23 Junior Security Consultant jobs in the Philippines

**Introduction**
We are seeking a highly skilled and experienced Cloud Security Consultant who will be responsible for the governance, strategy, and advisory aspects of cloud security. The individual will drive the adoption and continuous improvement of the Cloud Security Framework while overseeing the effective use of CSPM, CWP, and SSPM platforms across AWS, Azure, and GCP.
**Your role and responsibilities**
As a Cloud Security Consultant you will play a crucial role in strategic security planning, ensuring compliance with industry regulations and frameworks, and driving continuous improvement through automation and orchestration.This encompasses managing key performance indicators (KPIs), conducting regular security exercises, and collaborating effectively with other IT and security teams to enhance overall security monitoring and response capabilities. The ideal candidate will possess a deep understanding of current and emerging cyber threats and a proven ability to lead and motivate a team in a fast-paced, high-pressure environment.
Your primary responsibilities include:
Cloud Security Management and Compliance: Define, maintain, and enhance the organization's Cloud Security Framework in alignment with regulatory (e.g., BSP, DPA) and industry (e.g., NIST, CSA) standards. Provide cloud security governance across multi-cloud platforms (AWS, Azure, GCP). Oversee baseline and periodic posture assessments and trend analysis reporting. Oversee compliance reporting activities aligned with regulatory frameworks (PCI DSS, GDPR, NIST, CIS).
Cloud Security Optimization: Lead the development, tuning, and optimization of Prisma Cloud CSPM policies for AWS, Azure, and GCP. Lead onboarding and security posture policy configuration of the SSPM platform for key SaaS apps.
Threat Intelligence and Continuous Improvement: Design detection strategies and RQL-based investigation playbooks. Oversee CWPP alert tuning and ensure alignment with the client's governance protocols. Define and regularly tune posture rules and detection logic based on evolving threats. Continuously assess policy relevance against service updates and compliance mandates.
Cross-Team Collaboration: Collaborate with engineering, SOC, and risk/compliance teams to ensure policy enforcement and incident response readiness. Provide technical guidance to engineers conducting audit log analysis, threat hunts, and RCA activities.
Incident Management and Communication: Track and report on key cloud security KPIs, metrics, and control effectiveness. Review and refine policies, standards, SOPs, and guidelines related to cloud operations. Lead knowledge transfer sessions.
**Required technical and professional expertise**
Technical Requirements:
* More than 5 years in cloud security consulting, architecture, or posture management.
* Proven and extensive experience with Prisma Cloud (CSPM/CWPP) and SSPM platforms.
* Hands-on experience integrating alerts into SIEM/SOAR tools like Google SecOps.
* Familiar with cloud-native and hybrid environment architecture in AWS, Azure, or GCP
* Familiar with compliance frameworks: NIST CSF, CIS, GDPR, PCI DSS.
* Experience integrating alerts and posture signals into SIEM/ITSM (e.g., Chronicle, Splunk, ServiceNow)
Soft Skills:
* Strong analytical and problem-solving abilities with keen attention to detail.
* Excellent communication and collaboration skills, with the ability to interact effectively with stakeholders at all levels.
* Capable of managing multiple priorities in a fast-paced, dynamic environment.
**Preferred technical and professional experience**
Certifications: CCSP, GCSA, CISSP, CRISC, CISA, AWS/Azure/GCP Security Specialty ( or any cloud platform-specific certs), Prisma Cloud Certification (e.g., Palo Alto Networks Certified Cloud Security Engineer-PCCSE), Google Cybersecurity Professional Certificate or SIEM-specific trainings (e.g., Chronicle)
IBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.

**Introduction**
We are seeking a highly skilled and experienced Cloud Security Consultant who will be responsible for the governance, strategy, and advisory aspects of cloud security. The individual will drive the adoption and continuous improvement of the Cloud Security Framework while overseeing the effective use of CSPM, CWP, and SSPM platforms across AWS, Azure, and GCP.
**Your role and responsibilities**
As a Cloud Security Consultant you will play a crucial role in strategic security planning, ensuring compliance with industry regulations and frameworks, and driving continuous improvement through automation and orchestration.This encompasses managing key performance indicators (KPIs), conducting regular security exercises, and collaborating effectively with other IT and security teams to enhance overall security monitoring and response capabilities. The ideal candidate will possess a deep understanding of current and emerging cyber threats and a proven ability to lead and motivate a team in a fast-paced, high-pressure environment.
Your primary responsibilities include:
Cloud Security Management and Compliance: Define, maintain, and enhance the organization's Cloud Security Framework in alignment with regulatory (e.g., BSP, DPA) and industry (e.g., NIST, CSA) standards. Provide cloud security governance across multi-cloud platforms (AWS, Azure, GCP). Oversee baseline and periodic posture assessments and trend analysis reporting. Oversee compliance reporting activities aligned with regulatory frameworks (PCI DSS, GDPR, NIST, CIS).
Cloud Security Optimization: Lead the development, tuning, and optimization of Prisma Cloud CSPM policies for AWS, Azure, and GCP. Lead onboarding and security posture policy configuration of the SSPM platform for key SaaS apps.
Threat Intelligence and Continuous Improvement: Design detection strategies and RQL-based investigation playbooks. Oversee CWPP alert tuning and ensure alignment with the client's governance protocols. Define and regularly tune posture rules and detection logic based on evolving threats. Continuously assess policy relevance against service updates and compliance mandates.
Cross-Team Collaboration: Collaborate with engineering, SOC, and risk/compliance teams to ensure policy enforcement and incident response readiness. Provide technical guidance to engineers conducting audit log analysis, threat hunts, and RCA activities.
Incident Management and Communication: Track and report on key cloud security KPIs, metrics, and control effectiveness. Review and refine policies, standards, SOPs, and guidelines related to cloud operations. Lead knowledge transfer sessions.
**Required technical and professional expertise**
Technical Requirements:
* More than 5 years in cloud security consulting, architecture, or posture management.
* Proven and extensive experience with Prisma Cloud (CSPM/CWPP) and SSPM platforms.
* Hands-on experience integrating alerts into SIEM/SOAR tools like Google SecOps.
* Familiar with cloud-native and hybrid environment architecture in AWS, Azure, or GCP
* Familiar with compliance frameworks: NIST CSF, CIS, GDPR, PCI DSS.
* Experience integrating alerts and posture signals into SIEM/ITSM (e.g., Chronicle, Splunk, ServiceNow)
Soft Skills:
* Strong analytical and problem-solving abilities with keen attention to detail.
* Excellent communication and collaboration skills, with the ability to interact effectively with stakeholders at all levels.
* Capable of managing multiple priorities in a fast-paced, dynamic environment.
**Preferred technical and professional experience**
Certifications: CCSP, GCSA, CISSP, CRISC, CISA, AWS/Azure/GCP Security Specialty ( or any cloud platform-specific certs), Prisma Cloud Certification (e.g., Palo Alto Networks Certified Cloud Security Engineer-PCCSE), Google Cybersecurity Professional Certificate or SIEM-specific trainings (e.g., Chronicle)
IBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start **Caring. Connecting. Growing together.**
**Primary Responsibilities:**
+ Perform audits to identify control gaps and implement corrective action plans
+ Ensure alignment of security policies/standards with IT infrastructure frameworks (e.g., ISO 2700x, NIST, ITIL)
+ Monitor compliance with corrective action plans, and address non-compliance issues appropriately
+ Demonstrate understanding of discovery technologies to identify system vulnerabilities (e.g. scanning tools)
+ Establish appropriate security controls based on defined data classifications to align with applicable laws/regulations/standards
+ Facilitate/lead security incident investigation
+ Analyze business requirements and ensure that solutions meet established security policies and controls
+ Maintain metrics and ensure reporting as appropriate
+ Maintain current knowledge on information security topics and their applicability program requirements
+ Communicate professionally with stakeholders/end users through multiple communication
+ Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so
**Required Qualifications:**
+ Bachelor's degree or higher level of education
+ 6+ years of Information security experience
+ Experience with ISO27001 (ISMS), ISO31000 (Risk management), HITRUST CSF, NIST Cybersecurity Framework, SOC Type1/2
+ Auditing skills and the ability to manage risk assessments / projects independently.
+ Proven excellent communication skills both verbal and written
+ Good presentation skills particularly ability to present technology elements in manner personnel can follow and act
**Preferred Qualification:**
+ CISSP, CISA or ISO27001 Lead Implementer or Lead Auditor certification.
_At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone - of every race, gender, sexuality, age, location and income - deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission._
_Optum is a drug-free workplace. © 2025 Optum Global Solutions (Philippines) Inc. All rights reserved._

**Company Description**:

- Outsourced is a leading Business Process Outsourcing (BPO) in the Philippines that provides dedicated full time remote staff and offshore staffing services to international companies of all sizes. We specialize in providing offshore staff of the highest quality who will continue to exceed your expectations ongoing. We provide both remote
- **home-based** and state-of-the-art
- **office-based** offshore staffing options. We have spared no expense to ensure your offshore staff are comfortable and able to perform their work effectively and efficiently
- Design and implementation of Microsoft Security Solution portfolio
- Work alongside SOC Analysts to improve the detection of security incidents
- Research and implement new Microsoft feature sets that can be used within the SOC
- Assist with the development of more junior members of the team where required

**Qualifications**:

- Microsoft Certifications such as: AZ-104, SC-200, MS-500 & AZ-500
- Hands-on design & implementation experience of SIEM solutions such as: MS Sentinel, Splunk etc
- Experience of scripting languages such as Python/Powershell
- Experience with Azure DevOps
- Experience with Azure Security Solutions, MCAS, AADIP, Defender for endpoint, DNS, Defender for Identity, Office 365
- A good understanding of Information Security Governance, ISO 27001, IASME Governance etc
- Microsoft Windows Server & Desktop, O365 etc
- Linux - RedHat, CentOS, Ubuntu, Debian etc
- Experience in Virtualisation / Cloud and Scalability of infrastructures
- Previous experience dealing with multiple clients and products
- Excellent written and spoken English skills are vital for compiling high-quality reports and liaising with clients

The security Analyst will address the challenge of managing cybersecurity and privacy risks in a way that is in line with Aspires strategy; The security analyst will provide independent, impartial assistance in IT and across the business, bringing insights from our work with internal and external systems, as well as knowledge of industry leading practice, regulation, and audit requirements.
- Perform vulnerability assessments, penetration tests and technical security compliance review.
- Perform penetration tests and writes recommendations for security improvements.
- Monitor managed components and manage incidents and problems.
- Design, develop, install, configure, test, monitor, maintain, troubleshoot, and upgrade cyber security infrastructure.
- Support various technical and non-technical stakeholders to specify and negotiate security requirements.

**JOB SPECIFICATIONS**

**1. **Education**:

- Bachelor's/College Degree in Computer Science/Information Technology or equivalent.

**2.** **Knowledge and skills**:

- Experience in information security or related field
- Experience with computer network penetration testing and techniques
- Understanding of firewalls, proxies, SIEM, antivirus, and IDPS concepts
- Ability to identify and mitigate network vulnerabilities and explain how to avoid them.
- Understanding of patch management with the ability to deploy patches in a timely manner while understanding business impact.
- Experienced in installing security software and documenting security issues.
- Excellent problem-solving and communication skills
- Ability to think critically.
- Good interpersonal skills
- Excellent written and oral communication skills

**3.** **Experience**:

- 1 year or more experience in experience in information security

**Job Types**: Full-time, Permanent, Fresh graduate

**Salary**: Php30,000.00 per month

**Benefits**:

- Company Christmas gift
- Health insurance
- Life insurance
- Paid training
- Promotion to permanent employee

Schedule:

- 8 hour shift
- Monday to Friday
- Night shift

Supplemental pay types:

- 13th month salary
- Overtime pay

Ability to commute/relocate:

- Taguig City: Reliably commute or planning to relocate before starting work (required)

**Who we are and what we do**

Audinate leads the world in networked media with our "Dante" technology used extensively in professional audio / video installations including live events, broadcast, entertainment venues and communications systems.

Dante harnesses the power of IT networking to make AV better, replacing the need for specialised point-to-point analogue and digital connections. With audio and video making up so much of our daily lives, we play an important role in every great audio visual moment. The Dante technology embedded in popular AV products makes it possible for users to connect sound and vision like never before.

*
About the role*

In this newly created role you will be responsible for coordinating cyber security of our hybrid on-premises and cloud-based platforms. Reporting directly to the Cyber Security Operations Manager you will action and scale up responses to security incidents globally alongside maintaining and actioning cyber security and information security on a day-to-day basis.

**Responsibilities**
- Cyber Security Assurance, threat analysis and maintenance of SIEM operations and dashboard
- Advise and offer solutions to internal stakeholders that ensure assets are protected from accidental or malicious damage (including monthly meetings with the senior leadership team)
- Manage and monitor vulnerability scanning services to ensure compliance with patching processes
- Participate in risk management activities including risk and incident analysis and remediation, as well as disaster recovery
- Develop and maintain automatic detection and response capabilities using available SOAR capabilities
- Develop and maintain team playbooks for SIEM management and configuration, including, actioning of alerts, alert exclusions and alert tuning
- Assist with the upkeep of the SecOps environment
- Perform incident response and internal investigations
- Support the Cyber Security Operations Manager to undertake preventative measures to emerging security threats
- Assist with security assessments and generate reports to evaluate the efficacy of the security policies in place
- Monitoring and detecting potential threats and then reporting and responding to these threats promptly
- Collection, analysis, and reporting of cyber security data
- Interact with external service providers and vendors

**Requirements**:

- Passion for cybersecurity and the continuous implementation of best practices in a commercial environment
- Experience in Security operations and incident response
- Excellent written and verbal communication skills
- Maturity of judgement and "no fear" mentality when dealing with security incidents
- Highly proactive and collaborative approach to work
- Experience of hardware and software security infrastructure such as SIEM tools, firewalls, network switches, virtualized client/server architecture.
- Knowledge of Microsoft Azure and M365 Security Services including Microsoft Sentinel, Microsoft Defender Suite, Microsoft Purview / Information Protection, Azure/M365 Security Workloads
- Knowledge of Modern Endpoint Management (Windows 10 / 11, Intune, AutoPilot, Enterprise Mobility)
- Ability to drive incident response playbooks using common scripting languages like Python
- Qualifications in IT/Computer Science, or a related discipline

**Additional desired skills and experience**
- Knowledge of ISO27001 standards
- Relevant industry certifications would be highly regarded such as Certified Information Systems Security Professional (CISSP), SANS GIAC, Microsoft Cloud Security
- Experience working in SOC
- Linux and macOS experience

With us, your ambition extends as far as our reach. Working alongside experts and enthusiasts from different backgrounds, you’ll refine your skills as we define our products. We’ll experience and share a purpose we can see and hear as we pioneer the future of AV together.

In addition to a competitive salary, annual bonus and equity incentive plan, you’ll experience our diverse, values-based culture and a range of benefits such as flexible working through to volunteering leave.

Ericsson Philippines

Location:Taguig, Philippines

Work rights: Local Employment Contract

Travel requirement: None

**About this opportunity**

Ericsson is Growing! We are looking for hardworking individual to join our IT Security Access Control Team in Manila as an IT Security Analyst focusing on Robotic Process Automation (RPA) credential management and execution of IT security controls. You are expected to be flexible, adaptable, and are comfortable working with a wide variety of stakeholders and ambiguity. You will get broad exposure to the Ericsson brand which will provide you with great development opportunities in the future.

As the responsibilities of IT Security Access Control Manila expands, we are building competence in Robotic Process Automation using the Blue Prism platform.

**What you will do**:

- Provide expert guidance and information to stakeholders on Robotics Process Automation (RPA) password credential management.
- Maintain support information published on official support sites
- Perform internal security controls and monitoring
- Be part of IT Security Access Control internal work streams to execute on our strategy

**You will bring**:

- Must hold a bachelor’s degree, preferably Information Technology.
- Experience from working with ISO/IEC 27001- Information security management systems is an advantage.
- Familiarity in Blue Prism, Beyond Trust or any RPA Software / Tools.
- Experience with using or administering ERPs like SAP is a plus.
- Always puts the customer first and wants to be part of delivering world class services, creating a competitive edge for Ericsson.
- Good communication skills, as the role involves communication and interaction with end-users, business managers and support functions.
- Experience from support functions or service delivery (1st/2nd line support).
- Understanding of SOX and the importance of adherence to such requirements is valued.

**Additional Requirements**:

- Strong teamwork skills, with ability to build quick and effective work relations
- Strong communication skills with internal
- and external stakeholders
- Expert stakeholder management skills
- Ability to set and focus on the goal in a hectic environment
- Excellent problem solving and analytical skills
- Experience from an international work environment
- A desire to learn new technologies and willingness to share knowledge and skills with others
- Preferred Qualifications & Experience Requirements:

- User access management and administration experience.
- Reports automation via MS Excel/Visual Basic.
- Basic MS Access background.
- Familiar with reporting methodologies.

**What´s in it for you?**

Here at Ericsson, our culture is built on over a century of courageous decisions. With us, you will no longer be dreaming of what the future holds - you will be redefining it. You won’t develop for the status quo, but will build what replaces it. Joining us is a way to move your career in any direction you want; with hundreds of career opportunities in locations all over the world, in a place where co-creation and collaboration are embedded into the walls. You will find yourself in a speak-up environment where empathy and humanness serve as cornerstones for how we work, and where work-life balance is a priority. Welcome to an inclusive, global company where your opportunity to make an impact is endless.

**What happens once you apply?**

**What's in it for you?**

Here at Ericsson, our culture is built on over a century of courageous decisions With us, you will no longer be dreaming of what the future holds you will be redefining it You won’t develop for the status quo but will build what replaces it Joining us is a way to move your career in any direction you want with hundreds of career opportunities in locations all over the world, in a place where co creation and collaboration are embedded into the walls You will find yourself in a speak up environment where empathy and humanness serve as cornerstones for how we work, and where work life balance is a priority Welcome to an inclusive, global company where your opportunity to make an impact is endless.

“**We are proud to announce at Ericsson Philippines has been name #8 in the country and**, our employees have once again voted us as a Great Place to Work® and we have been officially Certified in 2021. **Every year, more than 10,000 organizations from over 60 countries partner with the Great Place to Work® Institute for assessment, benchmarking and planning actions to strengthen their workplace culture and this Certification acknowledges our employees value their employee experience and our workplace culture.”

**What happens once you apply**

What happens next once you apply? Read about the next steps here

For your interview preparation, here are a few "Tips&Tricks" from our recruiters

For your prep and reference, here is our overall Brand video and some insights about our innovations in 5G

Ericsson is continuing to hire

The Security Operations analyst job role requires a very motivated goal driven individual with strong interpersonal, communication and organizational skills. Must be detail oriented, with a strong work ethic, able to work with mínimal supervision. The role also requires an individual who will act as a security liaison with groups within and outside of JobTarget IT. The Security Analyst’s primary job role is to reduce risk to JobTarget Information Systems, Platforms and Applications through the understanding and the adherence to a risk management framework and to provide governance through the drafting and socialization of security standards, guidelines, policies, and procedures.

**What We Can Offer**:

- Salary Range (Php 62,500 to Php80,500)
- 20 Paid Time Off with 5 convertible to cash at the end of the year
- HMO (with 2 dependents - co paid)
- Group Life and Accident Insurance
- Other exciting monetary allowances
- Great team, culture, and environment and tons of opportunity for career growth

**Work Schedule**: Day/Night

**Work Type**: Remote / Office-Based / Both

**Position To Fill**: One

**What You'll Do**:
Reducing risk through governance and education:

- Responsible for being the Subject Matter Expert (SME) for Information Security Incident Response Actions, ensuring incidents are properly triaged, addressed, tracked, and closed.
- Create Incident Response Playbooks and help in developing Standard Operating Procedures (SOP).
- Responsible for performing internal and external security assessments/testing to validate the effectiveness of current security infrastructure using commonly available security assessment tools and make recommendations to remediate identified risks or vulnerabilities.
- Responsible for review and audit of assets such as VPN, Firewall, & IDS/IPS Configuration & Management.
- Responsible for assisting in the development of appropriate security related policies, procedures, guidelines, standards, benchmarks/metrics and/or processes for network infrastructure, servers, firewalls, intrusion detection/prevention (IDS/IPS) appliances and software.
- Responsible for assisting in various projects to ensure corporate governance of security and compliance with applicable regulations.
- Generates Information Security metrics and reports for executive leadership
- Liaisons with Legal for vendor management, e-discovery, and basic forensics
- Directs Security Awareness Training for employees
- Develops policy documentation

**What You Need to Qualify**:
**Core Skills**:

- Acts responsibly with sensitive and confidential information
- Is creative and resourceful as a problem solver
- Consistently demonstrates the drive to deliver successfully even under difficult timelines
- Has strong analytical, methodical, investigative and auditing skills
- Knows when to make practical rational decisions that reduce risk to JobTarget information and Information systems
- Good written and verbal communications skills
- Good technical writing skills
- A critical logical thinker who is efficient and methodical

**TECHNICAL SKILLS**

Good understanding of the following:

- Background in a security governance model such as NIST, ISO, PCI, or HIPPA.
- Experience in developing cybersecurity policies and procedures
- Familiarity with risk management frameworks.
- Familiarity with Asset Management
- Able to define and understand various lines of business and the relationship to cybersecurity roles, responsibilities, and risk management decisions.
- Familiarity with access control management and strategies
- Able to manage vulnerability remediation through use of mitigation strategies
- Familiarity with security control assessments and procedures
- Ability to perform audits of systems, software, and security controls
- Familiarity with administering a corporate security awareness training program
- Experience with vetting vendors and vendor management
- Familiarity with legal and regulatory compliance requirements.
- HIDS/NIDS
- Network Monitoring Tools
- Case Management System
- Web Security Gateway
- Data Loss Prevention
- Network Access Control
- Encryption
- Vulnerability Identification

**Job Experience**:

- 5 years in a role within Information Technology
- 1-3 years documentation experience

**Desired Technical Certifications**:

- Security+ or equivalent

**Desired Education**:

- Bachelor’s Degree Required or equivalent experience

**Job Types**: Full-time, Permanent

**Salary**: Php62,500.00 - Php80,500.00 per month

**Benefits**:

- Health insurance
- Life insurance
- Opportunities for promotion

Schedule:

- 8 hour shift

Supplemental pay types:

- 13th month salary

In a world of disruption and increasingly complex business challenges, our professionals bring truth into focus with the Kroll Lens. Our sharp analytical skills, paired with the latest technology, allow us to give our clients clarity—not just answers—in all areas of business. We value the diverse backgrounds and perspectives that enable us to think globally. As part of One team, One Kroll, you’ll contribute to a supportive and collaborative work environment that empowers you to excel.

Kroll is the premier global valuation and corporate finance advisor with expertise in complex valuation, disputes and investigations, M&A, restructuring, and compliance and regulatory consulting. Our professionals balance analytical skills, deep market insight and independence to help our clients make sound decisions. As an organization, we think globally—and encourage our people to do the same.

**Role**:

- Use SIEM technologies and other native tools to perform the monitoring of security events on a 24x7 basis.
- Use the SIEM to monitor the network and perform analysis, while integrating the results and information needed to proactively protect the enterprise. This includes developing customized signatures, enterprise content filtering, or firewall ACL change recommendations.
- Provide security events analysis and support to include identifying potential threat, anomalies, and infections, documenting findings, providing recommendations within the incident management system, performing triage of incoming security events, performing preliminary and secondary analysis of those events, and validating the events
- Provide cybersecurity root-cause analysis in support of any tickets for which it fails to meet the Acceptable Quality Levels (AQLs) specified in the PRS. This root-cause analysis will include documenting recommendations for corrective action.

**Requirements**:

- Minimum of 2 years of experience in Cyber Security.
- Bachelor of Science (Masters preferred) in Computer Science, Systems Engineering, Cybersecurity, Information Technology or related area.
- Working level knowledge of policies, procedures, and protocols of a government Security Operations Center.
- Preferred Certifications: Comptia Security+ Certified Ethical Hacker (CEH)
- Kroll is committed to equal opportunity and diversity, and recruits people based on merit._
- #LI-MF2_

LI-Hybrid