Basic Information

Ref Number

Req_00047539

Primary Location

Ortigas Center

Country

Philippines

Description and Requirements

  • Bachelor’s degree in Computer Science, Information Systems, or equivalent education or work experience

  • 4+ years of prior relevant experience

  • Advanced certifications such as SANS GIAC/GCIA/GCIH, CISSP or CASP and/or SIEM-specific training and certification

  • Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements.

  • Hands-on experience analysing high volumes of logs, network data (e.g. Net flow, FPC  Flexible PIC Concentrator  - PIC  Physical Interface Cards   ), and other attack artifacts in support of incident investigations

  • Experience with vulnerability scanning solutions

  • Familiarity with the DOD Information Assurance Vulnerability Management program.

  • Proficiency with any of the following: Anti-Virus, HIPS  Host Intrusion Prevention System   , ID/PS ( intrusion detection and prevention systems ? IPS -  Intrusion prevention systems   , Full Packet Capture, Host-Based Forensics, Network Forensics, and RSA Security

  • In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform (e.g. Nitro/McAfee Enterprise Security Manager, Arc Sight, QRadar, Log Logic, Splunk, strike)

  • Experience developing and deploying signatures (e.g. YARA, Snort, Suricata, HIPS)

  • Understanding of mobile technology and OS (i.e. Android, iOS, Windows), VMware technology, and Unix and basic Unix commands