Cyber Defence - Global SOC Level 1 Analyst
Taguig, National Capital, Philippines
WTW
Bei WTW bieten wir datengesteuerte, evidenzbasierte Lösungen in den Bereichen Mitarbeiter, Risiko und Kapital an.- Safely acquire and preserve the integrity of cyber security data required for incident analysis to help determine whether further investigation is required.
- Level 1 Analyst will be responsible in confirming that the incident is in fact a true positive requiring an investigation and potentially remediation or mitigation then escalate incidents according to the defined process.
- Triage alerts, security incidents and seeking out potential security issues through log analysis, and use of tools such as SIEM, UEBA, EDR, etc.
- Ensure timely response to any cyber incident to minimize risk exposure and production down time, including interacting with different technical teams and business areas where needed.
- Determine the type of support required, coordinate with the respective team or POC.
- Attend handover calls to support L2 in communicating handover to next shift.
- Recommend alert for tuning to minimize false positives.
- Recommend or assist L2s/L3s with creation or update of KBs, processes and runbooks
What you will need:
- You will be working as part of a 24/7 SOC across different locations and therefore you must be a true team player, with the ability and desire to engage with different internal stakeholders and colleagues to deliver the very highest standards of service and support.
- 2 - 3 Years’ Experience working as part of a mature cyber defence centre or security operations centre.
- To be effective, you need to have great troubleshooting skills, the ability to research problems and the ability to effectively communicate during stressful times, while keeping a cool, calm, and friendly approach when dealing with stakeholders and colleagues.
- Solid time management skills and be dependable.
- Hands on experience of using a SIEM, UEBA, and EDR as a Level 1 security analyst.
- Leading Investigations and comfortable talking to stakeholders and colleagues on both a technical and non-technical level.
- Great verbal and written communication skills, and the ability to write reports in a structured methodology.
- BSc/MSc in a security field or equivalent experience working within a security related function.
- To be inquisitive, with a strong sense of personal responsibility for learning and self-development.
- Being able to identify common attack techniques within the context of specific technologies.
- Working knowledge of networking protocols/technologies (e.g. TCP, IP, HTTP/HTTPS)
- Working knowledge of Unix, Linux, and Windows operating systems.
Beneficial:
- Any relevant security certifications (CompTIA Security+, GIAC GSEC (SANS 408), CEH, or industry recognized equivalent).
- Any relevant network certifications (Network +, CCNA, etc.).
- Knowledge of other key IT fields (such as Web Applications, databases, Active Directory, network security systems such as web proxies, firewalls & data loss protection).
- Exposure to attack and penetration methods and tools.
- Working knowledge of scripts, tools, or methodologies to enhance our incident investigation and processes (such as Python, PowerShell, etc.).
Equal Employment Opportunity
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
3
1
0
Category:
Analyst Jobs
Tags: Active Directory CEH CompTIA EDR Firewalls GIAC GSEC Linux Log analysis Network security PowerShell Python SANS SIEM SOC UNIX Windows
Region:
Asia/Pacific
Country:
Philippines
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Security Operations Engineer jobsPenetration Tester jobsSenior Cybersecurity Engineer jobsSenior Cyber Security Engineer jobsInformation Security Officer jobsInformation Systems Security Officer jobsPrincipal Security Engineer jobsCloud Security Architect jobsSenior Network Security Engineer jobsInformation System Security Officer jobsChief Information Security Officer jobsSenior Penetration Tester jobsStaff Security Engineer jobsSecurity Specialist jobsSecurity Consultant jobsCyber Security Specialist jobsIT Security Engineer jobsSenior Information Security Analyst jobsCyber Security Architect jobsSecurity Operations Analyst jobsSenior Product Security Engineer jobsCybersecurity Consultant jobsSenior Information Security Engineer jobsInformation System Security Officer (ISSO) jobsThreat Intelligence Analyst jobs
SaaS jobsSDLC jobsMalware jobsEncryption jobsRMF jobsForensics jobsSQL jobsGDPR jobsIPS jobsSplunk jobsIDS jobsTop Secret jobsEDR jobsDoDD 8570 jobsTerraform jobsFinance jobsBash jobsITIL jobsOWASP jobsCRISC jobsUNIX jobsGIAC jobsCompTIA jobsIntrusion detection jobsDocker jobs
TCP/IP jobsBanking jobsThreat detection jobsSANS jobsActive Directory jobsData Analytics jobsPolygraph jobsCCSP jobsOSCP jobsClearance Required jobsVPN jobsCyber defense jobsIT infrastructure jobsAnsible jobsSOC 2 jobsJavaScript jobsDNS jobsSOX jobsSOAR jobsJira jobsGCIH jobsSecurity strategy jobsNIST 800-53 jobsOracle jobsCryptography jobs