Data Security Analyst II
Taguig City, Philippines
Alorica
<div><p style="text-align: center"><i></i><i style="background-color: rgba(0, 0, 0, 0); color: inherit; font-family: inherit; font-size: inherit; text-transform: inherit; word-spacing: normal; caret-color: auto; white-space: inherit">This...The Threat & Vulnerability Management Team (TVM) are within the SOC function managing vulnerabilities. The Security Operations Center (SOC) are responsible for protect, detect, response, and remediation of all security alerts.
The L2 specialist will report to the TVM Team Shift Manager for all daily tasks and provide reports each week.
Responsibilities:
- Continuously monitor Qualys Console/Pods and for health status and confirm console availability.
- Perform vulnerability scans on endpoints, workstations, network assets (internal and external).
- Perform risk analysis on all vulnerabilities and confirm the requirement for action.
- Create tickets for remediation teams and escalate where & when appropriate.
- Collate Threat Intel, log events & artifacts to update the specific ticket for each alert investigation.
- Provide clear summary and handover when/if necessary, on all escalations to Team Lead or SOC Manager.
- Provide clear investigative reports when requested for analysis of specific vulnerabilities.
- Identify trends in and risks across the enterprise.
- Refer to TVM playbooks & InfoSec procedures, standards, and policies to understand the business requirements.
- Monitor the mailbox and message platforms for internal and external escalations from stakeholders.
- Manage tickets until remediation, using the escalation path to handoff where applicable to meet the SLA.
Desired Skills:
- Knowledge and/or experience with security vulnerability assessment tools: Qualys, Tenable Nessus etc.
- Network & Server technologies, OSI stack, network protocols, WAS, DAST & SAST, SDK.
- Minimum of 2 years of experience in Risk & Vulnerability Analysis
- Prior experience of working within an enterprise, understanding IR processes, Malware analysis is a bonus.
- Prior experience in SIEM technologies & security tools: QRadar, FireEye, Sentinel One, Microsoft Defender, etc.
- Ability to follow procedures and guidelines, seek clarity whenever unsure of the exact objective or requirement.
- Ability to prioritize tasks when unsupervised, ability to identify the highest risk when monitoring alerts.
- Triage of phishing emails, identifying risks, and communicating them effectively.
- Professional and technical oral and written communication.
- Collaborative team player, focused on one team, one goal.
- Should be able to cover EST business hours, Monday to Friday
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: DAST Malware Monitoring Nessus QRadar Qualys Risk analysis SAST Sentinel SIEM SOC Vulnerabilities Vulnerability management Vulnerability scans
Perks/benefits: Team events
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.