SOC L1 Analyst

I. PURPOSEParticipate and support activities that will help improve the existing service operations and operationalize new service portfolio to achieve service excellence, operational efficiency, and retention of customers.II. DUTIES AND RESPONSIBILITIESAccomplish all assigned tasks by the Team Lead in a timely and effective manner as deemed necessary for the betterment of the organization.Follow effective and efficient processes and comply with escalation protocols.Report significant events to the Team Lead and participate in shift turnovers.Contribute to the knowledge and information relevant to Service Operations.Collaborate with other team members to improve workflows, documentations, standards, and processes.Participate in activities promoting a harmonious working environment such as demonstrating trust and respect and practicing open communication.Comply with company policies, guidelines, standards, and procedures.Perform all other duties and tasks as assigned by the SOC Team Lead and Shift Manager.Availability ManagementEscalate availability and capacity-related issues and provide suggestions.Capacity ManagementEnsure that resources of managed devices are within the acceptable thresholds.Escalate threshold breaches.IT Service Continuity ManagementUnderstand Role in Business Continuity Plan (BCP) and ensure compliance once executed.Risk ManagementReport risks to people and processes needed for Operations that may impact clients, Sales Groups, and other relevant stakeholders.Service Level ManagementComply with processes, procedures, guidelines, and policies to ensure SLAs are met or exceeded.Configuration ManagementProvide feedback during functional testing.Client SupportPerform triage on received events and incidents.Handle cases assigned to the team.Process Service Requests within agreed Service Level Agreement.Undertake immediate efforts to restore a failed service of a Managed Service client as quickly as possible.Follows best practices and applicable frameworks for Events Management.Handle escalation and follow-ups until resolution.Collect relevant data to be used for Root-Cause-Analysis (RCA) Reports.Client Incident ManagementFollow playbooks and procedures in the analysis, containment, eradication, remediation, and recovery from client cybersecurity and quality of service incidents.Update incident tickets and inform Shift Manager.Provide inputs to RCA Reports created by resolver groups.Client Access ManagementEssentially executes Terms and Conditions of the client.Client IT Asset ManagementMonitors the clients' managed assets lifecycle and provides reports and recommendations to the Client, Service Delivery Manager/s, and other relevant stakeholders.Client Problem ManagementProvide necessary data and implement Corrective Action/Preventive Action (CA/PA).Comply with contractual problem management deliverables.Process ManagementFollow documented processes of Operations.Knowledge ManagementResponsible in updating the knowledge and information pertaining to existing Clients and clients' Managed ICT assets.Continual Service Improvement ManagementFollow new processes, comply, and execute assigned improvement plans.Provide quality data and ticket content.III. QUALIFICATIONSA. Minimum EducationMust be a graduate of any IT related bachelor's degree such as:o Computer Studieso Computer Engineeringo Information Technologyo Electronics EngineeringB. Minimum Experience/TrainingHave at least 1 year of working experience in a SOC Operations environment OR have undergone the TRENDS Cadetship Program.Trainings and/or certifications on any of the following domains are required:o IT Service Managemento IT Infrastructure (Network, Servers, Cloud, etc.)o Cybersecurity and/or Information SecurityC. Competency(F) - Familiar / 0-12 months(N) - Novice / 1-2 years(I) - Intermediate / 3-4 years(A) - Advanced / > 5 yearsKNOWLEDGE(F) Knowledge of cybersecurity and privacy principles.(F) Knowledge of computer networking concepts and protocols, and network security methodologies.(F) Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).(F) Knowledge of cyber threats and vulnerabilities.(F) Knowledge of specific operational impacts of cybersecurity lapses.(F) Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).(F) Knowledge of system administration, network, and operating system hardening techniques.(F) Knowledge of MITRE ATT&CK Framework and NIST SP800-61SKILL(F) Skill in using SIEM (McAfee ESM is a plus) and SOAR (Siemplify is a plus) platforms(F) Skill of identifying, capturing, containing, and reporting malware.(F) Skill to design incident response procedures.(F) Skill to collaborate with different teams and communicate thoughts and ideas.ABILITY(F) Ability to apply SOAR playbooks and SIEM correlation rules for investigating host and network-based intrusions.COMMUNICATION SKILLS(F) Speaks clearly and can be easily understood.(F) Expresses & speaks ideas in a logical and organized sequence.(F) Writes clearly, concisely, and effectively.(F) Expresses ideas in a logical and organized sequence in written form.Job Types: Full-time, PermanentBenefits:Additional leaveCompany eventsFlexible scheduleLife insuranceOpportunities for promotionPromotion to permanent employeeWork from homeEducation:Bachelor's (Required)Experience:SOC Operations environment : 1 year (Required)Work Location: Hybrid remote in Makati