senior monitor and analysis AnalystCiena

Since 1992, Ciena has been driven by a relentless pursuit of network innovation. We believe in a network that grows smarter, more agile, and more responsive every day. This means that when you digitally interact in your world - picking up the phone, streaming video, texting a friend or loved one - your interactions are being enabled by Ciena technologies. Ciena makes your social / entertainment / business existence REAL.
No candidate will meet every single desired qualification. If your experience looks a little different from what we've identified below and you think you can bring value to the role, we'd love to learn more about you!
The Security Organization
The Security team at Ciena is a tightly knit group of skilled professionals who share the same passion for defending against cyber criminals. With the increase in volume and sophistication of cyber-crime, we are growing and have tons of exciting work planned.
Your Role
In this role, the Monitoring & Analysis (M&A) analyst will respond to and actively monitor for security events. The analyst will perform tasks including monitoring, research, classification, and analysis of security events that occur on the network or endpoint. This may require working extra hours on an as needed basis.
The M&A Analyst will be expected to detect and respond to information security incidents, develop, maintain, and follow procedures for security event alerting, and participate in security investigations. He/she needs to have hands-on experience with email, endpoint, network threat detection, remediation, and threat hunting.
The M&A Analyst should have familiarity with the principles of network and endpoint security, current threat and attack trends, a basic understanding of the OSI model, and have a working knowledge of defense in depth strategies.
The M&A Analyst will be responsible for various activities within the security incident response lifecycle including detection, analysis, containment, eradication, recovery, and incident post-mortem reviews. The M&A analyst will be expected to thoroughly document their investigations and response actions within the SIEM and ticketing platform.
The M&A Analyst will assist with development of new security alerts and tuning existing alerts for improving detection accuracy. The M&A Analyst will also be responsible for performing proactive threat hunting, vulnerability, and threat intelligence research as well as reviewing threat intelligence reports from our security partners.
Operations:
Monitor SIEM, EDR, and other security tools for detection and identification of security events
Document security investigations in a clear and consistent manner
Develop new use cases for security alerts
Tune existing use cases to improve accuracy
Tune endpoint and network security tools as needed
Perform threat hunting to identify potential security threats
Perform vulnerability and threat intelligence research
Review threat intelligence reports
Ability to work after hours if needed
Security Event Response:
Perform security anomaly and event detection
Investigate, contain, and resolve security anomalies and events
Perform threat attribution
Identification of likely threat vector for security events and incidents
Minimum Qualifications:
Ability to read, write, speak and understand the English language to communicate with employees, customers, suppliers, in person, on the phone, and by written communications in a clear, straightforward, and professional manner
Experience working with multiple SIEM, EDR, Log Aggregators, and Incident Response Management solutions
Strong technical knowledge of Networking, Operating Systems, and enterprise integrations
Firm understanding of the security incident lifecycle
Thorough understanding of TCP/IP
Understand IDS / IPS rules to identify and/or prevent malicious activity
Basic knowledge of forensic methodologies and best practices to investigate intrusions, preserve evidence and coordinate a unified security response
Ability to proactively perform threat hunting to identify undetected security events
Basic knowledge of malware analysis
Basic understanding of SQL
Understanding of Packet Analysis (PCAP) and Packet Analysist software
Preferred Qualifications:
Bachelor's degree in Cybersecurity, Computer Engineering, Information Technology, or related field.
Candidate will possess ability to be a successful self-starter
Understanding of Advanced Persistent Threats
Experience with Python, PowerShell, and API programming is a plus
Understanding of the VERIS and MITRE ATT&CK frameworks is a plus
Being You @ Ciena
As part of our commitment to diversity and inclusion, we want to foster an environment that values and respects all individual's strengths, perspectives, ideas, and ability to meet the needs of our customers globally. Ciena values the diversity of its workforce and respects its employees as individuals, regardless of race, ethnicity, religion, gender, age, national origin, disability, sexual orientation, veteran or marital status or any other category protected by applicable law. We do not tolerate any form of discrimination. Ciena is also committed to compliance with all fair employment practices regarding citizenship and immigration status. If contacted in relation to a job opportunity, you should advise Ciena in a timely fashion of the specific accommodation measures required for you to be assessed in a fair and equitable manner.
We do not charge any fee for employment and the same applies to the Recruitment Partners we work with. Additionally, we do not ask for any refundable security deposit to be paid in bank accounts for employment purposes. We request candidates to be cautious of misleading communications and not pay any fee/ deposit to individuals/ agencies/ employment portals on the pretext of attending Ciena's interview process or seeking employment with us.
Ciena

Manila City, Metro Manila
Permanent
Full-time