WTW

ICS Junior SOC Analyst *

PayCompetitive
LocationTaguig/National Capital
Employment typeFull-Time

This job is now closed

Apply to similar jobs

  • Job Description

      Req#: 202202387

      The Role

      Principal Duties/Responsibilities

      • MPORTANT: This role is a shift-based role, that requires working as part of a 24/7 365 Security Operations Centre. You will be required to work shifts.
      • Primary point of inception for triage and investigation of alerts and incident reported/detected within the SOC.
      • Ensure timely response to any cyber incident to minimise risk exposure and production down time.
      • Safely acquire and preserve the integrity of cyber security data required for incident analysis to help determine the technical/operational impact, root cause(s), scope and nature of the incident.
      • Detecting emerging threats based upon analysis, data feeds and sources (internal & external intelligence sources).
      • Creating tickets within a Case management tool, for other IT functions to action resolution activities.
      • Analyse and correlate alert and log data to assist the triage and incident investigation process
      • Assist the Seniors and Principals in maintaining SOC process documentation
      • Provide regular updates and checks and status on the information recorded in relation to an incident.

      Communications and Relationships

      Internal:

      • With the CISO, IT Security Directors and security team; Information Security Programme Manager and project managers, Risk & Compliance, Legal, Audit, IT, Procurement and other support functions as well as operational management and client-facing teams.

      External:

      • Customers and suppliers


      Competencies

      • Expertise in Information Security
      • Organizational Agility
      • Customer Focus / Relationship Management
      • Integrity and Trust
      • Personal Learning
      • Result Focus / Energy & Drive

      Qualifications

      The Requirements

      Qualifications:

      • Hold and maintain appropriate Information Security professional qualifications, such as CompTia Security +, GIAC GSEC (SANS 408), CEH or industry recognized equivalent.
      • The successful applicant will be able to demonstrate a commitment to personal development in the Cyber Security industry, and a genuine show of interest in Incident Response methodologies including both attack and defence capabilities.

      Skills:

      • Solid understanding of SIEM technologies.
      • Scripting and programming skills with proficiency in one or more of the following; PowerShell, Pearl, Python
      • A solid understanding of networking technologies, enterprise wide technologies including database, operating system, web application, middleware, etc
      • Experience with security assessment tools, including Wireshark, Sysinternal tools.
      • Proven ability to work in global collaborative group environment
      • Experience working with a high degree of autonomy, managing own workload and delivering to tight timescales
      • Strong communication skills, both oral and written.
      • Team player with good interpersonal skills.
      • Organised and methodical.
      • Willing to challenge and desire to learn
      • Ability to communicate technical concepts to nontechnical disciplines
      • Proven experience working with a Security Incident and Event Management solution as an analyst
      • Calm, organised and methodical
      • Excellent analytical problem-solving skills
      • Commercial awareness
      • Agile and responsive approach to meeting business, security and technology objectives and delivering continuous improvement

      Knowledge/Experience:
      Essential

      • Comprehensive understanding of security threats, risks and countermeasures and ability to apply in a practical context at all stages of the kill chain
      • SIEM investigations
      • Hands-on operational security experience including use of Excel, SQL, DBMS, and open-source tools, as well as shell scripting and programming languages to validate data sets produced in response to security incidents
      • Technical understanding of the concepts behind Behavioural Analytics.
      • In-depth understanding of currently supported versions of Microsoft Windows Server and Active Directory, as well as products such as SCCM and SCOM
      • Thorough understanding of technical security countermeasures and awareness of external and internal threat landscape
      • Knowledge of security standards, frameworks, regulation and legislation
      • At least 2-3 years’ experience working as part of a mature Cyber Defence Centre / Security Operation Centre function in a large enterprise

      Beneficial

      • An understanding of Firewalls, Proxies, WAF and Endpoint security controls


      Equal Opportunity Employer

  • About the company

      Willis Towers Watson Public Limited Company is an Anglo-American, Irish domiciled global multinational risk management, insurance brokerage and advisory company.

Notice

Talentify is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.

Talentify provides reasonable accommodations to qualified applicants with disabilities, including disabled veterans. Request assistance at accessibility@talentify.io or 407-000-0000.

Federal law requires every new hire to complete Form I-9 and present proof of identity and U.S. work eligibility.

An Automated Employment Decision Tool (AEDT) will score your job-related skills and responses. Bias-audit & data-use details: www.talentify.io/bias-audit-report. NYC applicants may request an alternative process or accommodation at aedt@talentify.io or 407-000-0000.

Other job opportunities

remote part time soc analyst
remote soc analyst
remote soc analyst jobs
soc analyst jobs remote
soc analyst night shift remote
More information about WTW