Angeles, Central Luzon, Philippines

Information Security Analyst

 Job Description:

Employment: Freelance

Company Base: US

Hours of Work: GY, 40hrs/week

Location: PH - Permanent WFH

Workstation: Equipment Provided

Benefits:

  • 13th Month Pay
  • Competitive Salary (USD Based)
  • Permanent WFH 
  • Professional Growth and Training
  • Supportive Work Environment

GENERAL DESCRIPTION

We are seeking talented and experienced Analysts to join our growing Security Team. Candidates will primarily work from home, however occasional dispatch may be required for client-facing meetings, presentations, and consultations.

2-4 years of experience working in an Information Security capacity is required for this position with demonstrated working knowledge of Information Security standards as applicable to common frameworks, requirements, and best practices. The ability to communicate effectively with clients and team members and work efficiently to resolve time sensitive issues is a must.

An Information Security Analyst must complete projects on time and work within deadlines, and have the ability to adjust to ever-changing client needs and scenarios.

Basic Scope and Function:

As an Information Security Analyst with us, you will be part of the Security Team triaging events and incidents as they are reported. You will be monitoring infiltration attempts, looking for patterns and root cause to ensure infiltration attempts and compromises are identified and remediated in a timely manner. You will identify attack patterns and advise our team and clients how best to defend themselves against targeted attacks. Your expertise will be an integral part of our all-encompassing Cybersecurity Management deliverable. You be working closely with team members and clients in various locations across the US and overseas and will fulfill the role of subject matter expert, advising upon the on the most effective approach to security, and continuously developing and helping to implement this approach. As an Information Security Analyst, you will be responsible for Security Auditing, Penetration Testing (Internal & External), Compliance auditing and implementation, among other duties, under the guidance of the Information Security Officer. 

Due to the nature of the work, you may be required to fulfill on-call, incident response duties at night and on weekends. Additional work hours may also be required during an incident remediation.

RESPONSIBILITIES AND DUTIES

  • Continuously monitor assets and respond to active threats affecting our client and internal systems
  • Detect, report, assess, and respond to information security incidents.
  • Monitor and analyze data flow to identify and block malicious behavior and activities
  • Participate in investigations towards identifying root cause for security events, evaluating anomalous activity, and tuning for frequent false positives.
  • Participate in the design and execution of vulnerability assessments and security audits.
  • Participate in the management of the employee awareness campaigns for both our staff and clients, to include phishing simulations and awareness training.
  • Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors.
  • Document best practices with the Cybersecurity and Operations staff using available collaboration tools and workspaces.
  • Develop and maintain both internal and client-facing documentation and procedures for reviewing and enforcing end-to-end client security and compliance.
  • Anticipate new security threats and stay-up to date with evolving infrastructures.
  • Provide timely, detailed, and complete reports on security events and incidents to leadership.
  • Provide some after-business hours support in response to security alerts and investigations.
  • Perform other duties and tasks as assigned.

SPECIFIC SKILLS

  • Strong problem-solving and analytical skills.
  • Excellent customer service skills, including understanding how to de-escalate, how to soothe and how to deliver the most efficient solution.
  • Strong communication skills, both verbal and written.
  • Strong familiarity with Windows desktop and server operating systems.
  • Strong familiarity with Microsoft Office 365 and Azure Active Directory support and implementation.
  • Strong understanding of networking concepts, familiarity with routers, firewalls, access points, IDS/IPS and VPN.
  • Familiarity with Email threat protection tools and concepts.
  • Familiarity with RMM and asset management tools are a big plus.
  • Understanding of tools and processes used in security monitoring and incident response
  • Experience with Endpoint Detection & Response (EDR) tools
  • Ability to understand vulnerabilities at a technical level and capable of recommending and effectively communicating mitigation strategy
  • Familiarity with regulatory frameworks such as NIST/CMMC, ISO 27001, HIPAA/Hitech are a big plus.
  • Strong organizational, operational, and inter-personal skills
  • Ability to communicate and write in English professionally
  • Reliable personal transportation for use in traveling to clients' offices is essential.

SOFT SKILLS

  • Great English Communication skills.
  • Problem-solving skills.
  • Time management and adherence to deadlines.

ADDITIONAL COMMENTS

Preferred to have the following experience:

  • 2-4 years of experience working in an Information Security capacity.
  • No College Education Required.
  • CompTIA Security+ or similar.
  • ISC2 SSCP (Substitute for Security+)
  • High School Diploma or Accredited GED.
  Required Skills:

Remediation Mitigation Analysts Information Security BASIC Firewalls Asset Management Protection Soft Skills Routers ROOT Analytical Skills Active Directory Operating Systems Transportation Auditing Campaigns Networking Presentations Strategy Security Windows Education Documentation Email Testing Customer Service Leadership Design Microsoft Office Communication English Training Management