senior soc AnalystSGS
Workplace: MetroManila, Manila, Makati
Salary: Agreement
Work form: Full time
Posting Date: 21/12/2025
Deadline: 01/06/2021
Company Description
SGS is the world's leading inspection, verification, testing and certification company. SGS is recognized as the global benchmark for quality and integrity. It operates a network of over 2,000 offices and laboratories around the world.
Job Description
PRIMARY RESPONSIBILITIES
This position is in control for working in SGS Security Operation Centre (SOC) environment and investigating security alerts. This person is also overseeing building and automating SOC processes and procedures. Provides evaluation and trending of security log data from a large number of heterogeneous security devices on the SGS network. Provides Incident Response (IR) collaboration when evaluation confirms actionable incident. Owns the remediation of high priority complex issues while managing communications to key stakeholders. Primary escalation contacts of the team members outside of office hours. Additional activities include Vulnerability Assessments / Pentest, SDE review, IAM and participation in POCs.
SPECIFIC RESPONSIBILITIES
Accountable for working in a 24x7 Security Operation Centre (SOC) environment in shifts.
Accountable for 3 - 4 security technologies which will require expertise to perform complex activities and will act as primary contact for projects, escalations, new updates and changes from stakeholders.
Engage new team members to learn and provide guidance in information security concepts, best practices and standard procedures.
Monitor and investigate security alerts from SIEM / log management and various security controls / tools such as Firewall, secure email gateway, endpoint security, WAF, IDS/ IPS and DLP, etc.
Provide Incident Response (IR) collaboration when evaluation confirms an actional incident and build rules, dashboards and reports in SIEM.
Create automation /playbooks in SOAR platforms. Playbooks should automate the application of security hardening configurations on multiple infrastructure assets, and execute SOC procedures.
Process and manage requests for various security services, for example, corresponding to security inquiries from affiliates/ stakeholders, reviewing malicious or blocked attachments or websites, reviewing firewall change requests, performing vulnerability scans, etc.
Collaborate technical security assessments, self-phishing and cybersecurity awareness activities.
Provide threat and vulnerability evaluation services, for example, evaluate and correspond to unknown or previously undisclosed software and hardware vulnerabilities.
Ensure that service operations best practices are being observed and applied.
Proficient with commonly used information security concepts, best practices and standard procedures; Overseeing collaboration as necessary for changes to process and procedures.
Collaborate the development of SOC processes, documentation, metrics and reporting.
Develop and suggest new Operating Procedures or changes to existing ones as needed.
Provide management reports with regards to Team KPI's.
Report to IT Management and stakeholders any major incident that could significantly impact the business.
Qualifications
Bachelor's degree in Computer Science, Computer Engineering, IT Security or a related field; alternatively, equivalent demonstrated knowledge.
Highly technical with atleast 10 years of relevant experience in IT Security / IT Operations and atleast 8 years' experience as a Security Analyst with global companies.
Professional certifications such as ITIL, CompTIA Security+, CompTIA CySA+, EC-Council Certified Ethical Hacker (CEH) or any equivalent product specific / vendor neutral certification is required.
Experience with SIEM / SOAR platforms, firewalls and intrusion detection / prevention systems and security operations.
Experience performing evaluation of log files from a variety of sources, to include host logs, network traffic logs, firewall logs, secure email gateway logs or intrusion prevention logs.
Experience with packet analysis (Wireshark) and malware analysis preferred
Strong knowledge of security operations concepts: perimeter defense, endpoint management, data leak prevention, kill chain evaluation and security metrics.
Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution).
Knowledge of general attack stages (e.g. foot printing and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation and covering tracks).
Knowledge of system and application security threats and vulnerabilities (e.g. buffer overflow, mobile code, cross-site scripting, Procedural and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code) Language/Structured Query Language.
Knowledge of network protocols (e.g. Transmission Control Protocol and Internet Protocol, Dynamic Host Configuration Protocol) and directory services (e.g. Domain Name System).
Knowledge of how traffic flows across the network (e.g. Transmission Control Protocol and Internet Protocol, Open System Interconnection model, Information Technology Infrastructure Library).
Knowledge of common network tools (e.g., ping, traceroute, nslookup).
Knowledge of cyber defense policies, procedures, and regulations.
Knowledge of the common attack vectors on the network layer.
Knowledge of host/network access controls (e.g. access control list)
Skill in recognizing and categorizing types of vulnerabilities and associated attacks.
Attention to detail and strong communicator.
SmartRecruiters
SGS is the world's leading inspection, verification, testing and certification company. SGS is recognized as the global benchmark for quality and integrity. It operates a network of over 2,000 offices and laboratories around the world.
Job Description
PRIMARY RESPONSIBILITIES
This position is in control for working in SGS Security Operation Centre (SOC) environment and investigating security alerts. This person is also overseeing building and automating SOC processes and procedures. Provides evaluation and trending of security log data from a large number of heterogeneous security devices on the SGS network. Provides Incident Response (IR) collaboration when evaluation confirms actionable incident. Owns the remediation of high priority complex issues while managing communications to key stakeholders. Primary escalation contacts of the team members outside of office hours. Additional activities include Vulnerability Assessments / Pentest, SDE review, IAM and participation in POCs.
SPECIFIC RESPONSIBILITIES
Accountable for working in a 24x7 Security Operation Centre (SOC) environment in shifts.
Accountable for 3 - 4 security technologies which will require expertise to perform complex activities and will act as primary contact for projects, escalations, new updates and changes from stakeholders.
Engage new team members to learn and provide guidance in information security concepts, best practices and standard procedures.
Monitor and investigate security alerts from SIEM / log management and various security controls / tools such as Firewall, secure email gateway, endpoint security, WAF, IDS/ IPS and DLP, etc.
Provide Incident Response (IR) collaboration when evaluation confirms an actional incident and build rules, dashboards and reports in SIEM.
Create automation /playbooks in SOAR platforms. Playbooks should automate the application of security hardening configurations on multiple infrastructure assets, and execute SOC procedures.
Process and manage requests for various security services, for example, corresponding to security inquiries from affiliates/ stakeholders, reviewing malicious or blocked attachments or websites, reviewing firewall change requests, performing vulnerability scans, etc.
Collaborate technical security assessments, self-phishing and cybersecurity awareness activities.
Provide threat and vulnerability evaluation services, for example, evaluate and correspond to unknown or previously undisclosed software and hardware vulnerabilities.
Ensure that service operations best practices are being observed and applied.
Proficient with commonly used information security concepts, best practices and standard procedures; Overseeing collaboration as necessary for changes to process and procedures.
Collaborate the development of SOC processes, documentation, metrics and reporting.
Develop and suggest new Operating Procedures or changes to existing ones as needed.
Provide management reports with regards to Team KPI's.
Report to IT Management and stakeholders any major incident that could significantly impact the business.
Qualifications
Bachelor's degree in Computer Science, Computer Engineering, IT Security or a related field; alternatively, equivalent demonstrated knowledge.
Highly technical with atleast 10 years of relevant experience in IT Security / IT Operations and atleast 8 years' experience as a Security Analyst with global companies.
Professional certifications such as ITIL, CompTIA Security+, CompTIA CySA+, EC-Council Certified Ethical Hacker (CEH) or any equivalent product specific / vendor neutral certification is required.
Experience with SIEM / SOAR platforms, firewalls and intrusion detection / prevention systems and security operations.
Experience performing evaluation of log files from a variety of sources, to include host logs, network traffic logs, firewall logs, secure email gateway logs or intrusion prevention logs.
Experience with packet analysis (Wireshark) and malware analysis preferred
Strong knowledge of security operations concepts: perimeter defense, endpoint management, data leak prevention, kill chain evaluation and security metrics.
Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution).
Knowledge of general attack stages (e.g. foot printing and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation and covering tracks).
Knowledge of system and application security threats and vulnerabilities (e.g. buffer overflow, mobile code, cross-site scripting, Procedural and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code) Language/Structured Query Language.
Knowledge of network protocols (e.g. Transmission Control Protocol and Internet Protocol, Dynamic Host Configuration Protocol) and directory services (e.g. Domain Name System).
Knowledge of how traffic flows across the network (e.g. Transmission Control Protocol and Internet Protocol, Open System Interconnection model, Information Technology Infrastructure Library).
Knowledge of common network tools (e.g., ping, traceroute, nslookup).
Knowledge of cyber defense policies, procedures, and regulations.
Knowledge of the common attack vectors on the network layer.
Knowledge of host/network access controls (e.g. access control list)
Skill in recognizing and categorizing types of vulnerabilities and associated attacks.
Attention to detail and strong communicator.
SmartRecruiters
Other Info
Makati City, Metro Manila
Permanent
Full-time
Permanent
Full-time
Submit profile
SGS
About the company
SGS jobs
Makati City, Metro Manila
Dealer Product Supply Planning Analyst (DPSPA)
Castlekeep Holdings Inc.
MetroManila, Quezon, Quezon, ManilaAgreement
Position senior soc Analyst recruited by the company SGS at MetroManila, Manila, Makati, Joboko automatically collects the salary of , finds more jobs on Senior SOC Analyst or SGS company in the links above