Incident Response Analyst

Job Type: Permanent (Full time)

Work Arrangement: Hybrid (8 times RTO per month. Must be amenable to render overtime, work on weekends, and/or PH holidays if needed);

Office Location: Taguig, BGC

Work Schedule: Shift (APAC: 6AM to 3PM, EMEA: 2PM to 11PM, WHEM: 10PM to 7AM (next day) Sunday to Thursday, or Monday to Friday. *Shift changes every 2 months

Summary

Our client, a leading multinational law firm, is seeking an Incident Response Analyst. In this role, you will provide detection, containment, and analysis of security events to protect the confidentiality, integrity, and availability of information systems per the firm's business objectives, regulatory requirements, and strategic goals.

Key Qualifications:

• Possess a Computer Science Bachelor's Degree or substantial equivalent experience.
• At least 4-5 years of relevant experience in a Forensics background.
• Nice to have hands-on experience with: Incident Response, Threat Detection, Malware Analysis, Forensics, Incident Handling, Security Incident Management, Network Traffic Analysis, Security Orchestration, Automation, and Response (SOAR), Threat Hunting, Threat Intelligence, Endpoint Detection and Response (EDR), Vulnerability Management, Cloud Forensics, Cloud Incident Response, Security Information and Event Management (SIEM)

Special Requirements, Licenses, and Certifications (highly regarded)

• GSEC, GCIH, GCFE, GREM, OR CISSP or SSCP desired.

Key Responsibilities:

• Some professional experience in information security with a focus on incident response and forensics.
• Foundational knowledge of IR concepts and best practices, including forensics and chain-of-custody.
• Experience with common IR tools such as SIEM, log management, IDS, breach detection systems (APT/BDS/EDR), and packet capture.
• Broad understanding of TCP/IP, DNS, common network services, and other foundational topics.
• Working knowledge of malware detection, analysis, and evasion techniques.
• Able to conduct static and dynamic analysis of malware to extract indicators of compromise, profile malware behavior, and provide recommendations for mitigating and detecting malware; Able to analyze suspicious websites, script-based, and malware code.
• Experience with vulnerability management tools such as Qualys, Nessus, or other vulnerability scanning discovery tools.
• Broad familiarity with the threat landscape and the ability to adapt practices to evolving circumstances.
• Identify, analyze, and report threats within the enterprise by using information collected from a variety of sources (IDS/IPS, SIEM, AV), to protect data and networks. Implement techniques to hunt for known and unknown threats based on available threat intelligence reports and knowledge of the attacker's TTPs.
• Able to gather and analyze facts, draw conclusions, define problems, and suggest solutions.
• Maintain critical thinking and composure under pressure.
• Strong written and oral communication skills. Ability to convey complex concepts to non-technical constituents. Proficiency in oral and written English.
• Capable of assisting with the preparation of internal training materials and documentation.
• Able to be productive and maintain focus without direct supervision.
• Passionate in the practice and pursuit of IR excellence.
• Can exhibit a disciplined and rigorous approach to incident handling.
• Willing to accommodate shift-based work for a global organization.
• Provide exemplary customer service by striving for first-call resolution and demonstrating empathy, respect, professionalism, and expertise.
• Experience with digital forensics on host or network and identification of anomalous behavior on the network or endpoint devices. Familiar with host and network-based forensic tools such as EnCase, FTK, Sleuth Kit, X Ways, etc.

How to apply:

Interested applicants may send their updated resume indicating your current and expected salary, and your availability date to start work.

*We regret that only shortlisted candidates will be contacted

All applications will be treated in the strictest confidentiality.

Job Types: Full-time, Permanent

Pay: Php60, Php79,000.00 per month

Benefits:

• Company events
• Health insurance
• Opportunities for promotion
• Promotion to permanent employee
• Work from home

Application Question(s):

• Asking/Expected Salary:

Experience:

• Incident Response Analyst: 4 years (Preferred)

Work Location: In person