Zero Day Group is seeking a detail-oriented Cyber Security Analyst to join our fully remote team in the Philippines. This role is critical in our Security Operations Center (SOC), focusing on continuous monitoring and analysis of security events. The ideal candidate will have a passion for proactive defense and incident response.
Key Highlights
Technical Skills Required
Benefits & Perks
Job Description
JOB DESCRIPTION
JOB TITLE:
Cyber Security Analyst
LOCATION:
Remote
WORK HOURS:
US Time zone
Summary
Zero Day Group is looking for a driven and detail-oriented Cyber Security Analyst to join our fully remote team in the Philippines. This role is critical in our Security Operations Center (SOC), focusing on the continuous monitoring and analysis of security events to protect our systems against emerging threats.
If you are a talented analyst with a passion for proactive defense and incident response, and are looking for a company that invests in your professional growth, we encourage you to apply!
Responsibilities
Security Event Monitoring and Triage:
- Monitor, analyze, and triage security events and alerts from our core security platforms, including Azure Windows Defender P2 (Microsoft Defender for Endpoint) and VMware Carbon Black.
- Perform initial investigation of security incidents, identifying scope, root cause, and developing containment strategies.
- Proactively hunt for threats, vulnerabilities, and anomalous activity across the environment.
Incident Response:
- Execute incident response procedures and collaborate with other teams to ensure timely and effective remediation of security breaches.
- Document all incident analysis, findings, and steps taken for remediation.
Access Management & Automation:
- Manage the onboarding and offboarding of team members and users, ensuring compliance with security access policies.
- Develop, maintain, and execute scripted and manual processes for user account management and access control (e.g., PowerShell, Python, or similar scripting tools).
Continuous Improvement:
- Contribute to the development and refinement of security policies, processes, and playbooks.
- Stay current with the latest cybersecurity threats, trends, and technologies.
Qualifications
Experience:
- Proven experience in a Security Operations Center (SOC), Incident Response, or similar cybersecurity analysis role.
- Hands-on experience with Endpoint Detection and Response (EDR) and Security Information and Event Management (SIEM) tools. Direct experience with Azure Windows Defender P2 and Carbon Black is a significant advantage.
Technical Skills:
- Solid understanding of operating system fundamentals (Windows, Linux), networking protocols, and cloud security principles (especially Azure).
- Proficiency in scripting languages for automation of repetitive tasks is highly desirable.
- Strong knowledge of threat intelligence frameworks (e.g., MITRE ATT&CK).
Certification & Training:
- CISSP certification is highly preferred.
- Willingness to be trained and certified is essential. We are committed to paying for relevant professional certifications, including CISSP, for the right candidate.
Soft Skills:
- Excellent analytical and problem-solving skills with meticulous attention to detail.
- Strong written and verbal communication skills in English.
- Self-motivated and able to thrive in an independent, remote work environment.
Location & Work Environment
- Location: This is a 100% remote position open to candidates based anywhere in the Philippines.
- Schedule: Standard business hours will apply, with flexibility to accommodate security demands and potential on-call rotation.