Cyber Defence - Global SOC Level 1 Analyst

Taguig, National Capital, Philippines

WTW

Bei WTW bieten wir datengesteuerte, evidenzbasierte Lösungen in den Bereichen Mitarbeiter, Risiko und Kapital an.

View all jobs at WTW

Apply now Apply later

  • Safely acquire and preserve the integrity of cyber security data required for incident analysis to help determine whether further 
    investigation is required.
     
  • Level 1 Analyst will be responsible in confirming that the incident is in fact a true positive requiring an investigation and potentially remediation or mitigation then escalate incidents according to the defined process.
     
  • Triage alerts, security incidents and seeking out potential security issues through log analysis, and use of tools such as SIEM
    UEBA, EDR, etc.
     
  • Ensure timely response to any cyber incident to minimize risk exposure and production down time, including interacting with different technical teams and business areas where needed.
     
  • Determine the type of support required, coordinate with the respective team or POC.
     
  • Attend handover calls to support L2 in communicating handover to next shift.
     
  • Recommend alert for tuning to minimize false positives.
     
  • Recommend or assist L2s/L3s with creation or update of KBs, processes and runbooks

What you will need:

  • You will be working as part of a 24/7 SOC across different locations and therefore you must be a true team player, with the 
    ability and desire to engage with different internal stakeholders and colleagues to deliver the very highest standards of service 
    and support.
     
  • 2 - 3 Years’ Experience working as part of a mature cyber defence centre or security operations centre.
     
  • To be effective, you need to have great troubleshooting skills, the ability to research problems and the ability to effectively 
    communicate during stressful times, while keeping a cool, calm, and friendly approach when dealing with stakeholders and 
    colleagues.
     
  • Solid time management skills and be dependable.
     
  • Hands on experience of using a SIEM, UEBA, and EDR as a Level 1 security analyst.
     
  • Leading Investigations and comfortable talking to stakeholders and colleagues on both a technical and non-technical level.
     
  • Great verbal and written communication skills, and the ability to write reports in a structured methodology.
     
  • BSc/MSc in a security field or equivalent experience working within a security related function.
     
  • To be inquisitive, with a strong sense of personal responsibility for learning and self-development.
     
  • Being able to identify common attack techniques within the context of specific technologies.
     
  • Working knowledge of networking protocols/technologies (e.g. TCP, IP, HTTP/HTTPS).
     
  • Working knowledge of Unix, Linux, and Windows operating systems

 

Beneficial:

  • Any relevant security certifications (CompTIA Security+, GIAC GSEC (SANS 408), CEH, or industry recognized equivalent).
     
  • Any relevant network certifications (Network +, CCNA, etc.).
     
  • Knowledge of other key IT fields (such as Web Applications, databases, Active Directory, network security systems such as web proxies, firewalls & data loss protection).
     
  • Exposure to attack and penetration methods and tools.
     
  • Working knowledge of scripts, tools, or methodologies to enhance our incident investigation and processes (such as Python, PowerShell, etc.).

 

WTW is an Equal Opportunity Employer

Apply now Apply later
  • Share this job via
  • 𝕏
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  0  0  0
Category: Analyst Jobs

Tags: Active Directory CEH CompTIA EDR Firewalls GIAC GSEC Linux Log analysis Network security PowerShell Python SANS SIEM SOC UNIX Windows

Region: Asia/Pacific
Country: Philippines

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.