IT Security Specialist
3M
- Taguig City, Metro Manila
- Permanent
- Full-time
- Provide advanced Cyber Incident analysis, handling and response activity
- Work in conjunction with Security Solutions Specialists to provide feedback and requirements on security technologies including Intrusion Detection and Prevention Systems, Firewalls and Log Analysis, SIEM, Network Behavior Analysis Tools, Antivirus, Network Packet Analyzers, Malware analysis, and Forensic tools
- Create and maintain automation scripts for incident data examination
- Work with Security Solutions Specialists to identify points where incident detection or response can be further automatized, or possible scenarios where a use case is giving false positives and a need for fine tuning
- Collaborate on Threat Hunting activities to evaluate and detect potential threat activity
- Provide digital forensic capabilities, relevant artifact identification and collection, and initial analysis
- Author Global Standard Operating Procedures and training documentation as needed
- Assist in training SOC team members
- Create and build runbooks and playbooks for incident response process
- University Degree in MIS, Computer Science/Engineering, or related field from a recognized college or university or equivalent work experience
- 2-3 years of security experience with at least of 5 years total IT background
- IT Security Operations Center environment experience (incident response) with security monitoring experience.
- Fluent in speaking and writing English.
- CISSP, SANS, InfoSec Certifications or other equivalents
- Experience performing Linux and Windows server administration
- Experience working with scripting languages such as Python
- Experience with SIEM administration and content (use cases) development
- Understanding and experience with Agile Framework
- Ability to identify and assess foreseeable internal and external risks to the security, confidentiality, and availability of information and systems using a documented process
- Experience with any of the following tools: Firewall, IPS, Email Security and/or Endpoint Protection
- Experience in Cloud technology platforms: AWS and Azure
- Experience with MSSP environment setup
- Strong problem solving, analytical, technical, and troubleshooting skills.
- Ability to interact with vendors, clients, and internal teams in a professional and articulate way via spoken and written words.
- Experience working in IT at a Global Organization