Senior Security Operations Engineer at Field Nation; leading security operations and incident response to enhance cybersecurity posture.
About the role
- SOC Analyst enhancing cybersecurity operations for a global security team based in Manila, Philippines. Responsible for incident response, threat analysis, and process improvement.
Responsibilities
- Incident response activities, security incident investigations, and working with asset owners, stakeholders, other teams, and relevant teams to develop remediation plans.
- Investigating, documenting, and reporting on external information security threats and emerging trends.
- Overseeing of vulnerability and risk analysis for customer IT systems, enterprise applications and cloud infrastructure.
- Building automated alerting and remediation workflows for security issues.
- Development of operating procedures for teams to integrate into their daily workflows to deliver secure enterprise applications and & infrastructure at scale.
- Consulting on technical design & engineering processes for system architectures to ensure that security is a design consideration and not a feature.
- Recommending information assurance and security solutions to support product development and customer requirements.
- Driving the ongoing improvement of security processes and procedures.
Requirements
- 3.5 + years in a Security Operations role with comprehensive experience in investigations and incident response.
- Experience working within a Security Operations Centre.
- Knowledge in using and configuring the Elastic stack (Elastic Search, Logstash, Kibana) to drive SOC operations (or equivalent SOC tech stack)
- One or more of the following certifications are highly desired: CompTIA Security+, PentTest+, EC-Council (CEH, ECIH, CHFI, CND), Cisco CyberOps, GIAC (GCED, GCIA, GCIH), ISC2 (CISSP, CSSP) or similar security certifications.
- Detailed understanding of threats, vulnerabilities, exploits, defences, security principles and policies.
- Knowledge of techniques attackers use to identify vulnerabilities, gain unauthorized access, escalate privileges and access restricted information.
- Experience analyzing event and system logs, performing packet and forensic analysis in support of intrusion analysis or enterprise-level information security operations.
- Knowledge of security practices and essential security technologies (AV, EDR, FIM, HIPS, NIPS, SIEM, WAF/DAM, DLP, IDS/IPS).
- Knowledge of information security protection/detection and authentication systems (firewalls, IDS, IPS, anti-virus, AD, AAD, RADIUS etc.).
- Knowledge of Unix, Linux and Windows administration, patch deployment and system configuration and security controls.
- Knowledge of communication protocols (HTTP, DNS, TCP/UDP) as well as the various techniques utilized by malware within an operating system for persistence and data collection.
- Practical experience with scripting languages (e.g., Python, Perl, Bash, PowerShell).
- Understanding of database systems, application system development and installation/implementation processes.
- Practical experience performing vulnerability scans, risk assessments and security assessments.
- Practical experience in the use of Tenable vulnerability assessment tool is highly desirable.
- Understanding of virtualization technologies (e.g. VMware) and cloud environments (e.g. Azure, AWS)
Benefits
- Health insurance
- Retirement plans
- Flexible work arrangements
- Professional development
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Security Incident Response Orchestration Lead at Bank of America defining automation for security incident workflows with a focus on Splunk SOAR and Tines. Collaborating with security operations and engineering teams to implement scalable solutions.
SOC Analyst II providing tier II cybersecurity support in a Security Operations Center environment. Conducting vulnerability assessments and analyzing cyber threats while training junior staff members.
Security Operations Analyst responsible for monitoring and responding to cybersecurity threats. Ensuring the confidentiality, integrity, and availability of data per compliance standards.
SOC Analyst responsible for cybersecurity incident management at Algosystems in Greece. Monitoring security threats, conducting investigations, and improving SOC services.
Cyber Operations Lead ensuring coordination of cyber operations between the Security Operations Center and internal business units. Enhancing security through effective incident response and threat management initiatives.
Solution Sales Manager enhancing revenue in financial services, focusing on ServiceNow IRM and Tanium solutions. Collaborating with teams and engaging C - level executives in Austria and Switzerland.
Senior Internal SOC Analyst leading security triage and investigations for Darktrace, utilizing AI - driven cybersecurity technology. Collaborating on incident response and mentorship within a hybrid work environment.
Security Operations Intern responsible for security monitoring at Paddy Power Betfair. Involves data loss prevention investigations and content filtering analysis with a commitment to improving security posture.
SOC Analyst L2 responsible for managing and analyzing security incidents in digital transformation. Contributing directly to the protection of companies and infrastructures.