SOC Analyst

5 days ago Be among the first 25 applicants About Us Thrive is an innovative technology solutions provider focused on Cyber Security, Hybrid Cloud, Global Network Management, Disaster Recovery and traditional Managed Services. Our corporate culture, engineering talent, customer‑centric approach, and focus on NextGen services help us stand out among our peers. Thrive seeks individuals who view their weekdays as opportunities to develop valuable skills that ignite their passion and lead to a career, rather than merely a job. If you are attracted to a work‑hard, play‑hard environment and desire guidance, training and experience to build a lucrative career, welcome to THRIVE Position Overview With a growing client base, Thrive is continuing to build out its security team. We are looking to hire a SOC Analyst 1 to take a role within our Security Operations Center, assisting with the continuous monitoring and improvement of our customers' security posture while preventing, detecting, analyzing, and responding to cybersecurity incidents utilizing technology and well‑defined processes and procedures. The ideal candidate will have a passion for information security and will value what a properly managed security monitoring solution can bring to our client needs. Primary Responsibilities Perform security event monitoring using Security Information and Event Management (SIEM) from multiple sources, including but not limited to events from network and host‑based intrusion detection/prevention systems, network infrastructure logs, systems logs, applications, and databases. Investigate intrusion attempts, differentiate false positives from true intrusion attempts, and perform analysis of exploits. Proactively monitor and respond to known and/or emerging threats. Carry out Thrive’s information security strategy both internally and externally for 400+ clients in the northeast. Analyze data from our SOC and SIEM and determine if further analysis is needed. Work within Thrive’s security standards and best practices and recommend future enhancements. Manage our clients’ security awareness training to help their end users be as safe as possible. Analyze vulnerability scans and determine remediation steps. Stay abreast of security events and techniques to keep our clients protected. Build awareness through training and education. Qualifications Knowledge of the following systems and technologies: SIEM (Security Information and Event Management) TCP/IP, computer networking, routing, and switching IDS/IPS, penetration and vulnerability testing Firewall and intrusion detection/prevention protocols Windows, UNIX, and Linux operating systems Network protocols and packet analysis tools EDR, Anti‑virus, and anti‑malware Content filtering Email and web gateway Understanding of cybersecurity threats, and experience with incident response standards and procedures. Demonstrates comprehension of good security practices. Professional experience in a system administration role supporting multiple platforms and applications. Ability to communicate network security issues to peers and management. Ability to analyze a large amount of data from various sources and use this information to solve complex problems and make good decisions. Must work effectively in a team environment and collaborate with stakeholders. Computer Networking & Security skills. Vulnerability Discovery and Analysis experience. Operating System Internals knowledge. Familiarity with TCP/IP network protocols, application layer protocols (e.g., HTTP, SMTP, DNS, etc.). Excellent written and verbal communication skills. Knowledge of common Windows and Linux/Unix system calls and APIs. Understanding of anti‑virus concepts. Knowledge of programming languages. Knowledge of internal file structures for file formats commonly associated with malware (e.g., OLE, RTF, PDF, EXE, etc.). NOTE: Only candidates located in the Philippines and willing to work out of the Clark office should apply. Job location: Clark Freeport and Special Economic Zone, Central Luzon, Philippines #J-18808-Ljbffr