Security Analyst Level 3 -Threat hunting/Forensics
MicroSourcing International Inc.
Eastwood City, Philippines
4d ago

Responsibilities :

  • Performs threat hunting by identifying targetsbased on threat actors and their common tactics as well as techniques toproactively and iteratively searching through networks to detect and isolateadvanced threats that evade existing security solutions
  • Support to insider threat analysis andinvestigation in finding potential insider threat cases (misuse of ITresources, fraud, or espionage)
  • Recommends how to optimise security monitoringtools based on threat hunting discoveries.
  • Performs analysis on artifacts to determine thefull extent and ground truth of an incident by establishing a detailed timelineof events
  • Extracting malicious files from network trafficand analysing them to determine their nature. Investigate actual or suspectedinformation systems security incidents, events, or violations and report to theSOC Manager.
  • Authoring and implementing original detectioncontent for monitoring systems (IPS signatures, SIEM use cases etc) on thebasis of current threats, vulnerabilities, protocols, missions, or otherspecifics to the constituency environment
  • Updating IPS and SIEM systems with newsignatures, tuning their signature sets to keep event volume at acceptablelevels, minimizing false positives, and maintaining up / down health status ofsensors and data feeds
  • Examine the security architecture andvulnerabilities of constituents’ systems, through scans, examining systemconfiguration, reviewing system design documentation, and interviews to producea report of findings and recommended remediation
  • Conducts penetration tests on systems tovalidate resiliency and identify areas of weakness to propose improvements.
  • Respond to level 3 change and problem requestswithout supervision and lead level 1 & 2 incident recoveries and root causeanalysis.
  • Perform identification, remediation, anddocumentation of network intrusions and computer system compromises, advancemalware analysis and forensic analysis of n / w activity, disks, and memory.
  • Develop or augment prioritization process tosupport investigation and compliance tasks.
  • Lead activities for the L1 and L2s such asproactive monitoring, logging and alerting to analyze, correlate, and respondto cyber-
  • attacks, threat intelligence and ability to define Risk and ComplianceDashboards.

    Qualifications :

  • 6-7 years in IT Network or Security experience,expected to have attained at least 5+ years of Security Incident Management(SIEM) technologies related hands on experience.
  • Experience in SOC, Incident Response, MalwareAnalysis, IDS / IPS, Packet analysis / SIEM tools event monitoring, analysis& Triage process.
  • Working experience in large enterpriseenvironment with project planning skills, integrating solutions in a multi-vendorenvironment.
  • Sound understanding of IT Service Managementdisciplines in line with IT industry standards and best practices, e.g. ITILprocess experience
  • Excellent communication capabilities to providerapid and concise summaries of complex scenarios
  • Security exposure and proficiency in at leasttwo Operating Systems (Windows, Linux preferred)
  • Strong analytical and troubleshooting skillsworking in complex network and security problems
  • Why Join Us?

    MicroSourcing offers diversity in career options. We welcome individuality in self-expression without losing the value for team involvement.

    We are a fresh look at the BPO & KPO industry. Come experience the MicroSourcing life and be part of our growing family.

    Cultures and Values

    We are a fast growing company but we have always been able to keep the fun, young and intimate atmosphere from the time we started.

    We strongly believe in transparency and honesty and we always make sure to represent the interests of our employees as much as we represent the interests of our clients.

    Add to favorites
    Remove from favorites
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Application form