L2 Insider Threat Analyst
1 day ago
We are seeking passionate people to grow the Cyber Security team within WTW and provide an excellent service and trusted expertise to all parts of our business. We have an exciting opening for askilled and experienced L2 Insider Threat Analyst. As part of the Cyber Defence department, this role will investigate Insider Threat and Data Loss Prevention (DLP) cases that have been escalated by our L1 Insider Threat team.
Reporting to the Global Head of Insider Threat, the L2 Insider Threat Analyst role is suited to someone who has strong Microsoft Purview DLP and Insider Risk Management (IRM) analyst experience. It is a business facing role and requires working proactively with stakeholders and colleagues to investigate Insider Threat and DLP cases. The RolePerform advanced analysis and investigation of Insider Threat and DLP alerts across the various egress channels in both on premise and cloud environments.
Analyse event/alert patterns to properly interpret and prioritise threats with available DLP and IRM tools and other data protection devices. Help Identify trends and drive requirements aimed at improving and enhancing existing DLP and IRM detection policies. Work closely with Cyber Defence teams such as the Global Security Operations Centre, as well as Legal, Privacy and HR teams if necessary, during investigations and incidents.
Prepare detailed reports on security incidents, investigations, and mitigation efforts. Contribute to the fine tuning of rules across the detection tools by highlighting pain points to the Global Head of Insider Threat and Insider Threat Engineering Manager. Contribute to the development, improvement and review of operational documents.
Secondary responsibilities:Other relevant tasks as designated by the Global Head of Insider Threat. Help coach and mentor L1 Insider Threat Analysts. Provide support to projects and initiatives that enhance Insider Risk and data protection policies and standards.
QualificationsThe RequirementIt is essential that you have in-depth experience within a Senior DLP or Insider Threat Analyst role in a global enterprise organisation. Relevant Microsoft Qualifications for Purview DLP, Defender and IRM.Excellent operational knowledge of Purview DLP, Defender and IRM.Excellent analytical and investigative skills to identify complex security issues and respond at the same level with a technical understanding of when to escalate impacting security events. Ability to identify trends and patterns in data usage behaviour.
Must possess excellent oral communication and writing skills. Must be self-motivated and capable of independent work while operating in a geographically and culturally diverse peer group. Must possess good stakeholder management skills.
Must exhibit a history of reliability and strong decision-making skills due to the trust imparted as an Insider Threat analyst. Beneficial:Understanding of data protection laws, regulations, and compliance requirements (e.g., GDPR, CCPA, HIPAA). Industry certifications such as Certified Information Systems Security Professional (CISSP) or Certified Information Privacy Professional (CIPP).
Proficiency in using security tools and technologies such as SIEM, EDR and forensic analysis tools. Familiarity with KQL may also be beneficial for automating tasks and conducting advanced analysis. Prior experience in cyber security roles in areas such as incident response, threat detection or security operations.
Understanding of risk scoring. WTW is an Equal Opportunity Employer
-
Cyber Threat Intelligence Analyst
1 day ago
Taguig, National Capital Region, Philippines Coins Full time $90,000 - $120,000 per yearJoin the Pioneer Crypto Brand in the Philippines Coins is the most established crypto brand in The Philippines and has gained the trust of more than 18 million users. Through the easy-to-use mobile app, users can buy and sell a variety of different cryptocurrencies and access a wide range of financial services Coins is fully regulated by the Bangko Sentral...
-
Cyber Threat Intelligence Analyst
1 day ago
Taguig, National Capital Region, Philippines Coins Full time ₱900,000 - ₱1,200,000 per yearJoin the Pioneer Crypto Brand in the PhilippinesCoins is the most established crypto brand in The Philippines and has gained the trust of more than 18 million users. Through the easy-to-use mobile app, users can buy and sell a variety of different cryptocurrencies and access a wide range of financial services.Coins is fully regulated by the Bangko Sentral ng...
-
Cyber Threat Intelligence Analyst
1 day ago
Taguig, National Capital Region, Philippines coins Full time $900,000 - $1,200,000 per yearJoin the Pioneer Crypto Brand in the PhilippinesCoins is the most established crypto brand in The Philippines and has gained the trust of more than 18 million users. Through the easy-to-use mobile app, users can buy and sell a variety of different cryptocurrencies and access a wide range of financial services.Coins is fully regulated by the Bangko Sentral ng...
-
Cyber Threat Intelligence Specialist
5 days ago
Taguig, National Capital Region, Philippines beBeeCyber Full time ₱900,000 - ₱1,200,000Key Role SummaryOur organization is seeking a skilled Cyber Threat Intelligence Analyst to strengthen our Security Operations team. In this role, you will identify, analyze, and mitigate emerging cyber threats targeting the crypto and blockchain ecosystem.ResponsibilitiesContinuously monitor and assess emerging cyber threats, vulnerabilities, and...
-
L3 SOC Analyst
1 day ago
Taguig, National Capital Region, Philippines AVENSYS Full time ₱1,000,000 - ₱1,350,000 per yearTitle: SOC AnalystLocation: TaguigWork Arrangement: Hybrid5+ Years of Cyber Security experience in a 24x7 SOC environment and handling L3 Security Issues or complex incidents (Issues that have been escalated by L2 SOC Analyst)Experienced using SIEM Tools (Splunk, Azure Sentinel etc.)Experienced in Cyber Incident Response, Security Monitoring, Malware...
-
Taguig, National Capital Region, Philippines Avature Full time $90,000 - $120,000 per yearIn this role, you'll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new...
-
Competitive Intelligence Analyst
1 day ago
Taguig, National Capital Region, Philippines Netskope Full time $104,000 - $130,878 per yearAbout NetskopeToday, there's more data and users outside the enterprise than inside, causing the network perimeter as we know it to dissolve. We realized a new perimeter was needed, one that is built in the cloud and follows and protects data wherever it goes, so we started Netskope to redefine Cloud, Network and Data Security. Since 2012, we have built...
-
Competitive Intelligence Analyst
1 day ago
Taguig, National Capital Region, Philippines Netskope Full time $104,000 - $130,878 per yearAbout NetskopeToday, there's more data and users outside the enterprise than inside, causing the network perimeter as we know it to dissolve. We realized a new perimeter was needed, one that is built in the cloud and follows and protects data wherever it goes, so we started Netskope to redefine Cloud, Network and Data Security.Since 2012, we have built the...
-
SOC Analyst
1 day ago
Taguig, National Capital Region, Philippines NCC Group Full time $40,000 - $60,000 per yearRole: SOC Analyst (Security Operations Center Analyst)Schedule: MidshiftThanks for checking out our job opening; we are excited that YOU are interested in learning more about NCC Group. We are on a mission to make society a safer and more secure place. Our people are the ones who make that possible; a global community of talented individuals working together...
-
Global SOC L2 Analyst
1 day ago
Taguig, National Capital Region, Philippines Willis Towers Watson Full time $60,000 - $80,000 per yearDescriptionPrincipal Duties/ResponsibilitiesInvestigate alerts, security incidents and seeking out potential security issues through log analysis, and use of tools such as SIEM, UEBA, EDR, etc. Ensure that there is a timely response to any cyber incidents to minimise the impact to the business, including interacting with different technical teams and...
