l2 soc AnalystMaersk Global Service Centres India Private Limited

Job Description
Maersk is a global leader in logistics and container shipping, with a rich history spanning over a century. We are committed to enabling global trade and connecting economies by providing reliable and efficient transportation services. Our extensive network and cutting-edge technologies empower businesses worldwide to thrive and reach new markets. With a focus on sustainability and innovation, we continuously strive to reduce our environmental impact while delivering exceptional customer service.
At Maersk, we pride ourselves on our innovative spirit, customer-centric approach, and unwavering dedication to excellence. Join us in shaping the future of global trade and make a meaningful impact on a truly global scale.
Global Cyber Security Operations Centre - New to Manila
As a Level 2 (L2) Senior Cyber Analyst in the world's largest logistics company, you'll be a key part of the Security Operations team, responsible for 24/7 cyber security monitoring. You'll assist with the delivery of operational security capabilities that enable the detection of and response to security incidents. We utilize state-of-the-art security technologies, advanced processes, and expert teams to ensure the safety of Maersk and its subsidiaries.
As a L2 Senior Cyber Analyst, you'll be the first point of contact for all cyber security issues within the organization. Your expertise will be crucial in executing the operational activities of our Security Operations Centre (SOC) and supporting the broader cyber team in effectively detecting, analyzing, responding to, and recovering from cyber security incidents.
You'll play a vital role within our incident management teams, collaborating with colleagues across the business to identify, contain, and eliminate threats that pose risks to Maersk.
We believe in providing opportunities for growth and development. In addition to supporting L1 cyber analysts during their shifts, we offer avenues for self-development and training, enabling you to progress to higher levels of leadership or technical expertise.
Working with internal and external stakeholders you will rotate around the following services:
Protective Systems Monitoring
Threat & Behavioural Analytics
Threat Hunting
Security Incident Management
Continues Improvement
Specifically your responsibilities will include, but not be limited to:
Execute operational activities within the SOC capabilities, following an agreed shift pattern. This includes protective monitoring, incident handling, and threat hunting.
Monitor security alert feeds to promptly detect, triage, and investigate security events. Classify them as incidents when necessary.
Adhere to defined procedures for escalating and handling security incidents, supporting the wider SOC team in driving timely and effective incident response and resolution.
Analyze data to conduct threat hunting and identify existing threats on the network.
Collaborate with other teams across Security Operations to continuously improve Maersk's capability to detect and respond to incidents.
Act upon feedback from L3 analysts, continuously challenging yourself and striving for growth.
Support, coach, and develop L1 analysts, including quality assessment of tickets and providing constructive feedback.
Strong communication skills, both written and verbal, to effectively engage with technical and non-technical stakeholders.
Proficient in stakeholder management and interpersonal skills, able to interact with individuals at various technical levels.
Capable of delivering rapid and concise summaries of complex situations.
Able to work autonomously or under general direction, demonstrating the ability to perform under pressure.
Skilled in managing conflicting priorities and handling multiple tasks efficiently.
You'll have exceptional critical reasoning and problem-solving abilities.
Technical Skills
Demonstrated hands-on analytical skills for examining log data and responding to common cyber incidents.
Familiarity with cybersecurity standards and frameworks such as ISO27001, NIST, CIS, OWASP, and SANS.
Desirable qualifications in IT Security, such as CISSP, CEH, GSEC, GCIH, GCIA, GMON. Training can be provided if necessary.
Strong understanding of managing and responding to security incidents within a specialized incident response team.
Extensive knowledge and understanding of Protective Monitoring, Vulnerability Monitoring, Threat Intelligence, and Threat Hunting.
Proficient in security technologies and processes.
Good awareness of current exploit techniques, vulnerability disclosures, security analysis techniques, and understanding of their potential impact if left unaddressed.
Experience you'll bring:
You'll have at least 2+ years of experience in Cyber Security Operations. This hands-on experience will be invaluable in your role.
It's important to have practical experience in Cyber Incident Response. Your ability to effectively respond to incidents will be highly valued.
If you've had the opportunity to work in a Security Operations Centre or a similar environment, that's a big plus! Your previous experience in such settings will be highly valuable as you join our team.
Having experience in protective monitoring across various technologies and tools is essential. Your expertise in this area will help us maintain a secure environment and safeguard against potential threats.
We value individuals who have a good understanding or practical experience with vulnerability and threat management. Your knowledge in this area will contribute to our proactive security measures.
If you have worked with or have hands-on experience in developing security devices like SIEM and firewalls, it's a great advantage. Your familiarity with these technologies will contribute to our overall security posture.
We understand that working in fast-paced, high-pressure environments can be demanding. If you have previous experience in such settings, it will serve as a strong foundation for success in our dynamic team.