IT - Security Operations Center (SOC) Engineer Lead

About Security Bank

We are the Philippines’ largest independent bank, having won countless awards over the years including the most prestigious industry award in both 2015 and 2016—the Bank of the Year – Philippines by The Banker.

We’re changing how people bank. From the moment customers enter our branches to their experience online, we make them feel valued and empowered.

Now, with more than 300 branches spanning the country, BetterBanking has become the gold standard in improving the banking lives of millions of Filipinos. But we’re far from done.

In our constant pursuit of excellence and improvement, we create teams that support our business and each other.

The Role

As an IT - Security Operations Center (SOC) Engineer Lead, you will be responsible for coordinating with all stakeholders on matters related to cybersecurity. You will be responsible for monitoring Managed Security Service Provider and Technical Account Manager to ensure SLAs are met. You will work together with IT Forensic Officer on cybersecurity incidents related.

How you'll contribute

• Develops and implements cybersecurity implementing guidelines and standards.
• Assists the ITSecOps Head in the monitoring of implemented controls, tools, and programs to ensure compliance with the Cyber Security Framework.
• Collaborates with the Incident Response Team and Remediating Team on escalations and investigations.
• Enforces the implementation of playbook and SOC processes.
• Point of contact (POC) of Managed Security Services – SOC Technical Account Manager (MSS – SOC TAM).
• Reviews reports submitted by MSS – SOC TAM
• Supports and assists MSS – SOC TAM to ensure accuracy of information received.
• Monitors and reviews Managed Security Services Provider and MSS SOC TAM deliverables to ensure that they are complying with their agreed SLA.
• Conducts study, researches, and explores new cybersecurity threats, trends, and technologies
• Identifies problematic areas, recommends, and implements strategic solutions
• Ensures all security logs sources are sending security logs in SOC platform based on best practices
• Supports the development of security processes and procedures by validating report findings to reduce false positives, use of tools to automate the review process, and recommending technology upgrade opportunities for the unit and/or division.

What we’re looking for:

• Bachelor's Degree in Business Management or related majors
• Preferably with certifications in any of the following: First Responder: Threat Detection and Response, Security+, CISSP, GIAC
• At least 5 years of experience in Cyber Security Alerts, Events, and Incidents Management
• A high degree of organizational & analytical skills.
• Flexible and capable of taking on multiple tasks and meeting tight deadlines
• Self-motivated and result-oriented, driving projects to meet the designated schedule
• Excellent interpersonal communication & presentation skills.
• Proficient in both oral & written communication.
• In-depth experience in performing security investigations across different platforms including OS, networks, cloud, messaging, etc.
• High-level knowledge of cybersecurity attack and defense techniques.
• Experience working with cloud cybersecurity tools
• In-depth experience working with various security tools including SIEM, EDR, AV, forensics, firewalls, cloud, etc.
• Experience coordinating with multidisciplinary groups and stakeholders when managing or investigating security incidents

#LI-MY1

#LI-Hybrid