Security Analyst - PH
About the Role
As a Security Analyst, you will be responsible to use tools defined by our team to identify advanced threats, and then track and mitigate them before organizational IT systems are attacked. Advanced threats may constitute up to 10% of cyber threats, and not all advanced threats are detected solely with SOC solutions. Security Analysts are needed for that very purpose.
A Security Analyst continuously detects, analyzes and combats advanced threats. The job role includes detecting vulnerabilities and mitigating the associated cybersecurity risk before it affects the organization.
In this role, you'll get to
organize and analyze the collected data to determine trends in the security environment of the organization.
make predictions for the future and eliminate current vulnerabilities
review, administer, track, and escalate potential threats that occur and recur generated from various detection sources.
evaluate, suggest ideas, and improve current operational security processes, orchestration, response platforms and report generation by automation to improve operational efficiency.
On day one, we'll expect you to
have at least 1 year of experience with incident response, security operations, malware analysis, developing custom detection in a variety of security appliances or threat hunting
have at least 1 year of experience with threat intelligence models and application to threat hunting
have an experience with programming/coding
possess effective oral and written communication, issue resolution, negotiation. Critical thinking and troubleshooting skills with a focus on analytical capabilities
must have basic proficient skills/knowledge in some of the following:
security Information and Event Management (SIEM) tools - These tools are used to collect and analyze security event data from multiple sources to identify potential threats.
network Traffic Analysis (NTA) tools - These tools analyze network traffic to identify and investigate potential security threats such as malware, unauthorized access, and data exfiltration.
endpoint Detection and Response (EDR) tools - These tools are designed to detect and respond to threats on individual endpoints such as laptops, desktops, and servers.
threat Intelligence Platforms - These tools provide real-time information on emerging threats and trends to help organizations proactively defend against potential threats.
vulnerability Scanners - These tools scan networks and systems for known vulnerabilities that could be exploited by attackers.
deception technologies - These tools create decoys, honeypots, and other fake assets to lure attackers and alert security teams to potential threats.
forensic analysis tools - These tools help cybersecurity professionals investigate security incidents and determine the root cause of a breach.
have stable high speed internet >100 mbps
have a fully functional and up-to-date computer with which to perform duties
be willing to install next-generation endpoint protection on the computer
be a current resident of the Philippines and can perform work from there
be willing to work in US Pacific Time (8:00am-5:00pm PST) corresponding to 00:00am -9:00am PH time)
Nice to have
an intimate knowledge of Spiderfoot HX or recon-ng
at least a working knowledge of the cyborg-hawk platform
an understanding of common DAST tools such as burpsuite
This is a remote (work from home) position.