Security Analyst - Level 1
- Mandaluyong, PhilippinesMandaluyong, Metro Manila, PhilippinesMandaluyongMetro ManilaPhilippines
- Full time
A level 1 analyst executes operations procedures as a matter of daily responsibility. The role of a SOC analyst is the detailed and repeatable execution of all operational tasks as documented in processes and subordinate procedures. Specifically, the level 1 analyst will be responsible for monitoring the SOC situational awareness and automation systems for security events and closing or escalating those events as necessary. Level 1 analysts will maintain the group email address and distribution lists, answer SOC main phone lines, and update all relevant documentation such as shift logs and tickets. Specifically, the SOC level 1 analyst will identify, categorize, prioritize, and investigate events rapidly utilizing triage and response guidelines for the enterprise using commonly available SOC log sources that include:
- Firewalls and network devices
- Infrastructure server and end-user systems
- Threat intelligence platforms
- Web proxies
- Application logs and web-application firewalls
- Identity and access management systems
- Cloud and hybrid-IT provisioning, access, and infrastructure systems
- Antivirus systems
- Intrusion detection and prevention systems
- Monitor incoming event queues for potential security incidents using the Micro Focus® Security
- ArcSight Enterprise Security Management (ESM) tool per operational procedures.
- Perform initial investigation and triage of potential incidents, and escalate or close events as applicable.
- Monitor SOC ticket (or email) queue for potential event reporting from outside entities and individual users.
- Maintain SOC shift logs with relevant activity from the shift.
- Document investigation results, ensuring relevant details are passed to tier 2 for final event analysis.
- Update or reference SOC collaboration tool as necessary for changes to SOC process and procedure as well as ingest SOC daily intelligence reports and previous shift logs.
- Conduct security research and intelligence gathering on emerging threats and exploits.
- Good analytical thinking
- Good communication skill (written, verbal, presentation)
- Knowledge in intrusion analysis
- Knowledge in Information Security Principles
- Fluent in Windows and Linux OS, Knowledge in network
- Good research skills
- Knowledge in scripting (Phyton, BASH)
- Knowledge in using REGEX
- Works well within a team environment
- Willing to work in a 24/7 shifting schedule
Feel secure when applying: look for the verified icon and always do your research on a company. Avoid and report situations when employers require payment or work without compensation as part of their application process.