Role Profile – Position Level
Role Title:
Jr. Security Analyst
Department:
Group Security
Role reports to:
Direct Reports:
Indirect Reports:
Head of Security Operations
Not applicable
Not applicable
Level:
Location:
4
Philippines
PURPOSE OF ROLE:
Serves as the Front-line support to counter an attack and performs in-depth analysis (base from received instruction,
guidance and direction from a more senior-level roles) to avoid an attack from happening again
Ensures that security controls and security solutions are reviewed, functioning, effective and running. The Jr.
Security Analyst will be working under a senior's guidance in daily checking and monitoring Security Information and
Event Management (SIEM). This ensures that a threat or any malicious activities/traffics are caught before impacting
the business and its operation.
It is also the Jr. Security Analyst responsibility to ensure timely reporting of all problems or services detected not
functioning to their senior's. It is the duty of security analyst's to react proactively to identify issues or problems within
security solutions, systems, and networks. This way, systems or solutions are ensured functioning and operating as
efficiently as possible.
Again with the close guidance and direction from seniors, Jr. Security analysts also must perform the initial tasks
defined in Security Operation incident response. Mixing the tactics/strategy of either a Blue Team and/or Red Team
for breaches, threats, viruses, malwares, malicious/suspicious traffics/activities and active attacks detected in
Cambridge University Press & Assessment.
KEY ACCOUNTABILITIES:

Operation daily routine assignments:
o
Performs daily log monitoring, detection of abnormal activities, and threat hunting
(Proactive mode) to ensure 24/7 protection to the business.
o
Performs daily checking of Security operation tickets queue to ensure timely response to
requests and incidents while maintaining the quality of service. Also uses existing
procedures to solve routine or standard requests/incidents.
o
Follows Incident Response (reactive mode) procedures, i.e. response to security alerts
from SOC Global monitoring tools, malware attack, virus escalation, DDOS, the
discovery of Data theft, etc., to ensure support efficiency and effectiveness.
o
Provides L2 support for Security Operation Services (with guidance and direction from
senior's) before escalating to L3 (refer to SOC Service Catalogue) to ensure that an
incident is timely escalated when needed.
o
Performs timeline and information note-taking during M1 and P1 incidents to ensure that
all details needed in completing the Security Incident report are documented.
o
Assists his senior colleagues when needed for any security-related activities i.e audits,
risk assessments and others.
o
Helps in documenting and updating operational processes and procedures to ensure that
it is up to date and is still applicable to the business.
KEY RELATIONSHIPS (INTERNAL AND EXTERNAL):




Maintains relationships and provides regular updates to Senior Security Analysts and Head of
Security Operation
Works closely with Security Analysts, Sr. Security Analysts, Technology Operation Team and
inter-departmentally
Maintains relationships with the broader University on incident response, technical threat
identification and mitigation strategies.
Maintains relationships with both domestic and international authorities.
AUTHORITY LEVEL (PEOPLE, POLICY, FINANCIAL): Not applicable
ESSENTIAL KNOWLEDGE / SKILLS

Basic knowledge/idea in Ethical hacking, Intrusion Prevention, Incident Response, Computer
Forensics, Reverse Engineering from tertiary school


Training completion and Certification of Security Blue Team Level 1 (provided by Cambridge)
Completion of Learning Paths in TryHackMe program (provided by Cambridge)
ESSENTIAL QUALIFICATION(S), EXPERIENCE AND REGISTRATION













A minimum of 0-1 year of work experience in Information Technology or Customer IT Technical
support industries
Typically requires a college or university degree or the equivalent work experience and has
conceptual knowledge of fundamental theories, principles and practices
Basic Networking knowledge, i.e. OSI Layer
Has some basic knowledge or understanding of some information security technologies,
including Firewalls, IDS/IPS, DLP, End Point Security, Data Encryption, Network Access Control,
Web/Email filtering, Penetration Testing, Forensic Investigation and Security Incident and Event
Management is an advantage
Basic understanding of Information Security Management Systems and information security
standards - ISO27001 & PCI-DSS is an advantage
Has aspirations for CompTIA Security+, Ethical hacking (CEH) certifications
Has basic knowledge and strong passion in Cyber Security
Good communication skills, i.e. ability to communicate with technical and non-technical
audiences at various levels, is a must
A good level of written English for the development and delivery of reports and technical
documentation is a must
Keen to learn and has strong motivational skills
Willingness to work in extended hours when needed, especially during MI or P1 security
incidents
Ability to works in shifting schedule for 24x7 security coverage
Knows how to handle pressure or stress
KEY COMPETENCIES (ORGANISATIONAL VALUES):
•
•
•
•
•
Achieving: being responsive, decisive and accountable to further our mission
Inspiring: role models optimism, motivation and authenticity
Inclusive: curious, open-minded, and ready to learn from others
Trusted and trusting: enables individuals, teams and organisations to collaborate with
integrity
Confidence with humility: has confidence in her/his abilities, with the willingness to
learn and adapt
KEY COMPETENCIES (LEADERSHIP):
KEY COMPETENCIES (FUNCTIONAL):
Being responsive, optimism, curious, open-minded, ready/willing to learn, collaborative,
confident
CONTEXT OF THE ROLE:
Other Technology teams will remain responsible for the delivery of secure applications, networks and
infrastructure in compliance with Information Security Policies