Position: SOC Analyst
Location: Cebu IT Park, Cebu City
Job Type: Full-time (Onsite/Office)
Overview
We are seeking a skilled and driven SOC Analyst to join our growing Security Operations Center. This role is critical in detecting, investigating, and responding to cyber threats affecting both internal and managed customer environments. You will work as part of a 24x7 SOC team tasked with maintaining our organization's cybersecurity resilience.
Key Responsibilities
- Monitor SIEM, SOAR, EDR, and other cybersecurity tools to identify and analyze security events.
- Proactively detect anomalies and suspicious behaviors across infrastructure and endpoints.
- Correlate data from diverse sources to uncover advanced threats.
- Investigate and respond to security events, including triage, containment, and recovery.
- Perform root cause analysis, threat attribution, and vector identification.
- Document incidents in accordance with standardized procedures and escalation protocols.
- Conduct proactive threat hunting to detect undetected threats and APT behaviors.
- Perform research on emerging threats, vulnerabilities, and TTPs (tactics, techniques, and procedures).
- Analyze threat intelligence feeds and reports to inform SOC operations.
- Develop and fine-tune detection use cases to enhance SOC effectiveness.
- Tune and maintain endpoint and network security controls.
- Work closely with SOC Engineers to enhance tool performance and coverage.
Required Qualifications
- Bachelor’s degree in Computer Engineering, Electronics Engineering, Information Technology, or a related discipline.
- Solid understanding of TCP/IP networking and common enterprise protocols.
- Moderate-level experience with SIEM, SOAR, EDR, and IR tools.
- Familiarity with IDS/IPS technologies and rule analysis.
- Working knowledge of current cyber threats including APTs, malware, and cybercrime tactics.
- Strong foundational knowledge in Operating Systems (Windows, Linux), and endpoint security controls.
- Familiarity with forensic investigation concepts and incident response methodologies.
- Comfortable working in a 24x7 operational environment (shift-based and on-call as required).
Preferred Qualifications
- Industry certifications such as CompTIA Security+, CySA+, BTL1, CEH, or equivalent.
- Basic scripting and automation using Python, PowerShell, SQL, or APIs.
- Experience in using MITRE ATT&CK for threat classification and incident analysis.
- Understanding of packet capture (PCAP) and network forensics tools.
- Experience in regulated environments (PCI-DSS, HIPAA, ISO 27001) is an advantage.
- Experience working in an MSSP or MDR environment is a strong plus.
Job Types: Full-time, Permanent
Pay: From Php20,000.00 per month
Application Question(s):
- What is your expected salary?
Education:
- Bachelor's (Required)
Work Location: In person
Report job
