Associate - Security Operations Centre Analyst, Cyber Risk
Location : Philippines (Manila)
In a world of disruption and increasingly complex business challenges, our professionals bring truth into focus with the Kroll Lens.
Our sharp analytical skills, paired with the latest technology, allow us to give our clients clarity not just answers in all areas of business.
We embrace diverse backgrounds and global perspectives, and we cultivate diversity by respecting, including, and valuing one another.
As part of One team, One Kroll, you’ll contribute to a supportive and collaborative work environment that empowers you to excel.
The Kroll Cyber Risk, award-winning provider of managed security services is seeking an Analyst to join our Security Operations Centre (SOC).
The successful candidate will be a key member of the Security Operations Centre and provide real-time threat analysis and detection.
Clients count on us for quick and expert support in the event of and in preparation against a cyber incident; from incident identification and detection to full incident response we help clients of all sizes respond with confidence.
Kroll’s career training package is highly sought-after by security analysts all over the globe! We will work with you to develop an annual personal development plan, including SANS GIAC certifications (such as GCFA), unlimited access to Immersive Labs and the latest in vendor technology training.
At Kroll, your work will help deliver clarity to our clients’ most complex governance, risk, and transparency challenges.
Apply now to join One team, One Kroll.
Carry out in-depth investigation on security events, raise incidents and support the Incident Management process with 24*7 support.
Provide remote incident response activities and advice to support customers during and immediately after security incidents.
Respond to system generated alerts, analyse logs and traffic patterns.
Maintain and improve SIEM correlation rules and Endpoint Protection detections.
Supporting multiple customer environments concurrently.
Provide analysis and trending of security log data and network traffic.
Generate customer facing security reports.
Integrate and share information with other analysts and other teams.
Other duties as assigned.
Has a passion for security and enjoys solving problems.
Experience working with SIEM and EDR systems.
Good knowledge of Cyber Security Incident Response processes & procedures.
Excellent knowledge on the fundamentals of Windows and Unix systems.
Good understanding of host forensics, memory forensics and network forensics.
In-depth knowledge of the security threat landscape.
Knowledge of various security methodologies and processes, and technical security solutions.
Knowledge of TCP / IP Protocols, network analysis, and network / security applications.
Knowledge of investigation techniques to determine security incidents.
Ability to multi-task, prioritize, and manage time effectively.
Strong attention to detail.
Excellent interpersonal skills and professional demeanor.
Excellent verbal and written communication skills.
Excellent customer service skills.
Industry standard certifications such as : CREST CRT, CREST CCT, OSCP, GCFA, GNFA, GREM / Relevant specialized degree in Cyber Forensics.
1+ years’ or more of experience as a Cyber Security Analyst or equivalent.
Bachelor's degree in related field or equivalent experience and knowledge
Prior experience actively using endpoint threat detection and response (EDR) products to investigate threats such as VMWare Carbon Black, Windows Defender ATP, CrowdStrike Falcon, Sentinel One, Trend Micro XDR, Tanium, or others.