Cyber Defence - Global SOC Level 1 Analyst
Taguig, National Capital, Philippines
WTW
Bei WTW bieten wir datengesteuerte, evidenzbasierte Lösungen in den Bereichen Mitarbeiter, Risiko und Kapital an.- Safely acquire and preserve the integrity of cyber security data required for incident analysis to help determine whether further
investigation is required.
- Level 1 Analyst will be responsible in confirming that the incident is in fact a true positive requiring an investigation and potentially remediation or mitigation then escalate incidents according to the defined process.
- Triage alerts, security incidents and seeking out potential security issues through log analysis, and use of tools such as SIEM,
UEBA, EDR, etc.
- Ensure timely response to any cyber incident to minimize risk exposure and production down time, including interacting with different technical teams and business areas where needed.
- Determine the type of support required, coordinate with the respective team or POC.
- Attend handover calls to support L2 in communicating handover to next shift.
- Recommend alert for tuning to minimize false positives.
- Recommend or assist L2s/L3s with creation or update of KBs, processes and runbooks
What you will need:
- You will be working as part of a 24/7 SOC across different locations and therefore you must be a true team player, with the
ability and desire to engage with different internal stakeholders and colleagues to deliver the very highest standards of service
and support.
- 2 - 3 Years’ Experience working as part of a mature cyber defence centre or security operations centre.
- To be effective, you need to have great troubleshooting skills, the ability to research problems and the ability to effectively
communicate during stressful times, while keeping a cool, calm, and friendly approach when dealing with stakeholders and
colleagues.
- Solid time management skills and be dependable.
- Hands on experience of using a SIEM, UEBA, and EDR as a Level 1 security analyst.
- Leading Investigations and comfortable talking to stakeholders and colleagues on both a technical and non-technical level.
- Great verbal and written communication skills, and the ability to write reports in a structured methodology.
- BSc/MSc in a security field or equivalent experience working within a security related function.
- To be inquisitive, with a strong sense of personal responsibility for learning and self-development.
- Being able to identify common attack techniques within the context of specific technologies.
- Working knowledge of networking protocols/technologies (e.g. TCP, IP, HTTP/HTTPS).
- Working knowledge of Unix, Linux, and Windows operating systems
Beneficial:
- Any relevant security certifications (CompTIA Security+, GIAC GSEC (SANS 408), CEH, or industry recognized equivalent).
- Any relevant network certifications (Network +, CCNA, etc.).
- Knowledge of other key IT fields (such as Web Applications, databases, Active Directory, network security systems such as web proxies, firewalls & data loss protection).
- Exposure to attack and penetration methods and tools.
- Working knowledge of scripts, tools, or methodologies to enhance our incident investigation and processes (such as Python, PowerShell, etc.).
WTW is an Equal Opportunity Employer
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
0
0
0
Category:
Analyst Jobs
Tags: Active Directory CEH CompTIA EDR Firewalls GIAC GSEC Linux Log analysis Network security PowerShell Python SANS SIEM SOC UNIX Windows
Region:
Asia/Pacific
Country:
Philippines
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Penetration Tester jobsInformation Security Specialist jobsInformation Security Officer jobsInformation Systems Security Officer jobsInformation System Security Officer jobsSenior Cyber Security Engineer jobsSenior Cybersecurity Engineer jobsSenior Network Security Engineer jobsSecurity Consultant jobsPrincipal Security Engineer jobsSenior Penetration Tester jobsIT Security Engineer jobsCloud Security Architect jobsChief Information Security Officer jobsCyber Security Specialist jobsSenior Information Security Analyst jobsSecurity Specialist jobsStaff Security Engineer jobsCyber Security Architect jobsInformation System Security Officer (ISSO) jobsThreat Intelligence Analyst jobsCybersecurity Consultant jobsSecurity Operations Analyst jobsIT Security Analyst jobsSenior Product Security Engineer jobs
CI/CD jobsSDLC jobsRMF jobsEncryption jobsMalware jobsIDS jobsEDR jobsIPS jobsGDPR jobsSQL jobsSplunk jobsForensics jobsDoDD 8570 jobsBash jobsTop Secret jobsITIL jobsFinance jobsOWASP jobsUNIX jobsIntrusion detection jobsTerraform jobsCompTIA jobsCRISC jobsDocker jobsTCP/IP jobs
Active Directory jobsSANS jobsPolygraph jobsGIAC jobsThreat detection jobsClearance Required jobsData Analytics jobsBanking jobsCCSP jobsVPN jobsOSCP jobsSOAR jobsAnsible jobsGCIH jobsJavaScript jobsSOX jobsDNS jobsJira jobsArtificial Intelligence jobsHIPAA jobsOracle jobsSOC 2 jobsIT infrastructure jobsSecurity strategy jobsMITRE ATT&CK jobs