Security analyst - philippinesDigital Maelstrom

This is a remote position.
Position Overview
This position is within the cybersecurity organization at Digital Maelstrom. Candidates will work closely with other engineers, principal consultants, and various client contacts such as stakeholders, architects, business analysts, client IT personnel, and management.
Duties
Demonstrated ability to work independently, as part of a team of peers, and to support and contribute to a multidisciplinary team environment charged to secure client organizations from threats and vulnerabilities as part of a broader information security program.
Must possess strong interpersonal and English communications skills; capable of writing purchase justifications, training users/team members in complex topics, making/giving presentations.
Must be an individual of high integrity and be a model of unwavering integrity to others.
Commitment to fostering a diverse working environment.
Analyze and troubleshoot complex problems and provide technical and software solutions using a diverse mix of cutting-edge technologies.
Ability to work effectively with customers to solve business challenges while balancing the need for confidentiality, integrity, and availability.
Demonstrated ability to resolve issues in a variety of complex situations which require complex judgments and solutions based on sophisticated analytical thought. * Demonstrated ability to solve complex problems, convey both oral and written English instruction, and handle multiple task interruptions while providing services in a professional and courteous manner.
Proven ability to work with diverse audiences and translate technical information into non-technical information.
Strong understanding of security technologies and strategies, including but not limited to firewall, IDS, policy management, security processes/best-practice, logging/monitoring, antivirus, vulnerability assessment, patch management, and incident response.
Solid knowledge of common and emerging attack vectors, penetration methods and countermeasures.
Knowledge of conflict resolution and incident escalation.
Perform research, present analysis, and provide recommendations about systems, vulnerabilities, security controls, and recommend improvements which are consistent with business goals.
Break down complex requirements into clear, actionable tasks which can be estimated and completed.
Assist in the development, documentation, design, implementation, and testing of security controls for clients in conjunction with senior engineers
Review, triage, support, and escalate various kinds of IT related incident, support, and information request tickets
Gather, compile, and synthesize information in regard to technology, threats, vulnerabilities, threat models, processes, hardware, software, and people.
Be capable of automating tasks using programming languages with well-documented, readable, and maintainable code
Write policy, procedure, standards, guideline, and other technical documentation and about the proper implementation of sound security program elements
Review logs and other security event data for signs of cyber threats, vulnerabilities, or attacks and escalate to senior engineers
Test complicated and detailed aspects of a security posture or configuration, identify deficiencies, and recommend remediation actions
Be capable of continually improving one's own skill set relevant to business and technical missions with minimal oversight. Must take initiative, negotiate with project management, and execute successfully on plans.
Able to participate in agile team practices; reflect honestly on own performance, participate in shared team accountability, recommend changes for team improvement
Must be able to handle sensitive information with appropriate discretion according to company policies
Write manual and automated tests as part of a normal security practice.
Other duties as assigned.
Position Schedule
Monday - Friday, 8am to 5pm Eastern
Requirements
Required Qualifications
Candidate must be physically located within the Philippines and legally authorized to work. Position is contract remote work to US-based clients and companies.
Experience with Windows, Linux, macOS
Experience with Command-line programs, Shell and Shell scripting
Understanding of networking fundamentals, protocols & application behaviors as related to security matters
Experience with secure configuration, implementation of systems
A solid understanding of best practices and techniques in attacking or defending information systems
Self-motivated
Preferred Qualifications
Have experience with network and web application penetration testing and related tools (OSCP preferred), OR
Have experience with detection and SIEM tools and techniques (Sigma, Elastic Security, Microsoft Defender, etc)
Have familiarity with software development processes and experience securing custom software
Cloud experience (any of AWS, Azure, Google Cloud)
Education
Bachelor's Degree in Computer Science, Information Systems or related field; or certification in relevant programs (CISSP, CSSLP, OSCP, GPEN, GIAC, Security+, or others); or equivalent work experience
Benefits
No benefits. This position is 1099 Contractor only. Subcontracting is strictly forbidden.
Digital Maelstrom

Manila City, Metro Manila
Permanent
Full-time