Security Analyst (L1 Analyst)
Systems Generators Philippines
4d ago

Job Purpose

Security Analyst work in shift and is the first line of the SOC team. He is mainly responsible to monitor and raise alerts whenever a potential security breach is detected by the systems used inside the SOC

Job Role

  • Monitor external data sources (e.g., Threat Feeds, External Advisory Bodies, etc.) to maintain currency of threat condition and determine which security issues may have an impact on the organization services and information’s.
  • Use SOC tools for continual monitoring and analysis of system activity to identify malicious activity
  • Continuously monitor the SIEM events / alerts to identify any anomalies that may require further analysis.
  • Perform event correlation using information gathered from a variety of sources within the organization to gain situational awareness and determine the effectiveness of an observed attacks
  • Detect Incidents by monitoring the SIEM console, Rules, Reports and Dashboards.
  • Provide timely detection, identification, and alerts of possible attacks / intrusions, anomalous activities, and misuse activities, and distinguish these incidents and events from benign activities
  • Report the confirmed incident as per the Incident management process.
  • Notify the SOC Lead Analyst on suspected / anomaly events for further analysis.
  • Document and escalate incidents (including event’s history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment
  • Monitor the health of the SIEM and other SOC tool and report any issues / malfunctions to the SOC SIEM Engineer.
  • Communicate and provide necessary information to external teams for timely incident resolution.
  • Skills : Incident management

    Incident management

  • Knowledge on the log monitoring, analysis and correlations
  • Knowledge of Incident detection, reporting and responding
  • Understanding of security threats and vulnerabilities
  • Security Concepts

  • High-level understanding of TCP / IP protocol and OSI Seven Layer Model.
  • Knowledge of security best practices and concepts.
  • Knowledge of Windows and / or Unix-based systems / architectures and related security.
  • Intermediate level of knowledge of LAN / WAN technologies.
  • Must have a solid understanding of information technology and information security.
  • Good understanding of Defense in Depth analysis techniques.
  • Tool Knowledge

  • Ability to use SIEM console to create / analyze Rules, Reports and Dashboards.
  • Good knowledge on use common security products like Firewall, IPS, APT, Antivirus, File
  • Integrity Monitoring, DLP, Packet Capturing, Proxy, etc.
  • Knowledge of server, network devices and diagnostic tools and fault identification techniques.
  • Characteristics

  • Highly result oriented and able to work independently.
  • Ability to build relationships and interact effectively with internal and external parties.
  • Good analytical, technical, written and verbal communication skills.
  • Ability to multi-task in a fast paced and demanding work environment.
  • Strong team player
  • Comfortable with high-tech work environment, and constant learning of new tools and innovations.
  • Flexibility to work all shifts, and willingness to assist the team with overtime when neededSelf-motivated, curious, knowledgeable pertaining to cyber security news and current events
  • Experiences :

  • Overall 2+ years’ experience working in a large-scale IT environment with focus on Information Security.
  • Minimum 2 year experience in SOC Environment.
  • Report this job

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Application form