Incident Response Analyst

14 hours ago


Quezon City, Philippines HRTX Full time

  • Provide Tier 2 incident response services to the global organization on behalf of the Information Security Team
  • Receive, process, and resolve tickets per defined SLA's
  • Analyze information garnered from monitoring systems, operational incidents, and other sources to determine the scope and impact of potential security incidents, and process accordingly
  • Critically assess current practices and provide feedback to management on improvement opportunities
  • Assist with the design and implementation of threat detection and prevention solutions identified as necessary for the protection of Firm assets
  • Effectively utilize common IR toolsets, platforms, and processes, such as SIEM, log management, packet capture, and breach detection systems
  • Assist with forensic examinations and chain-of-custody procedures as directed by the Security Incident Response Engineers
  • Provide input into standards and procedures
  • Report compliance failures to management for immediate remediation
  • Maintain assigned systems to ensure availability, reliability, and integrity, including the oversight of current and projected capacity, performance, and licensing
  • Provide status reports and relevant metrics to the Security Operations Manager
  • Contribute to the Firm's security-related information repositories and other marketing/awareness endeavors
  • Participate in special projects as needed
Qualification

Good to have Licenses, and Certifications:

GSEC, GCIH, GCFE, GREM

CISSP or SSCP desired

Education

Possess a Computer Science Bachelors Degree or substantial equivalent experience

Experience:
  • Some professional experience in information security with a Focus on incident response and forensics
  • Foundational knowledge of IR concepts and best practices, including forensics and chain-of-custody
  • Experience with common IR tools such as SIEM, log management, IDS, breach detection systems (APT/BDS/EDR), and packet capture.
  • Broad understanding of TCP/IP, DNS, common network services, and other foundational topics
  • Working knowledge of malware detection, analysis, and evasion techniques
  • Able to conduct static and dynamic analysis of malware to extract indicators of compromise, profile malware behavior, and provide recommendations for mitigating and detecting malware; Able to analyze suspicious websites, script-based and malware code
  • Experience with vulnerability management tools such as Qualys, Nessus, or other vulnerability scanning discovery tools
  • Broad familiarity with the threat landscape and the ability to adapt practices to evolving circumstances
  • Identify, analyze, and report threats within the enterprise by using information collected from a variety of sources (IDS/IPS, SIEM, AV), to protect data and networks. Implement techniques to hunt for known and unknown threats based on available threat intelligence reports and knowledge of the attacker's TTPs
  • Able to gather and analyze facts, draw conclusions, define problems, and suggest solutions
  • Maintain critical thinking and composure under pressure
  • Strong written and oral communication skills. Ability to convey complex concepts to non-technical constituents. Proficiency in oral and written English
  • Capable of assisting with the preparation of internal training materials and documentation
  • Able to be productive and maintain focus without direct supervision
  • Passionate in the practice and pursuit of IR excellence
  • Can exhibit a disciplined and rigorous approach to incident handling
  • Willing to accommodate shift-based work for a global organization
  • Provide exemplary customer service by striving for first-call resolution and demonstrating empathy, respect, professionalism, and expertise
  • Experience with digital forensics on host or network and identification of anomalous behavior on the network or endpoint devices. Familiar with host and network-based forensic tools such as EnCase, FTK, Sleuth Kit, X Ways, etc.
Know-how
  • Demonstrates the ability to identify the real issue, and to anticipate requirements and potential consequences; distills a range of possibilities by thinking in a considered, prudent manner
  • Has the capacity to take on new ideas and develop knowledge and think holistically about business and address media, analyst, employee, and client audiences.
  • Able to move through a variety of tasks requiring different approaches, knowledge, and expertise, with the agility of mind and capacity for analysis and synthesis.
#J-18808-Ljbffr

  • Makati City, National Capital Region, Philippines ePLDT, Inc. Full time ₱900,000 - ₱1,200,000 per year

    Job Description:Security Alert TriageContinuously monitoring security alerts generated by various security tools via SecOps and messaging apps (firewalls, intrusion detection systems, etc.)Analyzing alerts to determine their severity, legitimacy (potential false positives), and potential organizational impact.Prioritizing alerts based on a predefined risk...


  • Makati City, National Capital Region, Philippines Smart Communications, Inc. Full time

    OverviewLocation: Cyber Security Operations CenterReports To: Cyber Security Incident Response Team SupervisorDivision: Cyber Security Operations GroupAre you ready to be at the frontline of cyber defense? Join our elite Cyber Security Operations Group as an Incident Response Analyst and help safeguard critical systems against emerging threats. If you're...


  • Davao City, Philippines Penbrothers Full time

    About Penbrothers Penbrothers is an HR & remote talent management partner and one of the fastest growing companies in the Philippines. We provide talented Filipinos with global opportunities in high-growth startups and dynamic companies, from the comfort of their own homes. About the Client Our client is Asia’s premier cyber emergency response team,...


  • Mandaluyong City, National Capital Region, Philippines Penbrothers Full time ₱900,000 - ₱1,200,000 per year

    About PenbrothersPenbrothers is an HR & remote talent management partner and one of the fastest growing companies in the Philippines. We provide talented Filipinos with global opportunities in high-growth startups and dynamic companies, from the comfort of their own homes.About the ClientOur client is Asia's premier cyber emergency response team,...


  • Cebu City, Philippines NCR Atleos Full time

    Overview Join to apply for the Incident Management Analyst (Executive - Incident Management) role at NCR Atleos . Location: Cebu About NCR Atleos NCR Atleos, headquartered in Atlanta, is a leader in expanding financial access. Our dedicated 20,000 employees optimize the branch, improve operational efficiency and maximize self-service availability for...


  • Quezon City, National Capital Region, Philippines APWTech Full time ₱900,000 - ₱1,200,000 per year

    QUALIFICATIONS & SKILLS:Education and Experience:Bachelor's degree in computer science, Information Technology, or a related field.At least 3 years of solid experience in IT operations (application and infrastructure), and incident management inclusive of major incidents, or a similar role.Technical Skills:Proficiency and solid experience in monitoring...


  • Cebu City, Philippines QBE Europe Full time

    Primary Details Time Type: Full time Worker Type: Employee The purpose of this role is to provide an effective and proactive response to cybersecurity incidents, protecting the organisation's assets and services. The role involves investigating a diverse set of alerts, supporting incident management processes, and adapting to changes in security operations...


  • Cebu City, Central Visayas, Philippines NCR Atleos Full time ₱400,000 - ₱1,200,000 per year

    About NCR AtleosNCR Atleos, headquartered in Atlanta, is a leader in expanding financial access. Our dedicated 20,000 employees optimize the branch, improve operational efficiency and maximize self-service availability for financial institutions and retailers across the globe.TITLE:Executive - Incident ManagementLOCATION:CebuAbout NCR Atleos CorporationNCR...


  • Makati City, National Capital Region, Philippines Trends Group, Inc. Full time ₱900,000 - ₱1,200,000 per year

    I. PURPOSEParticipate and support activities that will help improve the existing operations and operationalize new service portfolio to achieve service excellence, operational efficiency, and retention of customers.Investigate, analyze, and respond to incidents or crises within the pertinent domain to mitigate immediate and potential threats. Uses...

  • SOC Analyst

    2 weeks ago


    Quezon City, Philippines RFA, Inc. Full time

    As a member of the RFA Security Operations Center, a SOC Analyst monitors and analyzes the output from various security monitoring and scanning tools to detect malicious or anomalous activity on behalf of RFA clients. The SOC Analyst recommends actions per established procedures for the detection, containment, and remediation of cyber security incidents. The...