soc l2 incident responder
6 days ago
I. PURPOSE
Participate and support activities that will help improve the existing operations and operationalize new service portfolio to achieve service excellence, operational efficiency, and retention of customers.
Investigate, analyze, and respond to incidents or crises within the pertinent domain to mitigate immediate and potential threats. Uses mitigation, preparedness, and response and recovery approaches, as needed, to minimize impact of incident and maximize survival of information security.
II. DUTIES AND RESPONSIBILITIES
- Accomplish all assigned tasks by the management in a timely and effective manner as deemed necessary for the betterment of the organization.
- Ensure effective and efficient processes are followed.
- Comply with escalation protocols.
- Report process inefficiencies and non-compliance with agreed standards and processes.
- To promote and contribute to TOC's information and knowledge repository.
- ·Collaborate with other teams to improve workflows, documentations, standards, and processes.
- Participate in activities promoting a harmonious working environment such as demonstrating trust and respect and practicing open communication.
- Comply with company policies, guidelines, standards, and procedures.
- Professionally represent Trends management; enriching client relationships and providing expertise, composure, and competence.
- Perform all other duties and tasks as assigned by the Shift Manager and Operations Senior Manager.
Availability Management
- Escalate availability and capacity-related issues and provide suggestions.
Capacity Management
- Ensure that resources of managed devices are within the acceptable thresholds.
- Escalate threshold breaches.
IT Service Continuity Management
- Understand Role in Business Continuity Plan (BCP) and ensure compliance once executed.
Risk Management
- Report risks to people and processes needed for Operations that may impact clients, Sales Groups, and other relevant stakeholders.
Service Level Management
- Comply with processes, procedures, guidelines, and policies to ensure SLAs are met or exceeded.
Configuration Management
- Provide feedback during functional testing.
Client Support
- Triage received events and incidents, and handle cases assigned.
- Undertake immediate efforts to restore a failed service of a Managed Service client as quickly as possible.
- Handles escalation and follow-ups until resolution.
- Processes Service Requests within agreed Service Level Agreement.
- Follows best practices and applicable frameworks for Events Management, Incident Management, and Service Requests.
- Collect relevant data and create Incident and Root-Cause-Analysis (RCA) Reports.
- Participates in vendor/supplier feedback if applicable.
Client Incident Management
- Guide Analysts in the monitoring of security events for proper categorization and prioritization eliminating false positives and irrelevant information.
- Perform analysis of escalated SOAR and SIEM events to respond to threats and accurately distinguish actionable recommendations.
- Perform fixes and solutions on incidents based on the context of the incident and documented procedures.
- Perform cyber defense trend analysis and reporting.
- Create established reporting procedures and requirements for documentation and draft technical summary of findings.
- Follow playbooks and procedures in the analysis, containment, eradication, remediation, and recovery from client cybersecurity and quality of service incidents.
- Update incident tickets and inform Shift Manager.
- Create RCA Reports and execute Compromise Assessment/Preventive Action (CA/PA).
Client Access Management
- Essentially executes Terms and Conditions of the client.
Client IT Asset Management
- Ensure that clients' managed assets are accounted for, maintained, upgraded if within scope.
- Monitors the clients' managed assets lifecycle and provides reports and recommendations to the Client, Service Delivery Manager/s, and other relevant stakeholders.
- Report discovered risky, non-compliant, new, broken assets.
Client Problem Management
- Provide necessary data and implement Corrective Action/Preventive Action (CA/PA).
- Comply with contractual problem management deliverables.
- Investigate the underlying causes, manage client recurring incidents, and help determine the best method to eliminate the root causes.
Process Management
- Follow documented processes of Operations.
Knowledge Management
- Update the knowledge and information pertaining to existing Clients and clients' Managed ICT assets.
- Contribute to the enrichment of the MICTS Knowledge Base and Incident Response playbooks.
Continual Service Improvement Management
- Suggest and follow new processes, comply, and execute assigned improvement plans.
- Provide quality data and ticket content.
III. QUALIFICATIONS
A. Minimum Education
- Must be a graduate of any IT related bachelor's degree such as:
- Computer Studies
- Computer Engineering
- Information Technology
- Electronics Engineering
B. Minimum Experience/Training
- Have at least 1-2 years of experience in Security Operations, particularly in Incident handling.
- Trainings and/or certifications on any of the following domains are required:
o IT Service Management
o IT Infrastructure (Network, Servers, Cloud, etc.)
o Cybersecurity and/or Information Security
INE Security Certified Incident Responder (eCIR)
EC-Council Certified Incident Handler (ECIH)
GIAC Certified Incident Handler (GCIH)
CompTIA Cybersecurity Analyst (CySA+)
Certified Computer Security Incident Handler (CSIH)
Job Types: Full-time, Permanent
Benefits:
- Additional leave
- Company events
- Employee discount
- Health insurance
- Life insurance
- Opportunities for promotion
- Pay raise
- Promotion to permanent employee
- Work from home
Education:
- Bachelor's (Preferred)
Experience:
- Security: 1 year (Required)
Work Location: In person
-
SOC L3 Analyst, Hybrid
4 days ago
Quezon City, National Capital Region, Philippines Bravissimo Resourcing Full time ₱1,320,000 - ₱1,560,000 per yearJob Summary:The SOC Level 3 Analyst serves as a senior technical authority, handling the most complex and high-priority incidents. As the escalation point for L1/L2 analysts, this role involves leading incident response, conducting advanced threat hunting, and collaborating with stakeholders to continuously enhance SOC capabilities.Requirements:6–8 years...
-
SOC L2 Analyst, Hybrid
4 days ago
Quezon City, National Capital Region, Philippines Bravissimo Resourcing Full time ₱1,000,000 - ₱1,200,000 per yearJob Summary:The SOC Level 2 Analyst investigates and responds to escalated incidents, conducts root cause analysis, and ensures accurate resolution. This role validates alerts, mentors L1 analysts, and collaborates with IT/security teams to improve detection and response processes.Requirements:Bachelor's degree in a relevant field2+ years of experience in a...
-
Senior Incident Responder
2 weeks ago
Makati City, National Capital Region, Philippines Trends Group, Inc. Full time ₱900,000 - ₱1,200,000 per yearI. PURPOSEParticipate and support activities that will help improve the existing operations and operationalize new service portfolio to achieve service excellence, operational efficiency, and retention of customers.Investigate, analyze, and respond to incidents or crises within the pertinent domain to mitigate immediate and potential threats. Uses...
-
L2 SOC Analyst
6 days ago
Mandaluyong City, National Capital Region, Philippines Emapta Global Full time ₱60,000 - ₱80,000 per yearProtect Systems. Lead Responses. Shape the Future of IT Security.Step into a role where your expertise directly protects systems, data, and operations from real-world threats. As part of a highly skilled team, you'll lead critical investigations and sharpen defense strategies for high-level clients. This opportunity lets you play a central role in...
-
SOC Analyst
2 days ago
Quezon City, National Capital Region, Philippines Richard Fleischman & Associates, Inc. Full time ₱40,000 - ₱80,000 per yearCertification requirements = Microsoft Certified: Security Operations Analyst Associate SC200Working shift - 6pm - 3:30am PHT - Sunday - Thursday As a member of the RFA Security Operations Center, a SOC Analyst monitors and analyzes the output from various security monitoring and scanning tools to detect malicious or anomalous activity on behalf of RFA...
-
Mandaluyong City, National Capital Region, Philippines Emapta Full time ₱150,000 - ₱180,000 per yearDefend the Digital Frontier with Your Expertise Stay ahead of cyber threats and lead security operations that protect businesses on a global scale. Seize the chance to shape the future of cybersecurity while advancing your global career. This role empowers you to make your mark in safeguarding digital infrastructures, driving innovation, and leaving a...
-
Makati City, National Capital Region, Philippines Paynamics Technologies Inc. Full time ₱1,200,000 - ₱3,600,000 per yearA Security Operations Center (SOC) Analyst is responsible for monitoring, detecting, investigating, and responding to cybersecurity threats and incidents in real-time. This position plays a crucial role in maintaining the organization's security posture and protecting critical assets from cyber threats. Key ResponsibilitiesMonitor and analyze security...
-
L1 SOC Analyst
1 week ago
Mandaluyong City, National Capital Region, Philippines Emapta Full time ₱1,200,000 - ₱2,400,000 per yearGuard the Future of Cybersecurity with Balance in Mind Cybersecurity is more than firewalls and alerts-it's about protecting what's most valuable. Here, you'll dive into defense, sharpen your threat-hunting skills, and expand your expertise in IT security. All while enjoying the balance to unplug, recharge, and live securely beyond the screen. Job...
-
SOC Specialist
6 days ago
Quezon City, National Capital Region, Philippines J-K Network Manpower Services Full time ₱1,200,000 - ₱1,440,000 per yearCOMPANY PROFILE: Supplier of technologically advanced solutions that improve healthcare providers' financial performance and patient experience.Position: SOC SpecialistCompany Industry: Healthcare & Medical IndustryWork Location: Quezon CityWork Schedule: Nightshift/Shifting scheduleWork Set Up: HybridBENEFITS :HmoYearly Salary IncreasePerformance...
-
Cyber Threat Analyst
6 days ago
Makati City, National Capital Region, Philippines China Bank PH Full timeThe Cyber Threat Analyst is responsible for detecting, analyzing, and mitigating cyber threats to safeguard the bank's digital assets. The role operates on a 24x7 shift rotation and involves monitoring, investigating, and responding to security events using SOC tools such as SIEM, IDS/IPS, and antivirus systems.Key Responsibilities:Monitor, analyze, and...