U

Cybersecurity Operations Analyst

Job Description - Cybersecurity Operations Analyst

Description

As a Cybersecurity SOC (Security Operations Center) Operations Analyst, you will be responsible for monitoring, detecting, and responding to security incidents within the organization's IT environment. You will play a crucial role in maintaining the security posture of the organization by identifying and mitigating potential threats and vulnerabilities. This position requires a strong understanding of cybersecurity principles, technologies, and incident response procedures. Additionally, as a senior-level analyst, you should be able to independently take ownership of all aspects of cyber operations functions with minimal guidance from your manager.



Responsibilities

JOB RESPONSIBILITIES:

 

1. Security Monitoring and Incident Detection:

  • Monitor security alerts, logs, and event data from various sources, such as SIEM (Security Information and Event Management) systems, intrusion detection systems (IDS), and firewalls, to identify potential security incidents.

  • Analyze network traffic, system logs, and other relevant data to detect unauthorized access attempts, malware infections, or other suspicious activities.

  • Investigate and triage security events, classify incidents, and escalate critical issues to the appropriate teams for further analysis and response.

  • Analyze user reported emails.

 

2. Initial Incident Response and Investigation:

  • Respond to and analyze suspicious email submissions
  • Respond to security incidents in a timely and effective manner, following established incident response procedures and playbooks.

  • Conduct detailed analysis and investigation of security incidents, determining the root cause, extent of compromise, and impact on the organization's systems and data.

  • Collaborate with incident response teams to contain and mitigate security incidents, minimize the impact, and restore normal operations.

 

3. Threat Intelligence and Research:

  • Stay updated on the latest cybersecurity threats, vulnerabilities, and attack techniques through research, threat intelligence feeds, and industry reports.

  • Analyze threat intelligence data to identify emerging threats, indicators of compromise (IOCs), and potential vulnerabilities that may affect the organization's systems.

  • Leverage threat intelligence insights to proactively improve security controls, detect advanced threats, and strengthen the organization's security posture.

 

4. Security Incident Reporting and Documentation:

  • Prepare accurate and comprehensive incident reports, documenting incident details, analysis findings, response actions taken, and recommended improvements.

  • Maintain incident documentation, including evidence logs, incident timelines, and any other relevant information required for compliance and auditing purposes.

  • Collaborate with stakeholders to communicate incident updates, impact assessments, and recommended remediation strategies.

  • Maintain operational knowledge base and runbooks

 

5. Thought leadership:

  • Lead relevant projects and act as a resource for colleagues with less experience

  • Provide summary reports of monthly trends and noteworthy incidents
  • Provide cybersecurity recommendations to leadership based on significant threats and vulnerabilities 
  • Conduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings).

 

6. Other task:

  • Handle internal tickets under Cybersecurity responsibility.



Qualifications
  1. Read and follow the Underwriters Laboratories Code of Conduct and follow all physical and digital security practices. 

  2. 1-2+ years' experience working in security operations center

  3. College degree preferred

  4. Experience working with end point protection tools, case management/ticketing tools.

  5. Strong understanding and usage of SIEM, EDR, O365 Ecosystem & Ticketing system. 

  6. Ability to document and create runbooks and generate reports

  7. At least one relevant security certifications highly required

  8. The schedule may change based on team requirements and operational needs.

  9. Perform other duties as directed



Original job Cybersecurity Operations Analyst posted on GrabJobs ©. To flag any issues with this job please use the Report Job button on GrabJobs.
Share Job
Share Job

Similar Cybersecurity Operations Analyst Jobs in the Philippines

GrabJobs is the no1 job portal in the Philippines, connecting you to thousands of jobs fast! Find the best jobs in the Philippines, apply in 1 click and get a job today!

Mobile Apps

Copyright © 2026 Grabjobs Pte.Ltd. All Rights Reserved.