Security.
  • Has basic understanding of Information Security concepts and practices
  • Detail oriented with strong organizational and analytical skills
  • Programming skills as well as host, network and application investigative skills
  • Knowledgeable in security technology like SIEM, anti-malware, firewall, IPS/IDS, logging, monitoring and vulnerability management.
  • Basic knowledge of client-server applications, multi-tier web applications, relational databases.
  • Task and delivery management skills
  • Good written and verbal communication and presentation skills
  • Conflict and problem management skills
  • Ability to work on 24 x 7 x 365 shift rotation
  • Preferred Information Security professional designations such as CISSP, CISM, CISA
  • Previous Security Operations Centre Experience in conducting security investigations a plus
Company

About Company

Industry
Unknown
Company Size
Unknown
Headquarters
Unknown
Year Founded
Unknown
Website
Unknown
Social Media
Unknown