303 Cyber Engineer jobs in the Philippines

Role : Cyber Security Engineer L4 Level- (Third Party Risk Management )

Company : One of the Global Client

Location : Santa rosa , Laguna

Shift : Night Shift (8PM - 5AM )

Work Setup : Onsite

Permanent role & Direct hiring by the client

Job Description :

Bachelor's degree or four or more years of work experience.

●4 or more years or relevant work experience in Physical Security, Information Security, Cybersecurity, Insider threat or related Security discipline.

Minimum 3+ yrs of exp into TPRM - Third Party Risk Management

● 3 or more years of working experience in IT network security, risk management, vulnerability assessment, security breach investigation, ethical hacking, forensics investigation.

● Even better if you have one or more of the following:

o Professional certifications such as Active Security+, CISSP, CISA, CISM, CFE, or CEH. ( Not Mandatory )

o Experience with network security, risk management, vulnerability assessment, security breach investigation, PCI DSS, ethical hacking, forensics investigation, ITIL, or COBIT frameworks.

o Experience in cybersecurity, information security, or information assurance position including security verification, or security validation, or security audit based on ISO standards.

o Experience with a broad range of security solutions to address complex control scenarios.

o Project management and experience with risks associated with global operations, offshoring, or outsourcing.

o Experience in physical security reviews and dealing with varying levels of user groups, senior executives, and technical personnel.

o Attended training and security conferences, chairing forums, writing security/technical books and/or similar web content.

o Demonstrated understanding of cyber security risk management concepts, cybersecurity frameworks, control standards, secure coding principles, and security technologies.

Job Type: Permanent

Pay: Php100, Php220,000.00 per month

Benefits:

• Health insurance
• Life insurance

Application Question(s):

• Are you flexible to work Onsite In Laguna , in Night Shift schedule ?
• Mention the current Salary , Expected Salary Range & Notice period and Alternative number ( Viber / Whatsapp )
• Three or more years of working experience in IT network security, risk management, vulnerability assessment, security breach investigation, ethical hacking, forensics investigation
• Experience in cybersecurity, information security, or information assurance position including security verification, or security validation, or security audit based on ISO standards.
• Do you have 4 or more years or relevant work experience in Physical Security, Information Security, Cybersecurity, Insider threat or related Security discipline.
• How many years of Strong exp in Cyber Security
• How many years of Strong exp in to Third Party Risk Management - TPRM

Knowledgeable in the following:

FW

EDR

SIEM

DLP

Email Gateway

PAM

Key Responsibilities:

SIEM Platform Management:

• Design, implement, and tune SIEM solutions (e.g., Google SecOps, Splunk, IBM QRadar, Microsoft Sentinel, Elastic Stack, or similar).
• Create and maintain correlation rules, dashboards, and reports to detect anomalies and security threats.
• Integrate data sources from various systems (network, endpoints, cloud, applications) into the SIEM.
• Optimize data ingestion, parsing, and normalizaƟon to reduce noise and improve performance.

SOAR Platform Integration & Automation:

• Deploy and manage SOAR platforms (e.g., Google SecOps SOAR, Palo Alto Cortex XSOAR, Splunk SOAR, IBM Resilient, or similar).
• Design and develop automated playbooks for incident response, threat intelligence enrichment, and alert triage.
• Collaborate with SOC analysts to streamline workflows and reduce response time through automation.
• Maintain integrations with ticketing systems, threat intel feeds, and security tools.

Security Engineering & Support:

• Support incident response teams with actionable alerts and automated processes.
• Perform root cause analysis of recurring security events and develop engineering solutions to prevent them.
• Collaborate with compliance and audit teams to ensure security controls meet regulatory requirements.
• Provide training and documentation to SOC and IT teams on the use of SIEM/SOAR tools.

Education & Experience:

• Bachelor's degree in Cybersecurity, Computer Science, Information Systems, or related field.
• Minimum of 5 years of experience in cybersecurity, with at least 2 years in SIEM/SOAR administration or engineering.
• Experience in a Security Operations Center (SOC) environment is preferred.

Technical Skills:

• Strong hands-on experience with at least one major SIEM (e.g., Google SecOps, Splunk, QRadar, Sentinel, ArcSight).
• Experience with SOAR platforms and playbook development.
• Proficiency in scripting languages (Python, PowerShell, Bash) for automation and tool integration.
• Understanding of security frameworks (MITRE ATT&CK, NIST, CIS Controls).
• Familiarity with EDR, firewalls, IDS/IPS, threat intelligence platforms, and cloud security tools (AWS, Azure, or GCP).

Soft Skills:

• Excellent problem-solving and analytical skills.
• Strong written and verbal communication abilities.
• Ability to work independently and collaborate across cross-functional teams

• Level 3 Cybersecurity Incident Response
• Level 2 IR coordination
• Daily Cybersec Ticket Management
• Vulnerability Assessment and Pen Testing Exercise.
• Assist in requirements analysis and solutions design.
• Assist in project management deliverables (network matrix, implementation plan, etc.)
• Provide configuration, and administration support for one or more of the following platforms:

Microsoft 365

AWS

JumpCloud

CrowdStrike

Slack

Atlassian

Docusign

ProofPoint

GlobalSign

• Assist in Knowledge Transfer for the implemented solutions.
• Work with Security Governance Team to ensure compliance with Cybersecurity-related

regulations and industry standards.

• Daily Operational Tasks (monitoring, reporting, compliance activities)

Requirements:

• Strong analytical and planning skills;
• Good communication and presentation skills;
• Excellent problem-solving skills;
• Experience and knowledge in Vulnerability Assessment tools and Penetration Testing tools;
• Experience in cyber security-related duties such as incident detection and response, and forensics;
• Up to date knowledge of the latest cybersecurity trends

Job Description:

• Conduct and/or support authorized penetration testing on enterprise network assets.
• Prepare reports that identify technical and procedural findings and provide recommended remediation strategies/solutions.
• Perform technical (evaluation of technology) and non-technical (evaluation of people and operations) risk and vulnerability assessments of relevant technology focus areas (e.g., local computing environment, network and infrastructure, enclave boundary, supporting infrastructure and applications).
• Capture and analyze network traffic associated with malicious activities using network monitoring tools.
• Make recommendations regarding the selection of cost-effective security controls to mitigate risk (e.g., protection of information, systems and processes).
• Effective security event analysis and pattern identification.
• Use cyber defense tools for continual monitoring and analysis of system activity to identify malicious activity.
• Monitor external data sources (e.g., cyber defense vendor sites, Computer Emergency Response Teams, Security Focus) to maintain currency of cyber defense threat condition and determine which security issues may have an impact on the enterprise.
• Provides cybersecurity recommendations to leadership based on significant threats and vulnerabilities.
• Provide technical summary of findings in accordance with established reporting procedures.
• Perform timeline analysis.

Job Qualifications:

• Experience with endpoint, network, and endpoint security solutions.
• Knowledge: Good knowledge of IT security controls.
• Bachelor's Degree in Information Technology, Computer Science, Electronics Engineering or equivalent.
• Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks).
• Knowledge of cyber attackers (e.g., script kiddies, insider threat, non-nation state sponsored and nation sponsored).
• Knowledge of penetration testing principles, tools and techniques.
• Knowledge of cyber threats and vulnerabilities.
• Knowledge of cybersecurity and privacy principles.
• Knowledge of security implications of software configurations.
• Knowledge of network traffic analysis methods.
• Knowledge of packet-level analysis using appropriate tools (e.g., Wireshark, tcpdump).
• Knowledge of how to use network analysis tools to identify vulnerabilities.
• Knowledge of OSI model and underlying network protocols (e.g., TCP/IP).
• Knowledge in security event analysis.
• Experience with Windows.
• Experience with Linux.
• Scripting skills.
• Familiarity with common and advanced vulnerabilities, exploits and attacks in Windows/Linux operating systems and web-based applications.
• Familiarity with malware analysis and digital forensics is an advantage.
• Knowledge of cyber defense and vulnerability assessment tools and their capabilities.
• Amenable to work in Marikina Head Office.

Imagine a world where banking is not just a transaction but a transformative experience. Welcome to Axos Business Center We're on a mission to redefine the financial landscape with innovation, creativity, and customer-centric solutions at the core of everything we do. #Banking Evolved.

Ready to dive into a new chapter in your career journey and make your mark this year? We need visionary minds like yours Join our team and become part of a dynamic force that's reshaping how people interact with their finances.

Your next big opportunity is just a click away

We are seeking a highly skilled and experienced Cyber Security Engineer to lead threat detection, incident response, and continuous monitoring efforts within our Security Operations Center. This role is critical to maintaining the confidentiality, integrity, and availability of our systems and data, especially in a highly regulated financial environment. The ideal candidate will bring deep technical expertise, a proactive mindset, and a passion for defending against evolving cyber threats.

Key Responsibilities:

• Lead and coordinate real-time monitoring, triage, and response to security incidents across cloud and on-prem environments.
• Develop and tune SIEM detection rules, use cases, and correlation logic to improve threat visibility.
• Perform threat hunting and forensic investigations using logs, endpoint telemetry, and network data.
• Collaborate with threat intelligence teams to integrate IOCs and TTPs into detection workflows.
• Maintain and enhance SOC playbooks, runbooks, and incident response procedures.
• Mentor junior SOC analysts and provide technical guidance during escalated incidents.
• Work with engineering and infrastructure teams to implement security controls and logging standards.
• Support compliance efforts (e.g., GLBA, FFIEC, PCI DSS) by ensuring logging, monitoring, and incident response capabilities meet regulatory requirements.
• Participate in red/blue/purple team exercises and post-incident reviews.

Qualifications:

• Lead and coordinate real-time monitoring, triage, and response to security incidents across cloud and on-prem environments.
• Develop and tune SIEM detection rules, use cases, and correlation logic to improve threat visibility.
• Perform threat hunting and forensic investigations using logs, endpoint telemetry, and network data.
• Collaborate with threat intelligence teams to integrate IOCs and TTPs into detection workflows.
• Maintain and enhance SOC playbooks, runbooks, and incident response procedures.
• Mentor junior SOC analysts and provide technical guidance during escalated incidents.
• Work with engineering and infrastructure teams to implement security controls and logging standards.
• Support compliance efforts (e.g., GLBA, FFIEC, PCI DSS) by ensuring logging, monitoring, and incident response capabilities meet regulatory requirements.
• Participate in red/blue/purple team exercises and post-incident reviews.

Preferred Certifications:

• GIAC Certified Incident Handler (GCIH)
• GIAC Security Operations Certified (GSOC)
• Certified Information Systems Security Professional (CISSP)
• Certified SOC Analyst (CSA)

Imagine a world where banking is not just a transaction but a transformative experience. Welcome to Axos Business Center We're on a mission to redefine the financial landscape with innovation, creativity, and customer-centric solutions at the core of everything we do. #Banking Evolved.

Ready to dive into a new chapter in your career journey and make your mark this year? We need visionary minds like yours Join our team and become part of a dynamic force that's reshaping how people interact with their finances.

Your next big opportunity is just a click away

We are seeking a highly skilled and experienced Cyber Security Engineer to lead threat detection, incident response, and continuous monitoring efforts within our Security Operations Center. This role is critical to maintaining the confidentiality, integrity, and availability of our systems and data, especially in a highly regulated financial environment. The ideal candidate will bring deep technical expertise, a proactive mindset, and a passion for defending against evolving cyber threats.

Key Responsibilities:

• Lead and coordinate real-time monitoring, triage, and response to security incidents across cloud and on-prem environments.
• Develop and tune SIEM detection rules, use cases, and correlation logic to improve threat visibility.
• Perform threat hunting and forensic investigations using logs, endpoint telemetry, and network data.
• Collaborate with threat intelligence teams to integrate IOCs and TTPs into detection workflows.
• Maintain and enhance SOC playbooks, runbooks, and incident response procedures.
• Mentor junior SOC analysts and provide technical guidance during escalated incidents.
• Work with engineering and infrastructure teams to implement security controls and logging standards.
• Support compliance efforts (e.g., GLBA, FFIEC, PCI DSS) by ensuring logging, monitoring, and incident response capabilities meet regulatory requirements.
• Participate in red/blue/purple team exercises and post-incident reviews.

Qualifications:

• Lead and coordinate real-time monitoring, triage, and response to security incidents across cloud and on-prem environments.
• Develop and tune SIEM detection rules, use cases, and correlation logic to improve threat visibility.
• Perform threat hunting and forensic investigations using logs, endpoint telemetry, and network data.
• Collaborate with threat intelligence teams to integrate IOCs and TTPs into detection workflows.
• Maintain and enhance SOC playbooks, runbooks, and incident response procedures.
• Mentor junior SOC analysts and provide technical guidance during escalated incidents.
• Work with engineering and infrastructure teams to implement security controls and logging standards.
• Support compliance efforts (e.g., GLBA, FFIEC, PCI DSS) by ensuring logging, monitoring, and incident response capabilities meet regulatory requirements.
• Participate in red/blue/purple team exercises and post-incident reviews.

Preferred Certifications:

• GIAC Certified Incident Handler (GCIH)
• GIAC Security Operations Certified (GSOC)
• Certified Information Systems Security Professional (CISSP)
• Certified SOC Analyst (CSA)

Job Description:

• Conduct and/or support authorized penetration testing on enterprise network assets.
• Prepare reports that identify technical and procedural findings and provide recommended remediation strategies/solutions.
• Perform technical (evaluation of technology) and non-technical (evaluation of people and operations) risk and vulnerability assessments of relevant technology focus areas (e.g., local computing environment, network and infrastructure, enclave boundary, supporting infrastructure and applications).
• Capture and analyze network traffic associated with malicious activities using network monitoring tools.
• Make recommendations regarding the selection of cost-effective security controls to mitigate risk (e.g., protection of information, systems and processes).
• Effective security event analysis and pattern identification.
• Use cyber defense tools for continual monitoring and analysis of system activity to identify malicious activity.
• Monitor external data sources (e.g., cyber defense vendor sites, Computer Emergency Response Teams, Security Focus) to maintain currency of cyber defense threat condition and determine which security issues may have an impact on the enterprise.
• Provides cybersecurity recommendations to leadership based on significant threats and vulnerabilities.
• Provide technical summary of findings in accordance with established reporting procedures.
• Perform timeline analysis.

Job Qualifications:

• Experience with endpoint, network, and endpoint security solutions.
• Knowledge: Good knowledge of IT security controls.
• Bachelor's Degree in Information Technology, Computer Science, Electronics Engineering or equivalent.
• Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks).
• Knowledge of cyber attackers (e.g., script kiddies, insider threat, non-nation state sponsored and nation sponsored).
• Knowledge of penetration testing principles, tools and techniques.
• Knowledge of cyber threats and vulnerabilities.
• Knowledge of cybersecurity and privacy principles.
• Knowledge of security implications of software configurations.
• Knowledge of network traffic analysis methods.
• Knowledge of packet-level analysis using appropriate tools (e.g., Wireshark, tcpdump).
• Knowledge of how to use network analysis tools to identify vulnerabilities.
• Knowledge of OSI model and underlying network protocols (e.g., TCP/IP).
• Knowledge in security event analysis.
• Experience with Windows.
• Experience with Linux.
• Scripting skills.
• Familiarity with common and advanced vulnerabilities, exploits and attacks in Windows/Linux operating systems and web-based applications.
• Familiarity with malware analysis and digital forensics is an advantage.
• Knowledge of cyber defense and vulnerability assessment tools and their capabilities.
• Amenable to work in Marikina Head Office.

Job Type: Full-time

Pay: Php25, Php45,000.00 per month

Benefits:

• Company Christmas gift
• Company events
• Free parking
• Health insurance
• Opportunities for promotion
• Paid training
• Promotion to permanent employee

Work Location: In person

Axos Business Center, Corp

About This Job
Axos Bank is seeking a highly skilled and experienced Senior SOC Engineer to lead threat detection, incident response, and continuous monitoring efforts within our Security Operations Center. This role is critical to maintaining the confidentiality, integrity, and availability of our systems and data, especially in a highly regulated financial environment. The ideal candidate will bring deep technical expertise, a proactive mindset, and a passion for defending against evolving cyber threats.

US Manager: Raghu V.

Key Responsibilities
:

• Lead and coordinate real-time monitoring, triage, and response to security incidents across cloud and on-prem environments.
• Develop and tune SIEM detection rules, use cases, and correlation logic to improve threat visibility.
• Perform threat hunting and forensic investigations using logs, endpoint telemetry, and network data.
• Collaborate with threat intelligence teams to integrate IOCs and TTPs into detection workflows.
• Maintain and enhance SOC playbooks, runbooks, and incident response procedures.
• Mentor junior SOC analysts and provide technical guidance during escalated incidents.
• Work with engineering and infrastructure teams to implement security controls and logging standards.
• Support compliance efforts (e.g., GLBA, FFIEC, PCI DSS) by ensuring logging, monitoring, and incident response capabilities meet regulatory requirements.
• Participate in red/blue/purple team exercises and post-incident reviews.

Qualifications
:

• Lead and coordinate real-time monitoring, triage, and response to security incidents across cloud and on-prem environments.
• Develop and tune SIEM detection rules, use cases, and correlation logic to improve threat visibility.
• Perform threat hunting and forensic investigations using logs, endpoint telemetry, and network data.
• Collaborate with threat intelligence teams to integrate IOCs and TTPs into detection workflows.
• Maintain and enhance SOC playbooks, runbooks, and incident response procedures.
• Mentor junior SOC analysts and provide technical guidance during escalated incidents.
• Work with engineering and infrastructure teams to implement security controls and logging standards.
• Support compliance efforts (e.g., GLBA, FFIEC, PCI DSS) by ensuring logging, monitoring, and incident response capabilities meet regulatory requirements.
• Participate in red/blue/purple team exercises and post-incident reviews.

Preferred Certifications:

• GIAC Certified Incident Handler (GCIH)
• GIAC Security Operations Certified (GSOC)
• Certified Information Systems Security Professional (CISSP)
• Certified SOC Analyst (CSA)

About Axos
Born digital-first, Axos delivers financial tools and services that allow individuals, small businesses, and companies to access and manage their money how, when, and where they want. We're a diverse team of dynamic, insightful, and independent innovators who are excited to provide technology-driven solutions that offer unbeatable value to our customers.

Axos Financial is our holding company and is publicly traded on the New York Stock Exchange under the symbol "AX" (NYSE: AX).

Learn More about working at Axos Business Center

Pre-Employment Background Check, Medical, and Drug Test:
All offers are contingent upon the candidate successfully passing a credit check, criminal background check, and pre-employment medical and drug screening.

Equal Employment Opportunity:
Axos is an Equal Opportunity employer. We are committed to providing equal employment opportunities to all employees and applicants without regard to race, religious creed, color, sex (including pregnancy, breast feeding and related medical conditions), gender, gender identity, gender expression, sexual orientation, national origin, ancestry, citizenship status, military and veteran status, marital status, age, protected medical condition, genetic information, physical disability, mental disability, or any other protected status in accordance with all applicable federal, state, and local laws.

Job Functions and Work Environment:
While performing the duties of this position, the employee is required to sit for extended periods of time. Manual dexterity and coordination are required while operating standard office equipment such as computer keyboard and mouse, calculator, telephone, copiers, etc.

The work environment characteristics described here are representative of those an employee may encounter while performing the essential functions of this position. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of this position.