SOC Analyst

Thrive is an innovative technology solutions provider focused on Cyber Security, Hybrid Cloud, Global Network Management, Disaster Recovery and traditional Managed Services. Our corporate culture, engineering talent, customer-centric approach, and focus upon NextGen services help us stand out among our peers. Thrive is on the look-out for individuals who don’t view their weekdays spent at ‘a job’ but rather look to develop valuable skills that ignite their passion and lead to a CAREER.

With a growing client base, Thrive is continuing to build out its security team. We are looking to hire a SOC Analyst 1 to take a role within our Security Operation Center to assist with continuously monitoring and improving our customers' security posture while preventing, detecting, analyzing, and responding to cybersecurity incidents utilizing technology and well-defined processes and procedures. The ideal candidate will have a passion for information security and will value what a properly managed Security monitoring solution can bring to our client needs.

• Perform security event monitoring using Security Information and Event Management (SIEM) from multiple sources, including but not limited to, events from network and host-based intrusion detection/prevention systems, network infrastructure logs, systems logs, applications, and databases.
• Investigate intrusion attempts, differentiate false positives from true intrusion attempts, and perform analysis of exploits.
• Proactive monitoring and response of known and/or emerging threats.
• Carry out Thrive’s information security strategy both internally and externally for 400+ clients in the northeast.
• Analyze data from our SOC and SIEM and determine if further analysis is needed.
• Work within Thrive’s security standards and best practices and recommend future enhancements.
• Manage our clients’ security awareness training to help their end users be as safe as possible.
• Analyze vulnerability scans and determine remediation steps.
• Stay abreast of security events and techniques to keep our clients protected.
• Build awareness through training and education.

• Has knowledge of the following systems and technologies:
  • SIEM (Security Information and Event Management)
  • TCP/IP, computer networking, routing, and switching
  • IDS/IPS, penetration and vulnerability testing
  • Firewall and intrusion detection/prevention protocols
  • Windows, UNIX, and Linux operating systems
  • Network protocols and packet analysis tools
  • EDR, Anti-virus, and anti-malware
  • Content filtering
  • Email and web gateway.
• Understanding of cybersecurity threats, and experience with incident response standards and procedures.
• Demonstrates comprehension of good security practices.
• Professional experience in a system administration role supporting multiple platforms and applications.
• Ability to communicate network security issues to peers and management.

• Ability to analyze a large amount of data from various sources and use this information to solve complex problems and make good decisions. Must be able to work effectively in a team environment and collaborate within the team and other stakeholders.
• Computer Networking & Security.
• Vulnerability Discovery and Analysis.
• Operating System Internals.
• Familiarity with TCP/IP network protocols, application layer protocols (e.g., HTTP, SMTP, DNS, etc.).
• Excellent Written and Verbal Communication Skills.
• Knowledge of common Windows and Linux/Unix system calls and APIs.
• Understand Anti-Virus.
• Knowledge of programming languages.
• Knowledge of internal file structures for file formats commonly associated with malware (e.g., OLE, RTF, PDF, EXE, etc.).

NOTE: Only candidates located in the Philippines and willing to work out of the Clark office should apply.