Security Operations Analyst

About Us

KPMG R.G. Manabat & Co. is a leading professional services firm in the Philippines, providing audit, tax, and advisory services to a wide range of clients. We are dedicated to delivering exceptional service and helping our clients achieve their goals.

About The Role

The Security Operations Analyst (Level 1) is responsible for the initial monitoring and analysis of security events, and supporting incident response activities within the Security Operations Centre (SOC). They use various security tools to detect potential threats and vulnerabilities. Their primary duties include responding to low-level security incidents, escalating more complex issues to higher-level analysts, and maintaining detailed logs of all activities. They also assist in the implementation of security measures and provide support for security-related projects. Strong analytical skills, attention to detail, and a basic understanding of network security principles are essential for this role. The Level 1 Analyst plays an important role in maintaining effective security monitoring, supporting investigations, and contributing to the overall resilience of the SOC through accurate analysis and disciplined execution.

A. Day-to-day Activity

Security Monitoring & Alert Triage

• Monitor security alerts and events across enterprise networks, endpoints, cloud platforms, and security tooling.
• Perform initial triage and analysis of alerts to determine validity, severity, and required response actions.
• Escalate confirmed or suspicious security events to Level 2 analysts in line with SOC procedures.
• Accurately document analysis, actions taken, and outcomes within incident management systems.

Incident Response Support

• Support incident investigations by collecting evidence, validating alerts, and performing defined response actions.
• Follow established playbooks and procedures during incident response activities.
• Assist with containment or remediation tasks under the guidance of senior analysts.
• Maintain clear communication with SOC peers during active incidents.

Threat Awareness & Analysis

• Develop awareness of common threat types, attack techniques, and indicators of compromise.
• Use SIEM and security tooling to identify patterns, anomalies, and potential threats.
• Support senior analysts with analysis activities as skills and experience develop.

SOC Processes & Operational Discipline

• Follow SOC processes, workflows, and shift handover practices consistently.
• Contribute to the maintenance of SOC documentation, including runbooks and incident records.
• Identify opportunities for improvement in alert quality, documentation, or processes and raise them with the team.

Learning, Collaboration & Engagement

• Actively develop technical and analytical skills through on‑the‑job learning and training.
• Collaborate effectively with SOC team members and technology stakeholders.
• Participate in knowledge‑sharing activities and lessons‑learned discussions.
• Support client and stakeholder engagement where the SOC delivers managed or advisory security services, under supervision.

B. What you'll bring to our team

Operational Contribution

• Demonstrate reliability, attention to detail, and a strong sense of responsibility when handling security alerts.
• Follow instructions, processes, and escalation pathways consistently.
• Contribute positively to SOC culture through professionalism and teamwork.

Managing Risk

• Recognise potential security risks and escalate appropriately in line with procedures.
• Support accurate identification and documentation of security events.
• Understand the importance of timely and effective response to security incidents.

Analytical & Communication Skills

• Demonstrate developing analytical and problem‑solving capability.
• Accurately document findings and actions taken during investigations.
• Communicate clearly with SOC peers and escalate issues when required.

C. Your experience and qualifications

Essential

• Bachelor's Degree in Information Technology or similar fields.
• Demonstrated interest in cyber security and security operations.
• Foundational understanding of security concepts, threats, and defensive controls.
• Basic working knowledge of SIEM tools or security monitoring platforms.
• Ability to follow defined processes and work effectively in an operational environment.
• Strong written and verbal communication skills.
• Willingness to learn and develop technical and investigative capability.

Desirable

• Previous experience in a SOC, IT operations, service desk, or technology support role.

Certifications & Training (Preferred)

• Entry‑level or foundational security certifications, such as CompTIA Security+, Microsoft Security Fundamentals (SC‑900), Microsoft Security Operations Analyst (SC-200), Microsoft Azure Fundamentals (AZ‑900)
• Completion of SOC analyst, incident response, or SIEM fundamentals training.
• Demonstrated commitment to continuous learning and professional development.