l3 senior soc AnalystA.P. Moller - Maersk

Job Description
Opportunity
Maersk, a renowned logistics and container shipping company, has been at the forefront of the industry for over a century. Our mission is to facilitate global trade and foster economic connections by offering reliable and efficient transportation services. Leveraging our extensive network and state-of-the-art technologies, we empower businesses worldwide to flourish and access new markets. Sustainability and innovation are core to our values, as we continuously strive to minimize our environmental footprint while delivering outstanding customer service.
At Maersk, we take pride in our culture of innovation, putting customers at the center of everything we do, and maintaining an unwavering commitment to excellence. By joining our team, you can be part of shaping the future of global trade and make a meaningful impact on a truly global scale.
Global Cyber Security Operations Centre - New to Manila
The Role:
As a Level 3 (L3) Senior Cyber Analyst position at Maersk, (the world's largest logistics company), you'll play a vital role in ensuring round-the-clock cyber security monitoring. We utilize cutting-edge security technologies, processes, and teams of experts to safeguard our systems.
As an L3 Senior Cyber Analyst, you will be the primary point of contact for all cyber security concerns across Maersk and its subsidiaries. You'll handle the execution of cyber operational activities within our Security Operations Centre (SOC), enabling effective detection, analysis, response, and recovery from cyber security incidents. Your contributions will support the broader cyber team in maintaining a secure environment.
Your role also extends to collaborating with business incident management teams to collectively identify, contain, and eliminate threats that may affect Maersk. Together, we work towards securing our organization from potential risks.
In addition to supporting L1 and L2 cyber analysts during shifts, this role provides ample opportunities for your own professional growth and self-development. You'll have access to training programs that can elevate your skills and prepare you for leadership or technical advancement. At Maersk, we value your growth and are committed to nurturing your potential.
Working with internal and external stakeholders you will rotate around the following services:
Protective Monitoring
Threat & Behavioural Analytics
Investigative Analysis
Threat Hunting
Incident Response
Incident Management
Continuous Improvement
Project engagement
Specifically your responsibilities, will include but not be limited to:
Demonstrating technical proficiency and hands-on experience with a wide range of Cyber Security toolsets.
Conducting key incident management activities, including creating comprehensive incident timelines and providing support during response efforts.
Formulating hypotheses for threat hunting initiatives and utilizing appropriate tooling to conduct thorough investigations.
Collaborating within a team environment to develop, plan, and coordinate various aspects of the Incident Response Team, such as creating Incident Response Playbooks.
Assisting in the development of security tools, including the creation of new playbooks for the SOAR tool.
Generating requirements for fine-tuning SIEM rules to enhance detection capabilities.
Mentoring and serving as an escalation point for junior analysts, providing guidance and support.
Contributing directly to the Cyber Security Incident Response Team (CSIRT) process.
Cooperating with the Cyber Security team and other departments to effectively respond to CSIRT and emergency preparedness procedures.
Assisting in building and maintaining key relationships with Maersk Forensics, Security Operations Governance, Cyber Defence Engineering, Risk and Compliance, IT, and other critical business units.
Participating in the development, execution, and evaluation of Cyber Incident Response exercises.
Cultivating strong working relationships with key vendor partners.
Supporting SOC Managers and Leaders with ad-hoc requirements such as generating reports and conducting Root Cause Analysis.
Sharing knowledge, facilitating development, and coaching L1 and L2 analysts.
Delivering exceptional quality in Incident Response and Tickets while also reviewing and addressing the quality of L1 and L2 tickets through coaching and team member development.
The ability to handle multiple tasks and conflicting priorities effectively in a fast-paced and high-pressure setting.
Strong written and verbal communication skills that can be understood by both technical and non-technical individuals.
Stakeholder management and people skills, with the ability to interact effectively with both technical and non-technical personnel.
The ability to thrive in a collaborative work environment, where teamwork and cooperation are valued.
Exceptional critical reasoning and problem-solving skills, persisting until a solution is reached.
The capacity to deliver quick and concise summaries of complex situations.
As an expert in Incident Response, you should be able to demonstrate hands-on experience in malware analysis, log data analysis, and various techniques employed by adversaries.
It's important to have a broad understanding, but sufficient knowledge, of Threat Intelligence, Vulnerability Management, Data Privacy, Cloud, Identity, Compliance, Risk, Process, and Technologies.
Having a good grasp of cybersecurity standards and frameworks such as ISO27001, NIST, CIS, OWASP, and SANS is valuable.
Qualifications in IT Security, such as SANS Blue Team, CISSP, GCIH, GCIA, GMON, are desirable, but don't worry if you don't have them. We are open to providing training as needed.
You should possess in-depth knowledge and understanding of how to handle and respond to security incidents as part of a specialized incident response team.
A strong working knowledge and thorough understanding of Protective Monitoring, Vulnerability Monitoring, Threat Intelligence, and Threat Hunting is necessary.
It's important to have knowledge and understanding of a wide range of security technologies and processes.
Staying up to date with current exploit techniques, vulnerability disclosures, data breach incidents, and security analysis techniques is essential. Understanding the potential impact of these on our security posture is crucial.
At least 5+ years of experience in Cyber Security Operations.
It's important to have considerable experience in handling Incidents.
You should have experience working within a large-scale enterprise network.
If you've worked at a senior level in a Security Operations Centre or similar environments, that's a definite advantage.
We highly value exceptional understanding and experience in Threat Intelligence, vulnerability, and threat management.
Thriving in fast-paced, high-pressure environments is key to succeeding in this role.