Incident Response Specialist

Be #InGoodHands with Metrobank!

Here at Metrobank, we don't simply hire employees—we hone future leaders. We provide opportunities that enhance your skills and unlock your talents, helping you evolve into a well-rounded individual. We supply you with all the pieces you need to do your best work, unleashing your full potential to help you secure your future and lead a fulfilling career. And with Metrobank's strong heart for the community, you have the chance to give back and make worthwhile contributions to our nation's economic and social development. With Metrobank, a meaningful life is within your reach!

Position Title: Incident Response Specialist

Role:

• Handles higher-priority and escalated security incidents and do a more in-depth investigation.

• Design and implement strategies to resolve and recover from an incident.

• Collaborate with the rest of CTMD teams to improve the overall security posture of the bank.

Responsibilities:

• Performs in-depth investigation, forensics, root cause, and post-mortem analysis.

• Act as a point of escalation for threat analysts in support of cyber security investigations

• Performs deep dive incident analysis, determine if critical data are impacted, scope, and risks of the security incident.

• Perform containment and eradication of threats and ensure that the issue is remediated as quickly as possible.

• Determines the extent of a compromise; attributes of any malware and determination of possible data infiltrated.

• Direct and communicate remediation and recovery efforts to asset custodians.

• Provide analysis on network traffic, malware, and threat patterns.

• Provide guidance and oversight on incident resolution, containment techniques, remediation and recovery efforts.

• Leverages emerging threat intelligence to identify impacted systems and the scope of the attack.

• Document incidents from initial detection through final resolution.

• Develop and establish the incident response procedures (playbooks).

• Execute and document incident response playbook testing, simulation, and drill.

• Perform malware analysis using comparative analysis and community knowledge.

• Provides support to the Threat Hunting team and SOC Tool Specialist for new analytic methods of detecting threats.

• Work with remediation (IT Infra & Ops) teams on events and incident mitigation

• Review and understand collected metrics from monitoring systems and be aware of patterns and anomalies.

• Participate in evaluating, recommending, implementing, and troubleshooting security tools.

• Provide input to constantly improve SOC security processes, policies, procedures.

• Staying up-to-date with emerging security threats and vulnerabilities including applicable regulatory security requirements.

• Work with Incident Response Lead and SOC Manager to better security operations and address identified deficiencies.

• Other ad-hoc tasks that may be assigned by the CTMD Head.

Other Details:

Rank: Junior Officer

Location: Pasay