SOC Analyst (Cybersecurity)
Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
TL;DR
SOC Analyst (Cybersecurity): Monitoring and triaging security alerts within a 24/7 operations center with an accent on log analysis and incident escalation. Focus on identifying suspicious behavior using SIEM tools, analyzing diverse telemetry, and applying the MITRE ATT&CK framework to mitigate threats.
Location: Bonifacio Global City, Taguig City, Philippines. Ability to commute or relocate as required.
Company
provides an end-to-end cyber resilience platform blending AI-powered capabilities to help businesses manage, secure, and recover.
What you will do
- Monitor and triage security alerts using Adlumin SIEM and other SOC tools.
- Analyze logs from network, IAM, endpoints, and cloud activity to identify suspicious behavior.
- Conduct initial investigations of security events to assess impact and determine escalation needs.
- Escalate validated incidents to Tier 2 following established SOPs and playbooks.
- Document investigation findings and maintain detailed case notes for reporting.
- Collaborate with the team to support 24/7 SOC operations and improve threat detection.
Requirements
- 2-3 years of experience as a Security Operations Analyst in a SOC environment.
- Proficiency in log telemetry analysis across Windows, Linux, network, email, EDR, and cloud environments.
- Knowledge of the MITRE ATT&CK framework and living-off-the-land techniques.
- Cybersecurity-related degree or certifications (e.g., CompTIA Sec+ or DoD 8570/8140).
- Ability to commute or relocate to the job location in the Philippines.
Culture & Benefits
- Medical and dental insurance.
- Generous PTO and observed holidays.
- Employee Stock Purchase Program and company-contribution pension.
- Monthly allowances for onsite pantry and internet.
- Custom learning experiences through N-ablite Learning.
- Two paid volunteer days per year.
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →