SOC Analyst

As part of our continued cybersecurity expertise expansion, we are on the lookout for a SOC Analyst (IC1-G2), to join our Security Operations team located in Manila, Philippines. This role will join, support, and help drive the current SOC team, based in Europe, Canada and India, all under the direction of the Chief Security Officer.

The successful individual will take a key role in the development of our security capabilities including internal procedures, developments of our security toolsets used in capturing, analyzing, and responding to security threats and the continued growth and development of our SOC team. The primary objective will be to reduce operating risk for customers and improve our responses to security threats.

• Incident response activities, security incident investigations, and working with asset owners, stakeholders, other teams, and relevant teams to develop remediation plans.
• Investigating, documenting, and reporting on external information security threats and emerging trends.
• Overseeing of vulnerability and risk analysis for customer IT systems, enterprise applications and cloud infrastructure.
• Building automated alerting and remediation workflows for security issues.
• Development of operating procedures for teams to integrate into their daily workflows to deliver secure enterprise applications and & infrastructure at scale.
• Consulting on technical design & engineering processes for system architectures to ensure that security is a design consideration and not a feature.
• Recommending information assurance and security solutions to support product development and customer requirements.
• Driving the ongoing improvement of security processes and procedures.

Our Company

Continent 8 has powered a second digital revolution – a revolution defined by intense, instantaneous, and omnipresent computing power. We have built and secured the world’s most reliable and secure edge network. Our global footprint spans every inhabited continent, and our edge network is local to over 92% of the world’s population.

We regularly fend off some of the most sophisticated attacks in the world and our security solutions are known to provide unmatched protection. We have developed specialized expertise in regulatory environments. We help protect against cyber and political risk, ensuring that our world class network delivers high availability and throughput.

Our secure edge network is globally distributed and serves the world’s most demanding industries. The gaming and financial trading industries depend on us to process billions of dollars’ worth of transactions each day. The transportation and autonomous vehicle industries depend on us to move the world’s population. The energy and utility industries depend on us to power critical infrastructure. Organizations choose Continent 8 when they simply can’t afford to lose connectivity.

We are the Edge Infrastructure-as-a-Service provider of choice for the world’s most demanding customers.

• 3.5 + years in a Security Operations role with comprehensive experience in investigations and incident response.
• Experience working within a Security Operations Centre.
• Knowledge in using and configuring the Elastic stack (Elastic Search, Logstash, Kibana) to drive SOC operations (or equivalent SOC tech stack)
• One or more of the following certifications are highly desired: CompTIA Security+, PentTest+, EC-Council (CEH, ECIH, CHFI, CND), Cisco CyberOps, GIAC (GCED, GCIA, GCIH), ISC2 (CISSP, CSSP) or similar security certifications.
• Detailed understanding of threats, vulnerabilities, exploits, defences, security principles and policies.
• Knowledge of techniques attackers use to identify vulnerabilities, gain unauthorised access, escalate privileges and access restricted information.
• Experience analyzing event and system logs, performing packet and forensic analysis in support of intrusion analysis or enterprise-level information security operations.
• Knowledge of security practices and essential security technologies (AV, EDR, FIM, HIPS, NIPS, SIEM, WAF/DAM, DLP, IDS/IPS).
• Knowledge of information security protection/detection and authentication systems (firewalls, IDS, IPS, anti-virus, AD, AAD, RADIUS etc.).
• Knowledge of Unix, Linux and Windows administration, patch deployment and system configuration and security controls.
• Knowledge of communication protocols (HTTP, DNS, TCP/UDP) as well as the various techniques utilized by malware within an operating system for persistence and data collection.
• Practical experience with scripting languages (e.g., Python, Perl, Bash, PowerShell).
• Understanding of database systems, application system development and installation/implementation processes.
• Practical experience performing vulnerability scans, risk assessments and security assessments.
• Practical experience in the use of Tenable vulnerability assessment tool is highly desirable.
• Understanding of virtualization technologies (e.g. VMware) and cloud environments (e.g. Azure, AWS)
• Strong foundation in security domains such as web security, cloud services security, identity/access management, web application firewalls, intrusion detection, and static/dynamic application security testing.
• Experience in designing, implementing, and managing solutions to complex security and infrastructure environments.

Attributes:

• Able to effectively communicate complex technical concepts such as security vulnerabilities to people who may have little to no experience with security.
• Must have the ability to work independently at a very large scale, enterprise setting and collaborate with multiple team members.
• Detail-oriented and well-organized.
• Proactive and able to multitask effectively.
• Approachable with strong interpersonal skills.
• Adaptable and willing to learn in a rapidly changing environment.