19 Malware Analysis jobs in the Philippines
Gds Consulting threat Researcher
Taguig, National Capital Region
EY
Job Viewed
Job Description
At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.
**The opportunity**:
We’re looking for Senior Consultant with expertise in Threat Research, Threat Intelligence, and Threat Hunting. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offerings.
**Your key responsibilities**:
- Research cyber threats such as vulnerabilities, zero-days, emerging threats, malware, tools, tactics, techniques, procedures, behaviors.
- Proactively search the news, social media, dark web, and networks to spot threats that evade existing security solutions.
- Identify and the track the activities and motives of cyber threat actors.
- Perform in-depth analysis of threats and association to threat actors.
- Work on threat intelligence platforms to automate ingestion and actions.
- Work with different standards of threat intelligence sharing such as STIX, TAXII, and OpenIOC.
- Able to classify actionable threat intelligence from raw data. Advise clients on contextual threat intelligence applicable to their environment/industry.
- Assist clients globally to prepare for and defend against continuously evolving cyber attacks
**Skills and attributes for success**:
- Customer Service oriented - Meets commitments to customers; Seeks feedback from customers to identify improvement opportunities.
- Expertise in analysis and threat hunting in Azure Sentinel and Defender ATP. Experience in various SIEM and EDR solutions is a plus.
- Familiar with adversary tactics and techniques under Cyber kill chain and MITRE ATT&CK framework.
- Understanding of use cases development to identify suspicious activities.
- Scripting knowledge (Python, YARA, PowerShell).
- Extensive knowledge of different security threats and APT groups.
- Good knowledge and experience in Security Monitoring.
- Good knowledge and experience in Cyber Incident Response.
- Good understanding of the inner workings of Windows, MacOs and Linux OS.
**Qualifications**:
- Bachelor's degree or a master’s degree in Computer Engineering, IT security, Computer Science, Information Systems or other related fields.
- Minimum of 5 years’ overall experience in such areas as IT security, security operations, threat intelligence, incident response, threat hunting.
- Desired working experience of security monitoring tools such as Azure Defender, Sentinel, Fidelis, Splunk, ArcSight, Crowdstike, Mandiant, Qradar, Symantec Endpoint
- In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
- Highly proficient in English with good written and oral communication.
- Good analytical, problem solving and interpersonal skills.
- CISSP, GCIH, GMON, GCIA, CISM, OSCP, CEH or related certifications desirable.
**EY | Building a better working world**
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.
**The opportunity**:
We’re looking for Senior Consultant with expertise in Threat Research, Threat Intelligence, and Threat Hunting. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offerings.
**Your key responsibilities**:
- Research cyber threats such as vulnerabilities, zero-days, emerging threats, malware, tools, tactics, techniques, procedures, behaviors.
- Proactively search the news, social media, dark web, and networks to spot threats that evade existing security solutions.
- Identify and the track the activities and motives of cyber threat actors.
- Perform in-depth analysis of threats and association to threat actors.
- Work on threat intelligence platforms to automate ingestion and actions.
- Work with different standards of threat intelligence sharing such as STIX, TAXII, and OpenIOC.
- Able to classify actionable threat intelligence from raw data. Advise clients on contextual threat intelligence applicable to their environment/industry.
- Assist clients globally to prepare for and defend against continuously evolving cyber attacks
**Skills and attributes for success**:
- Customer Service oriented - Meets commitments to customers; Seeks feedback from customers to identify improvement opportunities.
- Expertise in analysis and threat hunting in Azure Sentinel and Defender ATP. Experience in various SIEM and EDR solutions is a plus.
- Familiar with adversary tactics and techniques under Cyber kill chain and MITRE ATT&CK framework.
- Understanding of use cases development to identify suspicious activities.
- Scripting knowledge (Python, YARA, PowerShell).
- Extensive knowledge of different security threats and APT groups.
- Good knowledge and experience in Security Monitoring.
- Good knowledge and experience in Cyber Incident Response.
- Good understanding of the inner workings of Windows, MacOs and Linux OS.
**Qualifications**:
- Bachelor's degree or a master’s degree in Computer Engineering, IT security, Computer Science, Information Systems or other related fields.
- Minimum of 5 years’ overall experience in such areas as IT security, security operations, threat intelligence, incident response, threat hunting.
- Desired working experience of security monitoring tools such as Azure Defender, Sentinel, Fidelis, Splunk, ArcSight, Crowdstike, Mandiant, Qradar, Symantec Endpoint
- In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
- Highly proficient in English with good written and oral communication.
- Good analytical, problem solving and interpersonal skills.
- CISSP, GCIH, GMON, GCIA, CISM, OSCP, CEH or related certifications desirable.
**EY | Building a better working world**
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.
This advertiser has chosen not to accept applicants from your region.
Job No Longer Available
This position is no longer listed on WhatJobs. The employer may be reviewing applications, filled the role, or has removed the listing.
However, we have similar jobs available for you below.
Security Analyst - Urgent!!!
StackTrek Inc.
Posted today
Job Viewed
Job Description
**Security Analyst**
- Security monitoring, event analysis, and alert and incident response
- Configuration and deployment of Fortinet network and security appliances
- Vulnerability assessments
**Responsibilities**:
- Configure and Support Network security solutions (Fortinet products)
- Review security-related events, assess risk and validity, and reporting of findings
- Ability to read and understand system data, including, but not limited to, security event logs, system logs, and firewall logs
- Investigates, researches, and analyzes security incidents
- Takes an active part in the resolution of incidents, even after they are escalated
- Work closely with your team to exceed our client's expectations while identifying and mitigating business risks associated with projects.
- Monitor and report based on client SLAs with an emphasis on quality and accuracy.
Required Qualifications
- Ability to communicate networking concepts to those with and without IT experience.
- Strong, practical knowledge of networking.
- Ability to analyze data (logs and packets captures) from various sources and draw meaningful conclusions.
- Demonstrable ability to independently manage time
- Detail-oriented with strong organizational and analytical skills.
- Be a team player who can work effectively in all required situations.
- A Bachelor's Degree / Diploma in a relevant area of study with a preference for Computer Science, Information Security or Computer Engineering.
- 1+ years of work experience with in SOC
- Direct prior experience with core security technologies such as security information and event monitoring systems (SIEM), network and host intrusion prevention and detection systems, proxies, vulnerability scanners, and anti-virus solutions
- Analytical and investigative skills
- On-call 7x24 rotation
- Professional certifications in networking and security technologies are an asset.
Note: This is a work from home setup.
**Job Types**: Full-time, Permanent
**Benefits**:
- Work from home
Schedule:
- 8 hour shift
- Monday to Friday
Supplemental pay types:
- 13th month salary
- Overtime pay
- Performance bonus
**Experience**:
- Cybersecurity: 1 year (required)
- SOC: 1 year (required)
- Security monitoring, event analysis, and alert and incident response
- Configuration and deployment of Fortinet network and security appliances
- Vulnerability assessments
**Responsibilities**:
- Configure and Support Network security solutions (Fortinet products)
- Review security-related events, assess risk and validity, and reporting of findings
- Ability to read and understand system data, including, but not limited to, security event logs, system logs, and firewall logs
- Investigates, researches, and analyzes security incidents
- Takes an active part in the resolution of incidents, even after they are escalated
- Work closely with your team to exceed our client's expectations while identifying and mitigating business risks associated with projects.
- Monitor and report based on client SLAs with an emphasis on quality and accuracy.
Required Qualifications
- Ability to communicate networking concepts to those with and without IT experience.
- Strong, practical knowledge of networking.
- Ability to analyze data (logs and packets captures) from various sources and draw meaningful conclusions.
- Demonstrable ability to independently manage time
- Detail-oriented with strong organizational and analytical skills.
- Be a team player who can work effectively in all required situations.
- A Bachelor's Degree / Diploma in a relevant area of study with a preference for Computer Science, Information Security or Computer Engineering.
- 1+ years of work experience with in SOC
- Direct prior experience with core security technologies such as security information and event monitoring systems (SIEM), network and host intrusion prevention and detection systems, proxies, vulnerability scanners, and anti-virus solutions
- Analytical and investigative skills
- On-call 7x24 rotation
- Professional certifications in networking and security technologies are an asset.
Note: This is a work from home setup.
**Job Types**: Full-time, Permanent
**Benefits**:
- Work from home
Schedule:
- 8 hour shift
- Monday to Friday
Supplemental pay types:
- 13th month salary
- Overtime pay
- Performance bonus
**Experience**:
- Cybersecurity: 1 year (required)
- SOC: 1 year (required)
This advertiser has chosen not to accept applicants from your region.
0
Cyber Security Analyst
Manulife
Posted today
Job Viewed
Job Description
**_Are you looking for a supportive, collaborative workplace with great teams and inspiring leaders? You’ve come to the right place. We’re looking for ambitious people who share our values and want to make every day better for people around the world. If this sounds like you, and the career below sounds exciting, we’d like to hear from you. _**
**Working Arrangement**
Hybrid
**Job Summary**:
Responsible for evaluation and management of security incidents and alerts
**Key Accountabilities**:
- Respond to and investigate security incidents detected by the SIEM and user-reported incidents
- Work with technical engineers over a variety of platforms
- Escalate to next level of support as dictated by process
- Assist in development and maintenance of SOC related documentation, processes, etc.
- Work in a 24/7 environment
- Other ad hoc SOC activities
**Minimum Skills Requirement to Hire**:
- IT degree or equivalent experience
- Excellent communication skills (oral and written)
- Strong understanding of Network Infrastructure and Protocols (TCP, UDP)
- Ability to understand a variety of network protocols such as TCP/IP, UDP, DHCP, FTP, SFTP, ATM, SNMP, SMTP, SSH, SSL, VPN, RDP, HTTP and HTTPS.
- Understanding of Diverse Operating systems such as Windows, Unix-based OS’ (to include AIX, Linux flavors, and MacOS)
- General understanding of cyber security concepts
- Innovative problem-solving skills with the proven ability to exercise flexibility and judgment
- At least 1 year experience working in Security Operations Center
- Ability to be flexible and adaptable when dealing with change
**_Technical Skills: _**
- Security + certification or equivalent training will be an advantage
- Knowledge on various security solutions (SIEM, firewall, AV, IDS, etc)
- Understanding of incident handling process
**_Soft skills: _**
- Fast learner, self-starter and passionate about security
- Excellent comprehension, analytical and decision-making skills
- Excellent communication skills (oral and written)
- Ability to work within a team to solve complex issues
- Excellent attention to detail, data accuracy, and data analysis
- Ability to develop excellent working relationships with a variety of other enabling teams
**About John Hancock and Manulife**
**Manulife is an Equal Opportunity Employer
**Working Arrangement**
Hybrid
**Job Summary**:
Responsible for evaluation and management of security incidents and alerts
**Key Accountabilities**:
- Respond to and investigate security incidents detected by the SIEM and user-reported incidents
- Work with technical engineers over a variety of platforms
- Escalate to next level of support as dictated by process
- Assist in development and maintenance of SOC related documentation, processes, etc.
- Work in a 24/7 environment
- Other ad hoc SOC activities
**Minimum Skills Requirement to Hire**:
- IT degree or equivalent experience
- Excellent communication skills (oral and written)
- Strong understanding of Network Infrastructure and Protocols (TCP, UDP)
- Ability to understand a variety of network protocols such as TCP/IP, UDP, DHCP, FTP, SFTP, ATM, SNMP, SMTP, SSH, SSL, VPN, RDP, HTTP and HTTPS.
- Understanding of Diverse Operating systems such as Windows, Unix-based OS’ (to include AIX, Linux flavors, and MacOS)
- General understanding of cyber security concepts
- Innovative problem-solving skills with the proven ability to exercise flexibility and judgment
- At least 1 year experience working in Security Operations Center
- Ability to be flexible and adaptable when dealing with change
**_Technical Skills: _**
- Security + certification or equivalent training will be an advantage
- Knowledge on various security solutions (SIEM, firewall, AV, IDS, etc)
- Understanding of incident handling process
**_Soft skills: _**
- Fast learner, self-starter and passionate about security
- Excellent comprehension, analytical and decision-making skills
- Excellent communication skills (oral and written)
- Ability to work within a team to solve complex issues
- Excellent attention to detail, data accuracy, and data analysis
- Ability to develop excellent working relationships with a variety of other enabling teams
**About John Hancock and Manulife**
**Manulife is an Equal Opportunity Employer
This advertiser has chosen not to accept applicants from your region.
1
IT Security Analyst
Cainta, Rizal
Solaire Resort and Casino
Posted today
Job Viewed
Job Description
**Job Overview**:
- Understanding of security concepts including malware, intrusion detection, risk analysis, and threat/vulnerability management
- Advance knowledge on operating systems, virtualization, network architecture and cloud technologies
- Knowledge of security processes and procedures following ITIL framework
**Qualifications**:
- At least 3 years working experience in IT Security Operations is required for this position
- Willing to work onsite (Paranaque City)
**Salary**: Php65,000.00 - Php75,000.00 per month
**Benefits**:
- Free parking
- Health insurance
- Life insurance
- On-site parking
- Staff meals provided
Schedule:
- 10 hour shift
Supplemental pay types:
- 13th month salary
- Understanding of security concepts including malware, intrusion detection, risk analysis, and threat/vulnerability management
- Advance knowledge on operating systems, virtualization, network architecture and cloud technologies
- Knowledge of security processes and procedures following ITIL framework
**Qualifications**:
- At least 3 years working experience in IT Security Operations is required for this position
- Willing to work onsite (Paranaque City)
**Salary**: Php65,000.00 - Php75,000.00 per month
**Benefits**:
- Free parking
- Health insurance
- Life insurance
- On-site parking
- Staff meals provided
Schedule:
- 10 hour shift
Supplemental pay types:
- 13th month salary
This advertiser has chosen not to accept applicants from your region.
2
Cyber Security Analyst
Pasig, Palawan
Universal Global Business Solutions
Posted today
Job Viewed
Job Description
Pre-Requisites
- Experience on network vulnerability scanning penetration testing
- Experience with Nessus Tenable, Metasploit, Kali Linux or other Linux base VAPT or similar tools
- Knowledge of Network Security technology in areas of Firewall, IPS, VPN, Gateway security
solutions (proxy, web filtering)
- In-depth understanding on Common Vulnerability Exposure (CVE)/ Cert advisory database
- Analytical thinker willing to “think outside the box” to resolve customer impacting situations on
first contact; understand customer risk profile.
- Self-starter and ability to deliver under defined timelines
- Can lead and supervise technical delivery team in implementation and deployment of projects.
**Requirements**:
Certifications like CEH, CPTE, CISM, CISSP or any related certification for IT security
3-5 years in field of IT Security Services
Network Security (multi-vendor) experience
Broad background of networks, operating systems (Window, Unix, Linux), firewalls and security
engineering concepts.
Knowledge of IDS deployment strategies and experience in SIEM solutions (ArcSight, LogRhythm,
FortiSIEM, etc.) will be advantageous
Knowledge of scripting languages (C++, C#, Perl, CGI, HTML, Java, TCL, Shell) will be added advantage
**Benefits**:
- Paid training
- Pay raise
Schedule:
- 8 hour shift
Supplemental pay types:
- 13th month salary
- Overtime pay
Ability to commute/relocate:
- Pasig City: Reliably commute or planning to relocate before starting work (required)
- Experience on network vulnerability scanning penetration testing
- Experience with Nessus Tenable, Metasploit, Kali Linux or other Linux base VAPT or similar tools
- Knowledge of Network Security technology in areas of Firewall, IPS, VPN, Gateway security
solutions (proxy, web filtering)
- In-depth understanding on Common Vulnerability Exposure (CVE)/ Cert advisory database
- Analytical thinker willing to “think outside the box” to resolve customer impacting situations on
first contact; understand customer risk profile.
- Self-starter and ability to deliver under defined timelines
- Can lead and supervise technical delivery team in implementation and deployment of projects.
**Requirements**:
Certifications like CEH, CPTE, CISM, CISSP or any related certification for IT security
3-5 years in field of IT Security Services
Network Security (multi-vendor) experience
Broad background of networks, operating systems (Window, Unix, Linux), firewalls and security
engineering concepts.
Knowledge of IDS deployment strategies and experience in SIEM solutions (ArcSight, LogRhythm,
FortiSIEM, etc.) will be advantageous
Knowledge of scripting languages (C++, C#, Perl, CGI, HTML, Java, TCL, Shell) will be added advantage
**Benefits**:
- Paid training
- Pay raise
Schedule:
- 8 hour shift
Supplemental pay types:
- 13th month salary
- Overtime pay
Ability to commute/relocate:
- Pasig City: Reliably commute or planning to relocate before starting work (required)
This advertiser has chosen not to accept applicants from your region.
3
Principal Security Analyst
Makati, National Capital Region
opentext
Posted today
Job Viewed
Job Description
**OPENTEXT - THE INFORMATION COMPANY**
As the Information Company, our mission at OpenText is to create software solutions and deliver services that redefine the future of digital. Be part of a winning team that leads the way in Enterprise Information Management.
**Job Description** - **Principal Security Analyst**:
**ENABLING THE DIGITAL WORLD**
OpenText enables the digital world by simplifying, transforming, and accelerating enterprise information needs, on premises or in the cloud. We embrace all things digital and are committed to being the Best Place to Work for our Employees in over 140 locations around the world.
We obsess over our customers to ensure they are wildly successful in embracing the Digital World. Our customers entrust us with their most important information, we need to be their most trusted partner. What we do, we do well. What we create, we do purposefully to impact the world. If you believe in this and are passionate about enabling the Digital World, then let OpenText turn your career vision into reality.
**THE OPPORTUNITY**:
The Principal Security Analyst will understand a wide array of security processes and concepts and have a strong SOC background. They have excellent analysis, prioritization, and incident handling skills. The Principal Security Analyst will perform various duties including: SIEM and security tool monitoring, alarm triage, incident handling, log analysis. This is a hands-on role that will create, maintain, and follow detailed operational processes and procedures to appropriately analyze, escalate, and assist in remediation of information security incidents. You will also proactively search for, and handle, threats, and abnormal activities within the environment. Principal Security Analysts are expected to ensure all team members are trained, supported, and mentored.
**YOU ARE GREAT AT**:
- Security monitoring, managing security cases & tickets, security incident analysis, and other security tasks.
- Analyzing a variety of security logs to identify actionable events (SIEM reports-alerts-tickets, system, network, security monitoring tools)
- Responding to incidents varying from endpoint to server systems
- Conducting security reviews, risk analysis, and controls reviews in adherence to security policy
- Researching security advisories, e.g., CERT, and delivering appropriate course of action
- Creating documentation to ensure all team members can perform required tasks
- Creating meaningful and detailed metrics based on security events or activities
- Collecting evidence and artifacts to meet compliance requirements (ISO, SOX, HIPAA, SOC, etc.)
- Optimizing day-to-day shift resources and needs
- Ensuring appropriate staffing and coverage for assigned shifts
- Managing and communicating up effectively to leadership regarding staffing needs, events that occurred, etc.
**WHAT IT TAKES**:
- Familiarity with commonly used information security concepts, best practices, and standards
- Excellent communication skills, both written and spoken
- Experience with SIEM tools and operations (LogRhythm preferred)
- Good analytic, troubleshooting, and problem-solving skills
- Research skills for problems and to find information or documentation on related topics
- Experience with vulnerability scanning tools
- Experience with anti-virus and endpoint security solutions
- Experience with Linux and Windows operating systems
- Bachelor’s Degree in Information Systems or Systems Engineering or equivalent experience preferred
- 4+ years in Information systems support, security engineering, or risk and governance
- CISSP, CISA, other certifications preferred
Subject to applicable laws and regulations, OpenText’s global vaccination policy requires all employees to be fully vaccinated against COVID-19 to enter an OpenText office. Accommodations may be available for specific roles.
As the Information Company, our mission at OpenText is to create software solutions and deliver services that redefine the future of digital. Be part of a winning team that leads the way in Enterprise Information Management.
**Job Description** - **Principal Security Analyst**:
**ENABLING THE DIGITAL WORLD**
OpenText enables the digital world by simplifying, transforming, and accelerating enterprise information needs, on premises or in the cloud. We embrace all things digital and are committed to being the Best Place to Work for our Employees in over 140 locations around the world.
We obsess over our customers to ensure they are wildly successful in embracing the Digital World. Our customers entrust us with their most important information, we need to be their most trusted partner. What we do, we do well. What we create, we do purposefully to impact the world. If you believe in this and are passionate about enabling the Digital World, then let OpenText turn your career vision into reality.
**THE OPPORTUNITY**:
The Principal Security Analyst will understand a wide array of security processes and concepts and have a strong SOC background. They have excellent analysis, prioritization, and incident handling skills. The Principal Security Analyst will perform various duties including: SIEM and security tool monitoring, alarm triage, incident handling, log analysis. This is a hands-on role that will create, maintain, and follow detailed operational processes and procedures to appropriately analyze, escalate, and assist in remediation of information security incidents. You will also proactively search for, and handle, threats, and abnormal activities within the environment. Principal Security Analysts are expected to ensure all team members are trained, supported, and mentored.
**YOU ARE GREAT AT**:
- Security monitoring, managing security cases & tickets, security incident analysis, and other security tasks.
- Analyzing a variety of security logs to identify actionable events (SIEM reports-alerts-tickets, system, network, security monitoring tools)
- Responding to incidents varying from endpoint to server systems
- Conducting security reviews, risk analysis, and controls reviews in adherence to security policy
- Researching security advisories, e.g., CERT, and delivering appropriate course of action
- Creating documentation to ensure all team members can perform required tasks
- Creating meaningful and detailed metrics based on security events or activities
- Collecting evidence and artifacts to meet compliance requirements (ISO, SOX, HIPAA, SOC, etc.)
- Optimizing day-to-day shift resources and needs
- Ensuring appropriate staffing and coverage for assigned shifts
- Managing and communicating up effectively to leadership regarding staffing needs, events that occurred, etc.
**WHAT IT TAKES**:
- Familiarity with commonly used information security concepts, best practices, and standards
- Excellent communication skills, both written and spoken
- Experience with SIEM tools and operations (LogRhythm preferred)
- Good analytic, troubleshooting, and problem-solving skills
- Research skills for problems and to find information or documentation on related topics
- Experience with vulnerability scanning tools
- Experience with anti-virus and endpoint security solutions
- Experience with Linux and Windows operating systems
- Bachelor’s Degree in Information Systems or Systems Engineering or equivalent experience preferred
- 4+ years in Information systems support, security engineering, or risk and governance
- CISSP, CISA, other certifications preferred
Subject to applicable laws and regulations, OpenText’s global vaccination policy requires all employees to be fully vaccinated against COVID-19 to enter an OpenText office. Accommodations may be available for specific roles.
This advertiser has chosen not to accept applicants from your region.
4
Lead Security Analyst
Makati, National Capital Region
opentext
Posted today
Job Viewed
Job Description
**OPENTEXT - THE INFORMATION COMPANY**
As the Information Company, our mission at OpenText is to create software solutions and deliver services that redefine the future of digital. Be part of a winning team that leads the way in Enterprise Information Management.
**Job Description** - **Lead Security Analyst**:
**ENABLING THE DIGITAL WORLD**
OpenText enables the digital world by simplifying, transforming, and accelerating enterprise information needs, on premises or in the cloud. We embrace all things digital and are committed to being the Best Place to Work for our Employees in over 140 locations around the world.
We obsess over our customers to ensure they are wildly successful in embracing the Digital World. Our customers entrust us with their most important information, we need to be their most trusted partner. What we do, we do well. What we create, we do purposefully to impact the world. If you believe in this and are passionate about enabling the Digital World, then let OpenText turn your career vision into reality.
**THE OPPORTUNITY**:
The Lead Security Analyst will understand a wide array of security processes and concepts and have a strong SOC background. They have excellent analysis, prioritization, and incident handling skills. The Lead Security Analyst will perform various duties including: SIEM and security tool monitoring, alarm triage, incident handling, log analysis. This is a hands-on role that will create, maintain, and follow detailed operational processes and procedures to appropriately analyze, escalate, and assist in remediation of information security incidents. You will also proactively search for, and handle, threats, and abnormal activities within the environment.
**YOU ARE GREAT AT**:
- Security monitoring, managing security cases & tickets, security incident analysis, and other security tasks.
- Analyzing a variety of security logs to identify actionable events (SIEM reports-alerts-tickets, system, network, security monitoring tools)
- Participating in the design, implementation, and administration of security tools to reduce risk
- Responding to incidents varying from endpoint to server systems
- Conducting security reviews, risk analysis, and controls reviews in adherence to security policy
- Researching security advisories, e.g., CERT, and delivering appropriate course of action
- Creating documentation to ensure all team members can perform required tasks
- Ability to analyze data sets, determine the gaps and create reports on the findings
- Creating and following guides and procedures to adhere to standards and policies
- Creating meaningful and detailed metrics based on security events or activities
- Collecting evidence and artifacts to meet compliance requirements (ISO, SOX, HIPAA, SOC, etc.)
**WHAT IT TAKES**:
- Familiarity with commonly used information security concepts, best practices, and standards
- Excellent communication skills, both written and spoken
- Experience with SIEM tools and operations (LogRhythm preferred)
- Good analytic, troubleshooting, and problem-solving skills
- Research skills for problems and to find information or documentation on related topics
- Experience with vulnerability scanning tools
- Experience with anti-virus and endpoint security solutions
- Experience with Linux and Windows operating systems
- Bachelor’s Degree in Information Systems or Systems Engineering or equivalent experience preferred
- 4+ years in Information systems support, security engineering, or risk and governance
- CISSP, CISA, other certifications preferred
Subject to applicable laws and regulations, OpenText’s global vaccination policy requires all employees to be fully vaccinated against COVID-19 to enter an OpenText office. Accommodations may be available for specific roles.
As the Information Company, our mission at OpenText is to create software solutions and deliver services that redefine the future of digital. Be part of a winning team that leads the way in Enterprise Information Management.
**Job Description** - **Lead Security Analyst**:
**ENABLING THE DIGITAL WORLD**
OpenText enables the digital world by simplifying, transforming, and accelerating enterprise information needs, on premises or in the cloud. We embrace all things digital and are committed to being the Best Place to Work for our Employees in over 140 locations around the world.
We obsess over our customers to ensure they are wildly successful in embracing the Digital World. Our customers entrust us with their most important information, we need to be their most trusted partner. What we do, we do well. What we create, we do purposefully to impact the world. If you believe in this and are passionate about enabling the Digital World, then let OpenText turn your career vision into reality.
**THE OPPORTUNITY**:
The Lead Security Analyst will understand a wide array of security processes and concepts and have a strong SOC background. They have excellent analysis, prioritization, and incident handling skills. The Lead Security Analyst will perform various duties including: SIEM and security tool monitoring, alarm triage, incident handling, log analysis. This is a hands-on role that will create, maintain, and follow detailed operational processes and procedures to appropriately analyze, escalate, and assist in remediation of information security incidents. You will also proactively search for, and handle, threats, and abnormal activities within the environment.
**YOU ARE GREAT AT**:
- Security monitoring, managing security cases & tickets, security incident analysis, and other security tasks.
- Analyzing a variety of security logs to identify actionable events (SIEM reports-alerts-tickets, system, network, security monitoring tools)
- Participating in the design, implementation, and administration of security tools to reduce risk
- Responding to incidents varying from endpoint to server systems
- Conducting security reviews, risk analysis, and controls reviews in adherence to security policy
- Researching security advisories, e.g., CERT, and delivering appropriate course of action
- Creating documentation to ensure all team members can perform required tasks
- Ability to analyze data sets, determine the gaps and create reports on the findings
- Creating and following guides and procedures to adhere to standards and policies
- Creating meaningful and detailed metrics based on security events or activities
- Collecting evidence and artifacts to meet compliance requirements (ISO, SOX, HIPAA, SOC, etc.)
**WHAT IT TAKES**:
- Familiarity with commonly used information security concepts, best practices, and standards
- Excellent communication skills, both written and spoken
- Experience with SIEM tools and operations (LogRhythm preferred)
- Good analytic, troubleshooting, and problem-solving skills
- Research skills for problems and to find information or documentation on related topics
- Experience with vulnerability scanning tools
- Experience with anti-virus and endpoint security solutions
- Experience with Linux and Windows operating systems
- Bachelor’s Degree in Information Systems or Systems Engineering or equivalent experience preferred
- 4+ years in Information systems support, security engineering, or risk and governance
- CISSP, CISA, other certifications preferred
Subject to applicable laws and regulations, OpenText’s global vaccination policy requires all employees to be fully vaccinated against COVID-19 to enter an OpenText office. Accommodations may be available for specific roles.
This advertiser has chosen not to accept applicants from your region.
5
Lead Security Analyst
Makati, National Capital Region
opentext
Posted today
Job Viewed
Job Description
**OPENTEXT - THE INFORMATION COMPANY**
As the Information Company, our mission at OpenText is to create software solutions and deliver services that redefine the future of digital. Be part of a winning team that leads the way in Enterprise Information Management.
**Job Description** - **Lead Security Analyst**:
**ENABLING THE DIGITAL WORLD**
OpenText enables the digital world by simplifying, transforming, and accelerating enterprise information needs, on premises or in the cloud. We embrace all things digital and are committed to being the Best Place to Work for our Employees in over 140 locations around the world.
We obsess over our customers to ensure they are wildly successful in embracing the Digital World. Our customers entrust us with their most important information, we need to be their most trusted partner. What we do, we do well. What we create, we do purposefully to impact the world. If you believe in this and are passionate about enabling the Digital World, then let OpenText turn your career vision into reality.
**THE OPPORTUNITY**:
The Lead Security Analyst will understand a wide array of security processes and concepts and have a strong SOC background. They have excellent analysis, prioritization, and incident handling skills. The Lead Security Analyst will perform various duties including: SIEM and security tool monitoring, alarm triage, incident handling, log analysis. This is a hands-on role that will create, maintain, and follow detailed operational processes and procedures to appropriately analyze, escalate, and assist in remediation of information security incidents. You will also proactively search for, and handle, threats, and abnormal activities within the environment.
**YOU ARE GREAT AT**:
- Security monitoring, managing security cases & tickets, security incident analysis, and other security tasks.
- Analyzing a variety of security logs to identify actionable events (SIEM reports-alerts-tickets, system, network, security monitoring tools)
- Participating in the design, implementation, and administration of security tools to reduce risk
- Responding to incidents varying from endpoint to server systems
- Conducting security reviews, risk analysis, and controls reviews in adherence to security policy
- Researching security advisories, e.g., CERT, and delivering appropriate course of action
- Creating documentation to ensure all team members can perform required tasks
- Ability to analyze data sets, determine the gaps and create reports on the findings
- Creating and following guides and procedures to adhere to standards and policies
- Creating meaningful and detailed metrics based on security events or activities
- Collecting evidence and artifacts to meet compliance requirements (ISO, SOX, HIPAA, SOC, etc.)
**WHAT IT TAKES**:
- Familiarity with commonly used information security concepts, best practices, and standards
- Excellent communication skills, both written and spoken
- Experience with SIEM tools and operations (LogRhythm preferred)
- Good analytic, troubleshooting, and problem-solving skills
- Research skills for problems and to find information or documentation on related topics
- Experience with vulnerability scanning tools
- Experience with anti-virus and endpoint security solutions
- Experience with Linux and Windows operating systems
- Bachelor’s Degree in Information Systems or Systems Engineering or equivalent experience preferred
- 4+ years in Information systems support, security engineering, or risk and governance
- CISSP, CISA, other certifications preferred
Subject to applicable laws and regulations, OpenText’s global vaccination policy requires all employees to be fully vaccinated against COVID-19 to enter an OpenText office. Accommodations may be available for specific roles.
As the Information Company, our mission at OpenText is to create software solutions and deliver services that redefine the future of digital. Be part of a winning team that leads the way in Enterprise Information Management.
**Job Description** - **Lead Security Analyst**:
**ENABLING THE DIGITAL WORLD**
OpenText enables the digital world by simplifying, transforming, and accelerating enterprise information needs, on premises or in the cloud. We embrace all things digital and are committed to being the Best Place to Work for our Employees in over 140 locations around the world.
We obsess over our customers to ensure they are wildly successful in embracing the Digital World. Our customers entrust us with their most important information, we need to be their most trusted partner. What we do, we do well. What we create, we do purposefully to impact the world. If you believe in this and are passionate about enabling the Digital World, then let OpenText turn your career vision into reality.
**THE OPPORTUNITY**:
The Lead Security Analyst will understand a wide array of security processes and concepts and have a strong SOC background. They have excellent analysis, prioritization, and incident handling skills. The Lead Security Analyst will perform various duties including: SIEM and security tool monitoring, alarm triage, incident handling, log analysis. This is a hands-on role that will create, maintain, and follow detailed operational processes and procedures to appropriately analyze, escalate, and assist in remediation of information security incidents. You will also proactively search for, and handle, threats, and abnormal activities within the environment.
**YOU ARE GREAT AT**:
- Security monitoring, managing security cases & tickets, security incident analysis, and other security tasks.
- Analyzing a variety of security logs to identify actionable events (SIEM reports-alerts-tickets, system, network, security monitoring tools)
- Participating in the design, implementation, and administration of security tools to reduce risk
- Responding to incidents varying from endpoint to server systems
- Conducting security reviews, risk analysis, and controls reviews in adherence to security policy
- Researching security advisories, e.g., CERT, and delivering appropriate course of action
- Creating documentation to ensure all team members can perform required tasks
- Ability to analyze data sets, determine the gaps and create reports on the findings
- Creating and following guides and procedures to adhere to standards and policies
- Creating meaningful and detailed metrics based on security events or activities
- Collecting evidence and artifacts to meet compliance requirements (ISO, SOX, HIPAA, SOC, etc.)
**WHAT IT TAKES**:
- Familiarity with commonly used information security concepts, best practices, and standards
- Excellent communication skills, both written and spoken
- Experience with SIEM tools and operations (LogRhythm preferred)
- Good analytic, troubleshooting, and problem-solving skills
- Research skills for problems and to find information or documentation on related topics
- Experience with vulnerability scanning tools
- Experience with anti-virus and endpoint security solutions
- Experience with Linux and Windows operating systems
- Bachelor’s Degree in Information Systems or Systems Engineering or equivalent experience preferred
- 4+ years in Information systems support, security engineering, or risk and governance
- CISSP, CISA, other certifications preferred
Subject to applicable laws and regulations, OpenText’s global vaccination policy requires all employees to be fully vaccinated against COVID-19 to enter an OpenText office. Accommodations may be available for specific roles.
This advertiser has chosen not to accept applicants from your region.
Be The First To Know
About the latest Malware analysis Jobs in Philippines !
6
Information Security Analyst II
Manila, Metropolitan Manila
RELX INC
Posted 19 days ago
Job Viewed
Job Description
Job Scope:
To manage all RX security assessments and play a key part in ensuring RX's security compliance optimization. Monitor assessments while ensuring that Reed Exhibitions internal systems are compliant with RELX and industry standards. Proactively manage the third-party risk assessments, compliance evidence gathering of their IT services, infrastructure, applications and relevant services against their Security policies and related frameworks. Training and development will be provided in all areas of the role as required.
Key Responsibilities:
Security Assessment Management
+ Serve as an advanced technical advisor for third-party assessments, providing detailed security insights and solutions.
+ Perform in-depth security reviews and risk assessments for new and existing third-party vendors, ensuring compliance with organizational and regulatory requirements.
+ Demonstrate advanced knowledge in RELX security compliance policies and procedures.
+ Stay current with updates and developments in security standards such as OWASP Top 10, ISO27001, and SOC 2, and ensure their proper implementation across the organization.
+ Develop and deliver training and awareness on security policies and standards to business units.
+ Gain in-depth knowledge of the organization's major infrastructure security controls, ensuring they align with RELX Policies and Standards, industry best practices, and regulatory requirements.
+ Coordinate with technology/service owners and business owners to conduct annual security audits, vulnerability assessments, and penetration tests where applicable.
+ Work collaboratively within all business areas and key stakeholders to ensure the review and approach of all security governance, risk, and compliance scope is appropriate and proactive.
+ Ensure continuous monitoring and reporting of compliance and risk status against NIST2.0, RELX Framework, ISO27001, SOC2, PCI DSS, regional and global regulations, and all other relevant standards.
+ Support internal and external audits by providing detailed documentation and evidence of security controls and practices.
+ Perform RX Business Unit and Third-Party security audits according to the CISO office strategic plan and produce detailed documentation and evidence against security controls and practices tested.
+ Act as a point of escalation for security-related incidents, providing advanced security support and guidance to Level I Analysts and other team members.
+ Provide regular updates and at least monthly metric reports to senior management on security compliance and risk posture.
+ Escalation of high impact security issues to Security Compliance Manager.
Ideal candidate profile:
Technical Skills:
+ Bachelor's Degree holder.
+ Background in IT, compliance, and/or information security.
+ Ability to work across all levels of seniority within business teams to drive a working partnership.
+ Strong analytical and critical thinking skills.
+ Understanding of industry standards for IT security (e.g., ISO27001/2, SOC 2, PCI DSS).
+ Basic understanding of IT security applications (e.g., firewalls, intrusion detection, virus protection).
+ Understanding of IT security testing and vulnerability management, and Threat Modeling.
+ Understanding in Cloud Environment (e.g., AWS, Azure or GCP)
+ Understanding of Service Level Management.
+ Desired understanding of OneTrust portal or Similar.
+ With CompTIA Security+ or Similar or Higher.
Personal Skills:
+ Ability to work across all levels of seniority within the organization and suppliers to drive a working partnership.
+ Good communication skills at all levels, both oral and written.
+ Good interpersonal skills.
+ Ability to produce effective influence and persuasive arguments in support of security assessment process goals.
+ Highly driven and self-motivated individuals.
+ Skilled in project management and able to work independently in a fast-paced environment.
We are committed to providing a fair and accessible hiring process. If you have a disability or other need that requires accommodation or adjustment, please let us know by completing our Applicant Request Support Form or please contact 1- .
Criminals may pose as recruiters asking for money or personal information. We never request money or banking details from job applicants. Learn more about spotting and avoiding scams here .
Please read our Candidate Privacy Policy .
We are an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law.
USA Job Seekers:
EEO Know Your Rights .
RELX is a global provider of information-based analytics and decision tools for professional and business customers, enabling them to make better decisions, get better results and be more productive.
Our purpose is to benefit society by developing products that help researchers advance scientific knowledge; doctors and nurses improve the lives of patients; lawyers promote the rule of law and achieve justice and fair results for their clients; businesses and governments prevent fraud; consumers access financial services and get fair prices on insurance; and customers learn about markets and complete transactions.
Our purpose guides our actions beyond the products that we develop. It defines us as a company. Every day across RELX our employees are inspired to undertake initiatives that make unique contributions to society and the communities in which we operate.
To manage all RX security assessments and play a key part in ensuring RX's security compliance optimization. Monitor assessments while ensuring that Reed Exhibitions internal systems are compliant with RELX and industry standards. Proactively manage the third-party risk assessments, compliance evidence gathering of their IT services, infrastructure, applications and relevant services against their Security policies and related frameworks. Training and development will be provided in all areas of the role as required.
Key Responsibilities:
Security Assessment Management
+ Serve as an advanced technical advisor for third-party assessments, providing detailed security insights and solutions.
+ Perform in-depth security reviews and risk assessments for new and existing third-party vendors, ensuring compliance with organizational and regulatory requirements.
+ Demonstrate advanced knowledge in RELX security compliance policies and procedures.
+ Stay current with updates and developments in security standards such as OWASP Top 10, ISO27001, and SOC 2, and ensure their proper implementation across the organization.
+ Develop and deliver training and awareness on security policies and standards to business units.
+ Gain in-depth knowledge of the organization's major infrastructure security controls, ensuring they align with RELX Policies and Standards, industry best practices, and regulatory requirements.
+ Coordinate with technology/service owners and business owners to conduct annual security audits, vulnerability assessments, and penetration tests where applicable.
+ Work collaboratively within all business areas and key stakeholders to ensure the review and approach of all security governance, risk, and compliance scope is appropriate and proactive.
+ Ensure continuous monitoring and reporting of compliance and risk status against NIST2.0, RELX Framework, ISO27001, SOC2, PCI DSS, regional and global regulations, and all other relevant standards.
+ Support internal and external audits by providing detailed documentation and evidence of security controls and practices.
+ Perform RX Business Unit and Third-Party security audits according to the CISO office strategic plan and produce detailed documentation and evidence against security controls and practices tested.
+ Act as a point of escalation for security-related incidents, providing advanced security support and guidance to Level I Analysts and other team members.
+ Provide regular updates and at least monthly metric reports to senior management on security compliance and risk posture.
+ Escalation of high impact security issues to Security Compliance Manager.
Ideal candidate profile:
Technical Skills:
+ Bachelor's Degree holder.
+ Background in IT, compliance, and/or information security.
+ Ability to work across all levels of seniority within business teams to drive a working partnership.
+ Strong analytical and critical thinking skills.
+ Understanding of industry standards for IT security (e.g., ISO27001/2, SOC 2, PCI DSS).
+ Basic understanding of IT security applications (e.g., firewalls, intrusion detection, virus protection).
+ Understanding of IT security testing and vulnerability management, and Threat Modeling.
+ Understanding in Cloud Environment (e.g., AWS, Azure or GCP)
+ Understanding of Service Level Management.
+ Desired understanding of OneTrust portal or Similar.
+ With CompTIA Security+ or Similar or Higher.
Personal Skills:
+ Ability to work across all levels of seniority within the organization and suppliers to drive a working partnership.
+ Good communication skills at all levels, both oral and written.
+ Good interpersonal skills.
+ Ability to produce effective influence and persuasive arguments in support of security assessment process goals.
+ Highly driven and self-motivated individuals.
+ Skilled in project management and able to work independently in a fast-paced environment.
We are committed to providing a fair and accessible hiring process. If you have a disability or other need that requires accommodation or adjustment, please let us know by completing our Applicant Request Support Form or please contact 1- .
Criminals may pose as recruiters asking for money or personal information. We never request money or banking details from job applicants. Learn more about spotting and avoiding scams here .
Please read our Candidate Privacy Policy .
We are an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law.
USA Job Seekers:
EEO Know Your Rights .
RELX is a global provider of information-based analytics and decision tools for professional and business customers, enabling them to make better decisions, get better results and be more productive.
Our purpose is to benefit society by developing products that help researchers advance scientific knowledge; doctors and nurses improve the lives of patients; lawyers promote the rule of law and achieve justice and fair results for their clients; businesses and governments prevent fraud; consumers access financial services and get fair prices on insurance; and customers learn about markets and complete transactions.
Our purpose guides our actions beyond the products that we develop. It defines us as a company. Every day across RELX our employees are inspired to undertake initiatives that make unique contributions to society and the communities in which we operate.
This advertiser has chosen not to accept applicants from your region.
7
Security Analyst (Junior-mid)
Makati, National Capital Region
Highly Succeed
Posted today
Job Viewed
Job Description
Technical Skills
- Solid understanding of modern authentication protocols and a background in cybersecurity
- Deep understanding of cloud computing technologies
- Experience with Windows, Linux, iOS, Android
- Experience in network security: TCP/IP, DNS, proxies, firewall configuration, intrusion detection and prevention systems, IPSec and
TLS/SSL
- Experience with cryptography: symmetric and asymmetric cryptography, hashing
- Experience with tools for conducting port scans, network scans, fingerprinting, and vulnerability scans
- Experience with tools for conducting enumeration of target environment and configuration
- Experience with tools used for system hacking (e.g., password cracking), malware creation/deployment network traffic sniffers,
session hijacking, denial of service, and SQL injection
- Proven track record of conducting vulnerability assessments and delivering clear, actionable reports
- Problem-solving mentality, leveraging internal and/or external resources
- Exceptional written communication and strong verbal communication skills
- Awareness of current laws that may affect penetration testing and analysis, and in conducting a test that stays within the law
- Experience with non-technical attacks and social engineering
Schedule:
- 8 hour shift
Ability to commute/relocate:
- Makati City: Reliably commute or planning to relocate before starting work (required)
- Solid understanding of modern authentication protocols and a background in cybersecurity
- Deep understanding of cloud computing technologies
- Experience with Windows, Linux, iOS, Android
- Experience in network security: TCP/IP, DNS, proxies, firewall configuration, intrusion detection and prevention systems, IPSec and
TLS/SSL
- Experience with cryptography: symmetric and asymmetric cryptography, hashing
- Experience with tools for conducting port scans, network scans, fingerprinting, and vulnerability scans
- Experience with tools for conducting enumeration of target environment and configuration
- Experience with tools used for system hacking (e.g., password cracking), malware creation/deployment network traffic sniffers,
session hijacking, denial of service, and SQL injection
- Proven track record of conducting vulnerability assessments and delivering clear, actionable reports
- Problem-solving mentality, leveraging internal and/or external resources
- Exceptional written communication and strong verbal communication skills
- Awareness of current laws that may affect penetration testing and analysis, and in conducting a test that stays within the law
- Experience with non-technical attacks and social engineering
Schedule:
- 8 hour shift
Ability to commute/relocate:
- Makati City: Reliably commute or planning to relocate before starting work (required)
This advertiser has chosen not to accept applicants from your region.
8
Cyber Security Analyst 1 (Onsite)
Pampanga, Pampanga
Seidotech Solutions Corp.
Posted 22 days ago
Job Viewed
Job Description
About the role: As a Cyber Security Analyst – Tier 1 in the Security Operations Center (SOC), you will be the first responder for business-impacting cyber security incidents that arise in our customers' environments. Fast, effective, and courteous service is the lifeblood of our organization, and this position requires nothing less. Your technical acumen will be challenged daily. Quick thinkers who can make decisions on their feet will be successful in this job.
br>What You’ll Do: < r>- Monitor cyber security tools to identify, triage, and report security incidents to customers.
- Leverage available cyber security capabilities to contain security incidents to prevent the lateral spread of malware or lateral movement of attackers.
- Conduct cyber security investigations to identify and rule out false positive security incidents.
- Provide additional cyber security investigatory support to customers as needed.
- Work with a team of like-minded professionals to monitor customer ticket queues and triage tickets that need immediate attention. We service customers as small as 10 users, up to multi-national enterprises.
- Follow pre-defined playbooks and runbooks and collaborate with other technical resources, where appropriate.
- Monitor and process event tickets on a prioritized basis as to the customer impact and urgency of these events.
- Remain cognizant of customer service-level agreements, and strive to meet or exceed them on a regular basis.
- Participate in Incident Management by providing situational reports (sitreps) via ticket updates and/or customer-facing communications.
- Provide first level technical resolution for cyber security incidents.
- Collaborate with our Network Operations Center (NOC) as needed, to document incidents, maintenance, and problems.
- Utilize various systems management tools to monitor availability, reliability, and performance of customer environments.
- Demonstrate problem solving skills that contribute towards the resolution of any issues that arise.
- Quickly assess an issue and form an understanding of the likely root cause in unfamiliar technical environments and technologies.
- Investigate, resolve, and/or escalate matters of significance pertaining to customer alerts and events.
- Document solutions, processes, procedures and present them in writing, verbally on the phone or in-person.
- Commit to professional growth and development by maintaining and/or obtaining new industry specific certifications.
What Skills & Experience You’ll Need: < r>- Experience with monitoring and using a SIEM
Azure Sentinel preferred (Splunk, Elastic, QRadar are nice to have)
- Experience supporting and administering the following is highly desired:
> Crowdstrike (or a similar nextgen endpoint solution)
> Azure or AWS cloud environments, including compute, storage, networking basics, and backups.
> Microsoft O365
> Windows Server OS: Windows 2012 through Windows 2019, including ADDS, DNS, DHCP, DFS, file/print services, PowerShell basics.
- Networking Basics (CompTIA Network+ equivalent).
- At least one of the following industry certifications highly desired: Security+, Network+, CEH, GCIH.
- A curious disposition.
- Strong documentation, reporting, analytical and problem-solving skills.
- The ability to effectively engage in customer-facing communications.
Preferred Qualifications:
- Experience with any of the following tools: Kaseya VSA, Auvik.
- Experience working in IT enterprises that use industry frameworks such as ITIL, COBIT, or MOF.
br>What You’ll Do: < r>- Monitor cyber security tools to identify, triage, and report security incidents to customers.
- Leverage available cyber security capabilities to contain security incidents to prevent the lateral spread of malware or lateral movement of attackers.
- Conduct cyber security investigations to identify and rule out false positive security incidents.
- Provide additional cyber security investigatory support to customers as needed.
- Work with a team of like-minded professionals to monitor customer ticket queues and triage tickets that need immediate attention. We service customers as small as 10 users, up to multi-national enterprises.
- Follow pre-defined playbooks and runbooks and collaborate with other technical resources, where appropriate.
- Monitor and process event tickets on a prioritized basis as to the customer impact and urgency of these events.
- Remain cognizant of customer service-level agreements, and strive to meet or exceed them on a regular basis.
- Participate in Incident Management by providing situational reports (sitreps) via ticket updates and/or customer-facing communications.
- Provide first level technical resolution for cyber security incidents.
- Collaborate with our Network Operations Center (NOC) as needed, to document incidents, maintenance, and problems.
- Utilize various systems management tools to monitor availability, reliability, and performance of customer environments.
- Demonstrate problem solving skills that contribute towards the resolution of any issues that arise.
- Quickly assess an issue and form an understanding of the likely root cause in unfamiliar technical environments and technologies.
- Investigate, resolve, and/or escalate matters of significance pertaining to customer alerts and events.
- Document solutions, processes, procedures and present them in writing, verbally on the phone or in-person.
- Commit to professional growth and development by maintaining and/or obtaining new industry specific certifications.
What Skills & Experience You’ll Need: < r>- Experience with monitoring and using a SIEM
Azure Sentinel preferred (Splunk, Elastic, QRadar are nice to have)
- Experience supporting and administering the following is highly desired:
> Crowdstrike (or a similar nextgen endpoint solution)
> Azure or AWS cloud environments, including compute, storage, networking basics, and backups.
> Microsoft O365
> Windows Server OS: Windows 2012 through Windows 2019, including ADDS, DNS, DHCP, DFS, file/print services, PowerShell basics.
- Networking Basics (CompTIA Network+ equivalent).
- At least one of the following industry certifications highly desired: Security+, Network+, CEH, GCIH.
- A curious disposition.
- Strong documentation, reporting, analytical and problem-solving skills.
- The ability to effectively engage in customer-facing communications.
Preferred Qualifications:
- Experience with any of the following tools: Kaseya VSA, Auvik.
- Experience working in IT enterprises that use industry frameworks such as ITIL, COBIT, or MOF.
This advertiser has chosen not to accept applicants from your region.
9