SOC Analyst
Remote-Philippines
Ciena
Ciena is a global leader in optical and routing systems, services, and automation software.Ciena is committed to our people-first philosophy. Our teams enjoy a culture focused on prioritizing a personalized and flexible work environment that empowers an individual’s passions, growth, wellbeing and belonging. We’re a technology company that leads with our humanity—driving our business priorities alongside meaningful social, community, and societal impact.
Not ready to apply? Join our Talent Community to get relevant job alerts straight to your inbox.
The Security Organization
The Security team at Ciena is a tightly knit group of skilled professionals who share the same passion for defending against cyber criminals. With the increase in volume and sophistication of cyber-crime, we are growing and have tons of exciting work planned.
Your Role
In this role, the Senior NOC Analyst will respond to and actively monitor for security events. The analyst will perform tasks including monitoring, research, classification, and analysis of security events that occur on the network or endpoint. This may require working extra hours on an as needed basis.
You will be expected to detect and respond to information security incidents, develop, maintain, and follow procedures for security event alerting, and participate in security investigations. You need to have hands-on experience with email, endpoint, network threat detection, remediation, and threat hunting.
You should have familiarity with the principles of network and endpoint security, current threat and attack trends, a basic understanding of the OSI model, and have a working knowledge of defense in depth strategies.
You will be responsible for various activities within the security incident response lifecycle including detection, analysis, containment, eradication, recovery, and incident post-mortem reviews. You will be expected to thoroughly document their investigations and response actions within the SIEM and ticketing platform.
You will assist with development of new security alerts and tuning existing alerts for improving detection accuracy. will also be responsible for performing proactive threat hunting, vulnerability, and threat intelligence research as well as reviewing threat intelligence reports from our security partners.
Operations:
- Monitor SIEM, EDR, and other security tools for detection and identification of security events
- Document security investigations in a clear and consistent manner
- Develop new use cases for security alerts
- Tune existing use cases to improve accuracy
- Tune endpoint and network security tools as needed
- Perform threat hunting to identify potential security threats
- Perform vulnerability and threat intelligence research
- Review threat intelligence reports
- Ability to work after hours if needed
Security Event Response:
- Perform security anomaly and event detection
- Investigate, contain, and resolve security anomalies and events
- Perform threat attribution
- Identification of likely threat vector for security events and incidents
Minimum Qualifications:
- Ability to read, write, speak and understand the English language to communicate with employees, customers, suppliers, in person, on the phone, and by written communications in a clear, straightforward, and professional manner
- Experience working with multiple SIEM, EDR, Log Aggregators, and Incident Response Management solutions
- Strong technical knowledge of Networking, Operating Systems, and enterprise integrations
- Firm understanding of the security incident lifecycle
- Thorough understanding of TCP/IP
- Understand IDS / IPS rules to identify and/or prevent malicious activity
- Basic knowledge of forensic methodologies and best practices to investigate intrusions, preserve evidence and coordinate a unified security response
- Ability to proactively perform threat hunting to identify undetected security events
- Basic knowledge of malware analysis
- Basic understanding of SQL
- Understanding of Packet Analysis (PCAP) and Packet Analysist software
Preferred Qualifications:
- Bachelor’s degree in Cybersecurity, Computer Engineering, Information Technology, or related field.
- Candidate will possess ability to be a successful self-starter
- Understanding of Advanced Persistent Threats
- Experience with Python, PowerShell, and API programming is a plus
- Understanding of the VERIS and MITRE ATT&CK frameworks is a plus
#LI-SM
Not ready to apply? Join our Talent Community to get relevant job alerts straight to your inbox.At Ciena, we are committed to building and fostering an environment in which our employees feel respected, valued, and heard. Ciena values the diversity of its workforce and respects its employees as individuals. We do not tolerate any form of discrimination.Ciena is an Equal Opportunity Employer, including disability and protected veteran status.If contacted in relation to a job opportunity, please advise Ciena of any accommodation measures you may require.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: APIs EDR Endpoint security IDS Incident response IPS Malware MITRE ATT&CK Monitoring Network security PCAP PowerShell Python SIEM SOC SQL TCP/IP Threat detection Threat intelligence
Perks/benefits: Flex hours Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Product Security Engineer jobs
- Open Cloud Security Architect jobs
- Open Security Operations Engineer jobs
- Open Information Security Specialist jobs
- Open Information Security Officer jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Senior Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Security Consultant jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information System Security Officer jobs
- Open Senior Information Security Engineer jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open Threat intelligence-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs
- Open Security Clearance-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open Security assessment-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Java-related jobs
- Open DevSecOps-related jobs