Brief
CC.Talent is in search of an experienced SOC Analyst Tier 2 who will be responsible for in-depth analysis and response to security incidents. The role involves monitoring, detection, investigation, and resolution of complex security events, as well as providing guidance and support to Tier 1 analysts. The Tier 2 analyst also contributes to the development of incident response procedures and the improvement of the overall incident detection and response capabilities within the SOC.
Client Details
Our client operates managed services (24/7) for organizations of any size lacking the resources or expertise to establish a security operations center (SOC). With a team of highly skilled dedicated security specialists, they ensure swift threat detection, response, and remediation across all levels.
Responsibilities
Incident Detection and Response:
Monitor security alerts from various detection systems (SIEM, IDS/IPS, antivirus, etc.).
Conduct in-depth analysis of security incidents and perform thorough investigations.
Document and escalate incidents following the established procedures.
Manage and respond to security incidents in coordination with relevant teams.Monitoring and Analysis:
Continuously monitor security events and alerts.
Analyze logs and network traffic to identify unusual and potentially malicious activity.
Perform root cause analysis to determine the source of security incidents.
Maintain up-to-date knowledge of the threat landscape and emerging cybersecurity threats.Support and Collaboration:
Provide guidance and support to Tier 1 analysts, assisting with complex incident analysis and troubleshooting.
Collaborate with other IT and security teams to correlate events and enhance detection capabilities.
Coordinate with external threat intelligence teams to integrate new threat information into monitoring tools.Incident Response Improvement:
Contribute to the development and improvement of incident response procedures and playbooks.
Participate in post-incident reviews to identify improvements and lessons learned.
Recommend process improvements and tools to enhance security monitoring and incident response.Documentation and Reporting:
Maintain detailed and accurate documentation of incidents and investigations.
Produce reports on incidents and security trends for management and stakeholders.
Ensure incident response documentation is current and comprehensive.Knowledge Development:
Stay current with the latest cybersecurity trends, tools, and technologies.
Participate in ongoing training and certification programs.
Share knowledge and best practices with the SOC team.
Qualifications
3+ years of experience in information security, with a focus on security operations and incident response.
Strong understanding of security technologies, including SIEM, IDS/IPS, firewalls, and endpoint protection.
Proven experience with incident detection, analysis, and response.
Familiarity with common threat analysis frameworks and methodologies.
Industry certifications such as CEH, GCIH, GCIA, or equivalent are highly desirable.
Excellent analytical, problem-solving, and communication skills.
Ability to work independently and as part of a team in a fast-paced environment.
Good communication skills in both spoken and written English
Must be willing to work from the office in Pasay in a 24/7 shifting schedule.
Bachelor's Degree in (Computer/Telecommunication), Mathematics, Science & Technology or equivalent.