About Penbrothers Penbrothers is an HR & remote talent management partner and one of the fastest-growing companies in the Philippines. We provide talented Filipinos with global opportunities in high-growth startups and dynamic companies, from the comfort of their own homes.
About the Client At our client's cybersecurity consulting firm, we believe in defending the fundamental human rights to security and privacy. We are seeking a highly skilled and experienced SOC Analyst, Consultant to join their dynamic team
.About The Role
As SOC Analyst, Consultant you will create and maintain the safest operating environment for the client, employees and clients. You will defend network boundaries, keep computer systems and network devices hardened against attacks and provide security services to protect sensitive data (e.g., passwords and customer information). You will monitor our systems for attacks and intrusions and work to proactively identify flaws and
vulnerabilities.
What You Will Do:
- Lead the analysis of escalated incidents, assess attack scope, identify affected systems, and develop
- containment, eradication, and recovery plans.
- Leverage threat intelligence feeds and IoC databases to enhance incident response and analyze adversary
- tactics to improve detection and prevention.
- Act as the escalation point for confirmed incidents, collaborating with internal teams and interfacing with
- external stakeholders for effective resolution.
- Use and maintain expertise in SIEM, EDR/XDR, and SOAR platforms for advanced threat detection, while
- optimizing tools and tuning detection rules.
- Document the entire incident lifecycle, including root cause analysis and actions taken, and produce
- detailed reports with recommendations for security improvements.
- Take ownership of complex incidents, ensuring timely resolution and effective communication with
- stakeholders.
- Work closely with IT, security, and SOC engineering teams to ensure coordinated and efficient responses
- to incidents.
- Review and refine response processes and detection mechanisms, contributing to continuous
- improvement and strengthening the organization's security posture.
- Support the growth and development of a Managed SOC/MDR service and team (e.g., create Standard
- Operating Procedures, system/platform configuration and tuning, team training).
- Participate in after-hours/on-call shifts for SOC alert escalation and response requirements.
Qualifications:
- Bachelor degree in information technology, Computer Science, Cybersecurity, or a related discipline, or equivalent professional experience.
- Expertise in investigating and mitigating security incidents across diverse environments, including on-premises, cloud, and hybrid infrastructures.
- An experienced (Level 2 or 3) Analyst, looking to develop and grow a SOC service and team.
- Strong understanding of threat intelligence integration, adversary TTPs, and the MITRE ATT&CK framework.
- Desired Certifications: CompTIA Security+ and Cybersecurity Analyst (CySA+), ISC2 CC and SSCP, EC-Council Certified Incident Handler (ECIH), GIAC Certified Incident Handler (GCIH), and SIEM/EDR certifications (e.g., Splunk, Chronicle, CrowdStrike, SentinelOne) are a plus.
- Advanced English (C1).
- 35 years of hands-on experience in SOC operations, preferably for a SOC or MDR service provider (e.g.,MSSP).
- Proficiency with SOC technologies, including SIEM (e.g., Chronicle, Splunk, IBM QRadar), EDR/XDR (e.g.,Trellix, CrowdStrike, SentinelOne, BlackPoint), and SOAR platforms (e.g., Chronicle, FortiSOAR, Splunk SOAR).
- Experience responding to alerts related to Microsoft Office 365, Identities (Entra ID, Active Directory),Cloud (AWS, Azure), Firewalls, Endpoint security, Email security, Web security (IP, DNS Filtering).
