Senior Cyber Security Analyst

This is a fully remote position, open to applicants in Philippines.

📋 Description

• Monitor, identify, and analyze events from various sources to detect threats and respond to incidents promptly.

• Collaborate with teams located worldwide to achieve objectives.

• Assist in gathering metrics to evaluate the effectiveness of Security Operations activities.

• Assess the efficacy of security measures to ensure compliance with Security standards.

• Aid in the implementation of security policies and procedures.

• Refine processes and subsequently update standard operating procedures for the team.

• Engage in multiple phases of incident investigations and threat hunting initiatives.

• Work closely with internal teams such as Product, Customer Success, and others.

⛳️ Requirements

• Familiarity with web and API security, coding standards, WAFs, advanced persistent threat actors, botnets (both off-the-shelf and custom), and attack mitigation strategies.

• Proficiency in SQL is essential.

• Understanding of managing, securing, and preparing production web environments using tools like Kubernetes.

• Knowledgeable in Threat Hunting related to Web/API, web hacking, web data analysis, or practical experience with WAF.

• Extensive knowledge in web technology and web application security.

• Strong grasp of the cybersecurity threat landscape and the mindset of attackers.

• Experience in scripting and programming languages such as JavaScript and Python.

• Keen interest in staying updated with industry trends and market needs to suggest product improvements and new intelligence sources.

• Proven interest in working with data and metrics as they pertain to security.

• Excellent collaborator and communicator who is inquisitive and enjoys innovation. The security landscape is ever-evolving.

• Nice to Have:

• Familiarity with open-source analytics and visualization tools like Grafana, Redash, etc.

• Experience in red-teaming, particularly in developing botnets and white-hat hacking.

• Practical knowledge of Web security modules and secure configurations.

• Hands-on experience and expertise in API test automation and standardization.

• Solid background in computer and network security.

• Integration of security into build automation, deployment automation, test automation, SDLC orchestration, environment management, monitoring, and production.

• Mentorship of development teams, reviewing pull requests, and guiding the evolution of the development pipeline.

• Familiarity with modern application packaging, deployment, containerization, bug tracking tools, and other supporting tools (Jenkins, Docker, Kubernetes, etc.).

• Knowledge of ISMS (ISO/IEC 27001), SOC2, NIST Cybersecurity Framework, CIS Controls, and Open Web Application Security Project.

🏝️ Benefits

• Competitive salary and performance-based bonuses.

• Comprehensive health insurance and wellness programs.

• Opportunities for professional development and training.

• Flexible work hours and remote work options.

• Engaging work environment with a focus on innovation.