Security Threat Analyst
Taguig, Philippines
Metrobank
Metrobank gives meaning to your financial journey with these broad range of products and services. Start your journey to meaningful banking now.Job Summary:
Entry level position in the SOC team. Triage specialist whose responsibility is to review real-time event data, monitor alert queue on a rotating 24 x 7 x 365 basis, and to determine relevance and urgency of the threat alerts. Perform initial analysis and response to incidents. Monitors health of security sensors and endpoints, keeping abreast of intelligence from IT security community and other industry sources. Conducts asset discovery and vulnerability scanning; track and monitor remediation efforts including report preparations.
Specific Duties & Responsibilities:
- Continuously monitor security events from various SOC log sources, and analyze threat alerts to determine relevance and urgency (triaging).
- Monitors health of security sensors and endpoints
- Perform system/network inventory and validation, log collection, investigate threat alerts to reach the root cause and respond to incidents/threat alerts.
- Prepare alert tickets, collects alert information, follow incident playbooks and provide the context of an incident to L2 analyst for further investigation and resolution.
- Runs vulnerability scans and reviews vulnerability assessment reports.
- Manages security monitoring tools, enroll log sources and provides input on tuning and optimizing security systems.
- Develops and implement security event and threat detection logic (Use Cases)
- Provide input to constantly improve SOC security process, policies, procedures and incident response playbooks.
- Staying up-to-date with emerging security threats and vulnerabilities including applicable regulatory security requirements.
- Other tasks that may be assigned
Job Summary:
Entry level position in the SOC team. Triage specialist whose responsibility is to review real-time event data, monitor alert queue on a rotating 24 x 7 x 365 basis, and to determine relevance and urgency of the threat alerts. Perform initial analysis and response to incidents. Monitors health of security sensors and endpoints, keeping abreast of intelligence from IT security community and other industry sources. Conducts asset discovery and vulnerability scanning; track and monitor remediation efforts including report preparations.
Specific Duties & Responsibilities:
- Continuously monitor security events from various SOC log sources, and analyze threat alerts to determine relevance and urgency (triaging).
- Monitors health of security sensors and endpoints
- Perform system/network inventory and validation, log collection, investigate threat alerts to reach the root cause and respond to incidents/threat alerts.
- Prepare alert tickets, collects alert information, follow incident playbooks and provide the context of an incident to L2 analyst for further investigation and resolution.
- Runs vulnerability scans and reviews vulnerability assessment reports.
- Manages security monitoring tools, enroll log sources and provides input on tuning and optimizing security systems.
- Develops and implement security event and threat detection logic (Use Cases)
- Provide input to constantly improve SOC security process, policies, procedures and incident response playbooks.
- Staying up-to-date with emerging security threats and vulnerabilities including applicable regulatory security requirements.
- Other tasks that may be assigned
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Incident response Monitoring SOC Threat detection Vulnerabilities Vulnerability scans
Perks/benefits: Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Cloud Security Architect jobs
- Open Product Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Senior Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Chief Information Security Officer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open IT Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Manager Pentest H/F jobs
- Open Security Operations Analyst jobs
- Open Security Consultant jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Network Security Engineer jobs
- Open Information Security Architect jobs
- Open C-related jobs
- Open CISM-related jobs
- Open Risk assessment-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open ISO 27001-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Analytics-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open DoD-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open DevOps-related jobs
- Open APIs-related jobs
- Open Splunk-related jobs
- Open IDS-related jobs
- Open IPS-related jobs
- Open Kubernetes-related jobs