Procter & Gamble Security Engineer – SOC/SIEM in National Capital, Philippines
Security Engineer – SOC/SIEM
The Security Engineer - SOC/SIEM is responsible for the design, implementation and 24/7 support of the SIEM technology infrastructure that enables global incident response operations, analysis and coordination, and forensics. Additionally, the Security Engineer - SOC/SIEM is also responsible for developing and maintaining threat monitoring capabilities used by the Security Operations Center (SOC) team. The position requires experience implementing and maintaining security event monitoring and analysis solutions for large enterprises, with knowledge on large scale threat analysis of event data from commercial and open source infrastructure technology platforms.
This role enables the development of Threat and Security Incident monitoring capabilities through the following responsibilities:
• Threat intelligence gathering
• Cyber threat hunting, data analysis, and configuration of security monitoring platforms.
• Designing, deploying and maintaining global event monitoring and incident response tools/technologies and processes.
• Identifying and analyzing advanced threats.
• Implementing and supporting SIEM products.
• Participating in Security Incident response investigation requests and handling escalations for active incidents.
• Developing mature and sustainable policies, parsers, and rules.
• Creating and maintaining documentation such as scripts, knowledge base and how-to articles, etc.
• Working in a lab environment to test system and develop use cases.
• Maintaining the lab environment to ensure consistency and stability applicable to production systems.
Technical Competencies and Experience:
Experience with 1 or more of the following in a technology set listed below:
Demonstrated experience and understanding of the following:
Logging and security event settings and controls of diverse platforms and operating systems, including current and emerging technologies.
Big Data storage techniques
Implementing security monitoring and response capabilities on cloud platforms
Implementing and supporting SIEM products and alignment with monitoring and incident response procedures
Technical knowledge of Internet security, networking protocols, and related technologies, including IDS/IPS, firewalls, content filtering, Network Behavior Analysis tool, Antivirus and packet inspection
Threat intel integration with SIEM Solutions
Macro and micro security analysis and experience with risk modeling, multiple event correlation
Endpoint security analysis with Windows, Mac, and Linux host event data and related tools
Business Impact Analysis, Business Continuity, and Incident Response, Investigations & Forensics, and System Recovery
Solid understanding of information, host and network security hardening and requirements; networking protocols; common intrusion techniques; and common risk management concepts
Basic knowledge of database architecture and maintenance
Directory services such as Microsoft Active Directory, Enterprise Directories like Radiant Logic.
Domain Name Services (DNS)
SQL Database query languages, stored procedures, maintenance, and development
Virus detection, malware detection, intrusion detection, and prevention systems
File Integrity Monitoring Experience in Information Security policy framework development, maintenance and enforcement
A solid foundation in compliance frameworks and security management standards (e.g., ISO 27001:2013, COBIT, and NIST).
Management of information security policy, standard and procedure development, enhancement, and maintenance across the policy management lifecycle.
Exhibit a broad knowledge of security compliance and auditing frameworks and apply those to formulate policies, procedures and standards.
Conducting security reviews, risk analysis, and controls reviews in adherence to security policy
Auditing support and artifact documentation for ISO27001, PCI, SOC1 & SOC2 audit frameworks One or more of the following certifications: CISSP, CCNA, MCSE, HISP, GSEC, Red Hat Linux, Scripting
Bachelor’s degree in Information Systems, Information Technology (IT), Computer Science, Engineering, or other technical/IT field and/or at least 5 years of relevant experience.
Available to work off hours during the evenings and weekends as required, sometimes with little advanced notice.
All Information Security roles require CISSP certification. Candidates without the certification must be able to pass the exam within the first 15 months of starting the role. P&G provides study preparation and exam cost coverage.
Role requires working from the Procter & Gamble Manila, Philippines location.
Job: Information Technology
Title: Security Engineer – SOC/SIEM
Location: PH-National Capital-Manila
Requisition ID: IT 00001393