Cyber SOC Incident Response Analyst
2 weeks ago
Cyber SOC Incident Response Analyst
With growing number of Security Incidents and in order to improve Incident Response process, the Security Operations Center needs to assign a Tier 1 Cyber SOC Incident Response Analyst who will be able to quickly identify the true cause of a cyber incident, determine the span of a compromise and provide practical advice to fix and prevent the threats and if required, to assist with recovering critical data and services.
Within its main functions, the Cyber SOC Incident Response Analyst will:
Act as first line of defense handling low and medium security incidents.Escalate to the Tier 2 and Tier 3 Cyber Incident Response Managers high severity incidents, providing information about first analysis and contribute to the resolution.Follow IR security standards and playbooks, properly document IR actions and coordinate IR tasks with other functions within SOC and rest of the organization.
Responsibilities:
Cyber Incident ResponseRespond to low and medium Security Incidents, mainly but not exclusively to Phishing, Malware and Web Attacks related Security Incidents.Assess, triage, categorize and prioritize Security Incidents and escalate to higher tiers when severity is elevated.Derive immediate mitigation measures for containment, eradication, and recovery of Security Incident in line with JTI internal SLAs and track progress.Coordinate Incident Response task forces with different IT functions and end users according to established playbooks.Estimate the scope of impacted asset, ensure that remediation is properly address to all scope identified during the Analysis stage.Collect forensics malicious payloads, forensics artifacts and IOCs according to JTI SOPs and for further analysis by JTI SOC personnel.Concisely summarize the analysis and actions carried out during the Incident Response handling in the Review phase and provide lessons learn recommendations if any.Provide basic malware analysis using sandboxing solutions.SupportSupport Security Incident Managers during relevant security incidents by following their ad-hoc instructions during the incident handling. DocumentationContribution to the creation, maintenance and improvement of Security Incident playbooks and SOPs in scope of Incident Response daily activities.To provide support on reporting activitiesKnowledge management:Monitor Security Industry trends on new threats and share knowledge with rest of the team.
Requirements:
1 year of experience in Information Security or 2 years of experience in system or network administration.1 year working within a SOC team is a plus.Knowledge of information security principles and best practices.Familiarity with tools and techniques used in incident detection and response.Experience with Microsoft security products is a plus. E.g. Microsoft Defender for Endpoint.University degree in Computer Sciences, Information Systems, or related field or relevant experienceFluent English - written and spokenReading/Speaking Japanese language would be usefulAnalytical/problem solving abilityUnderstanding of fundamentals of OS and NetworkingGood understanding EDR/XDR solutions, SIEM platforms and Ticketing systemsKnowledge of security santandar (e.g. NIST 800-61) and MITRE ATT&CK frameworkAbility to work under constantly changing conditions and tight deadlinesCommunications skills and capable of focusing on the important and the details.Scripting abilities are a plus (Powershell or Python desirable)
-
Cyber SOC Incident Response Analyst
2 weeks ago
Manila, National Capital Region, Philippines JT International (Philippines), Inc. Full timeCyber SOC Incident Response Analyst With growing number of Security Incidents and in order to improve Incident Response process, the Security Operations Center needs to assign a Tier 1 Cyber SOC Incident Response Analyst who will be able to quickly identify the true cause of a cyber incident, determine the span of a compromise and provide practical advice to...
-
Cyber SOC Technology Manager
4 weeks ago
Metro Manila, Philippines JT International (Philippines), Inc. Full timeCyber SOC Technology Manager What is this role about?Security Operations Center has a defensive role in Information Security, and it is a critical component of organization that needs to be protected, remains resilient and available during the event of Major Security Incident.To function, operate and deliver efficiently, SOC uses multiple internal...
-
Cyber SOC Technology Manager
4 weeks ago
Manila, National Capital Region, Philippines JT International (Philippines), Inc. Full timeCyber SOC Technology Manager What is this role about?Security Operations Center has a defensive role in Information Security, and it is a critical component of organization that needs to be protected, remains resilient and available during the event of Major Security Incident.To function, operate and deliver efficiently, SOC uses multiple internal supporting...
-
Senior Cyber
1 month ago
Metro Manila, Philippines Anthesis (Philippines) Inc. Full timeKey Responsibilities Analyze security events raised by our tooling and take adequate steps together with cross-functional departments to mitigate them.Managing incident, change and give support on flexible solutions, perform root-cause analysis and document the resolutions of identified issues.Provide guidance in the best practices in terms firewalls, code...
-
Senior Cyber
4 weeks ago
Manila, National Capital Region, Philippines Anthesis (Philippines) Inc. Full timeKey Responsibilities Analyze security events raised by our tooling and take adequate steps together with cross-functional departments to mitigate them.Managing incident, change and give support on flexible solutions, perform root-cause analysis and document the resolutions of identified issues.Provide guidance in the best practices in terms firewalls, code...
-
Cyber Incident Response Specialist
4 weeks ago
Manila, Philippines Neksjob Full timeWe are actively recruiting a highly skilled and experienced Cyber Incident Response Specialist to join our dedicated team. Job Description/ Responsibilities -Analyze potential network security incidents to identify security breaches. -Investigate security breaches and make qualified decisions and recommendations for corrective action. -Participate in...
-
Cyber Incident Response Specialist
4 weeks ago
Manila, Philippines Neksjob Full timeWe are actively recruiting a highly skilled and experienced Cyber Incident Response Specialist to join our dedicated team.Job Description/ Responsibilities -Analyze potential network security incidents to identify security breaches.-Investigate security breaches and make qualified decisions and recommendations for corrective action.-Participate in threat...
-
Cyber Incident Response Specialist
4 weeks ago
Manila, Philippines Neksjob Full timeWe are actively recruiting a highly skilled and experienced Cyber Incident Response Specialist to join our dedicated team. Job Description/ Responsibilities -Analyze potential network security incidents to identify security breaches. -Investigate security breaches and make qualified decisions and recommendations for corrective action. -Participate in threat...
-
Senior Security Operations Analyst
1 month ago
Metro Manila, Philippines THOMSON REUTERS CORP PTE LTD - PHILIPPINE BRANCH Full timeSenior Security Operations Analyst, The Information Security and Risk ManagementThe Information Security and Risk Management (ISRM) organization is seeking a Senior Security Operations Analyst to join our growing Security Operations team. The candidate will join a team responsible for managing cyber security alerts, events, and incidents as well as...
-
Cyber SOC Vulnerability Manager
3 months ago
Manila, Philippines JT International S.A. Full timeAt JTI we celebrate differences, and everyone truly belongs. 46,000 people from all over the world are continuously building their unique success story with us. 83% of employees feel happy working at JTI. To make a difference with us, all you need to do is bring your human best. What will your story be? Apply now! Learn...
-
Cyber SOC Vulnerability Manager
3 months ago
Manila, National Capital Region, Philippines JT International S.A. Full timeAt JTI we celebrate differences, and everyone truly belongs. 46,000 people from all over the world are continuously building their unique success story with us. 83% of employees feel happy working at JTI. To make a difference with us, all you need to do is bring your human best. What will your story be? Apply now Learn more: Reporting to: Cyber SOC...
-
Senior Security Operations Analyst
4 weeks ago
Manila, National Capital Region, Philippines THOMSON REUTERS CORP PTE LTD - PHILIPPINE BRANCH Full timeSenior Security Operations Analyst, The Information Security and Risk ManagementThe Information Security and Risk Management (ISRM) organization is seeking a Senior Security Operations Analyst to join our growing Security Operations team. The candidate will join a team responsible for managing cyber security alerts, events, and incidents as well as...
-
Incident Response Analyst
2 weeks ago
Metro Manila, Philippines ePLDT, Inc. Full timeJob Description: Triage and assess security events to determine if an information security incident has occurred.Execute documented processes within all activities of the playbook and security incident response lifecycle.Collect, preserve and process volatile information and evidences needed to conduct highly-confidential forensic investigations....
-
Manila, Philippines Neksjob Full timeResponsibilities: - Perform incident response to cybersecurity incidents, including but not limited to APT & Nation State attacks, Ransomware infections and Malware outbreaks, Insider Threats, BEC, DDOS, Security and Data breach, etc. - Conduct in-depth investigations of cybersecurity incidents, identifying the root cause, the extent of the impact, and...
-
Manila, Philippines Neksjob Full timeResponsibilities: - Perform incident response to cybersecurity incidents, including but not limited to APT & Nation State attacks, Ransomware infections and Malware outbreaks, Insider Threats, BEC, DDOS, Security and Data breach, etc. - Conduct in-depth investigations of cybersecurity incidents, identifying the root cause, the extent of the impact, and...
-
Incident Response Analyst
2 weeks ago
Manila, National Capital Region, Philippines ePLDT, Inc. Full timeJob Description: Triage and assess security events to determine if an information security incident has occurred.Execute documented processes within all activities of the playbook and security incident response lifecycle.Collect, preserve and process volatile information and evidences needed to conduct highly-confidential forensic investigations....
-
Cybersecurity (SOC)
1 month ago
Metro Manila, Philippines Robinsons Retail Holdings, Inc. Full timeJob Description:Monitor security alerts and events from various sources (e.g., SIEM, IDS/IPS, firewalls).Analyze and investigate security incidents to determine their impact and severity.Respond to security incidents, including containment, eradication, and recovery.Conduct root cause analysis and provide recommendations for remediation.Maintain and update...
-
Incident Response Specialist
2 months ago
Metro Manila, Philippines ePLDT, Inc. Full timeJob Description:Security Alert TriageContinuously monitoring security alerts generated by various security tools via SecOps and messaging apps (firewalls, intrusion detection systems, etc.)Analyzing alerts to determine their severity, legitimacy (potential false positives), and potential organizational impact.Prioritizing alerts based on a predefined risk...
-
Cybersecurity (SOC)
1 month ago
Manila, National Capital Region, Philippines Robinsons Retail Holdings, Inc. Full timeJob Description:Monitor security alerts and events from various sources (e.g., SIEM, IDS/IPS, firewalls).Analyze and investigate security incidents to determine their impact and severity.Respond to security incidents, including containment, eradication, and recovery.Conduct root cause analysis and provide recommendations for remediation.Maintain and update...
-
Cyber Security Engineer
2 months ago
Manila, National Capital Region, Philippines QBE GROUP SHARED SERVICES LIMITED - PHILIPPINE BRANCH Full time3+ years relevant security and/or infrastructure engineering experience managing and supporting core IT technology platforms. In-depth knowledge of security and core infrastructure technologies such as Antivirus, Encryption, Windows and Linux Operating Systems, Firewalls, Email Security Gateways, Internet Proxy technologies, and Privileged Access...