Security Analyst - Cyber Security
The Programme
The role is to provide an effective and proactive response to cybersecurity-related events and incidents to protect QBE’s assets and services.
In addition, the role will support business stakeholders in the event of a security incident, and support incident management and escalation processes to the appropriate incident management teams.
We are looking for Tier 1 level support that will investigate a diverse set of alerts.
The role should adapt to any changes in security operations to comply with various business requirements.
Be part of a globally distributed team (24x7) that will use several security tools (e.g., SIEM, email triage platform, cloud security tooling, EDR solutions, etc.) to investigate suspicious events.
What You Will Do
- Proactively monitor and respond to suspicious or true positive incidents across our security platforms.
- Perform initial incident analysis of various security alerts by analyzing and investigating security-related logs harvested from various security signals.
- Provide recommendations and initial assessments to Tier 2 resources for deeper analysis and triage.
- Perform timely escalation of cybersecurity incidents to Tier 2 resources and incident responders using incident management tools and other available channels.
- Conduct research using various proprietary and open-source tools to identify current and emerging threats and risks to QBE.
- Provide assessment and recommendations to mitigate potential threats or suppress any occurring false positive alerts.
- Perform ad-hoc tasks and completion of goals relating to ongoing projects and initiatives.
- Generating reports and providing insights on the efficacy of the current security tools, incident responses, procedures, and other security-related information.
Required Skills and Abilities
- Bachelor's degree in computer science, programming, or IT-related field.
- Fresh graduates are welcome to apply.
- The ability to work in a fast-paced and time-sensitive role.
- Be able to communicate effectively and update various stakeholders globally.
- Proactive, analytical, and able to solve complex investigations.
- Understanding of known threat actors, techniques, and procedures that modern attackers use to compromise organizations.
Advantage, but not required knowledge and skills:
- 1-2 years relevant security experience performing similar duties working in a Security Operation Centre, Cybersecurity, and other IT-related fields.
- Advanced training or certifications (e.g., ISC2, ISACA, SANS, Azure, etc.)
- Knowledge of security solutions and technologies like Windows, Linux, IPS/IDS, Firewalls, Email gateways, proxy technologies, cloud solutions, endpoints, and mobile devices.
- Be able to perform correlations and analytics with diverse types of logs, i.e., network, active directory, database, DNS, firewalls, proxies, host-based security, cloud, and applications logs.
About Us:
We are an international insurer and reinsurer offering a diverse portfolio of commercial, personal and specialty products, as well as risk management solutions.
Our product portfolio includes property, motor, crop, energy, marine and aviation.
We employ a team of around 13,000 people in 27 countries around the world.
- Job type:Graduate Jobs
- Disciplines:Cyber Security
- Citizenships:
- Locations:Manila
- Closing Date:11th Apr 2024, 6:00 pm
Search
Enter an employer or university you want to find in our search bar.