26 Cybersecurity Analyst jobs in the Philippines

COMPANY PROFILE: A well-established BPO company that is well-committed in providing business outsourcing needs to its clients
Position: Vulnerability Assessment Analyst br>Company Industry: BPO Company
Work Location: MOA Pasay
Work Schedule: Mid Shift (4:00 PM or 5:00 PM)
Salary: Php 60,000 – Php 70,000 < r>Work Set Up: Hybrid (1–2 times a month Return-to-Office) < r>
JOB REQUIREMENTS:
• Bachelor’s degree in Computer Science, Information Systems, Cyber Intelligence, or related field
• E perience creating Nuclei templates < r>• P actical experience with network and web application penetration testing tools such as: Burp Suite, Nmap, Fiddler, OWASP ZAP, Metasploit or Wireshark. < r>
JOB RESPONSIBILITIES:
• C nduct regular vulnerability assessments and support mitigation strategies < r>• I entify, analyze, and report on potential security threats < r>• C llaborate with internal teams to improve overall system security < r>• M intain and update security tools and scripts used for threat detection < r>• A sist in incident response and remediation activities < r>
RECRUITMENT PROCESS: (ONLINE)
HR Interview
Technical Assessment
Hiring Manager Interview
Job Offer

The Security Operations analyst job role requires a very motivated goal driven individual with strong interpersonal, communication and organizational skills. Must be detail oriented, with a strong work ethic, able to work with mínimal supervision. The role also requires an individual who will act as a security liaison with groups within and outside of JobTarget IT. The Security Analyst’s primary job role is to reduce risk to JobTarget Information Systems, Platforms and Applications through the understanding and the adherence to a risk management framework and to provide governance through the drafting and socialization of security standards, guidelines, policies, and procedures.

**What We Can Offer**:

- Salary Range (Php 62,500 to Php80,500)
- 20 Paid Time Off with 5 convertible to cash at the end of the year
- HMO (with 2 dependents - co paid)
- Group Life and Accident Insurance
- Other exciting monetary allowances
- Great team, culture, and environment and tons of opportunity for career growth

**Work Schedule**: Day/Night

**Work Type**: Remote / Office-Based / Both

**Position To Fill**: One

**What You'll Do**:
Reducing risk through governance and education:

- Responsible for being the Subject Matter Expert (SME) for Information Security Incident Response Actions, ensuring incidents are properly triaged, addressed, tracked, and closed.
- Create Incident Response Playbooks and help in developing Standard Operating Procedures (SOP).
- Responsible for performing internal and external security assessments/testing to validate the effectiveness of current security infrastructure using commonly available security assessment tools and make recommendations to remediate identified risks or vulnerabilities.
- Responsible for review and audit of assets such as VPN, Firewall, & IDS/IPS Configuration & Management.
- Responsible for assisting in the development of appropriate security related policies, procedures, guidelines, standards, benchmarks/metrics and/or processes for network infrastructure, servers, firewalls, intrusion detection/prevention (IDS/IPS) appliances and software.
- Responsible for assisting in various projects to ensure corporate governance of security and compliance with applicable regulations.
- Generates Information Security metrics and reports for executive leadership
- Liaisons with Legal for vendor management, e-discovery, and basic forensics
- Directs Security Awareness Training for employees
- Develops policy documentation

**What You Need to Qualify**:
**Core Skills**:

- Acts responsibly with sensitive and confidential information
- Is creative and resourceful as a problem solver
- Consistently demonstrates the drive to deliver successfully even under difficult timelines
- Has strong analytical, methodical, investigative and auditing skills
- Knows when to make practical rational decisions that reduce risk to JobTarget information and Information systems
- Good written and verbal communications skills
- Good technical writing skills
- A critical logical thinker who is efficient and methodical

**TECHNICAL SKILLS**

Good understanding of the following:

- Background in a security governance model such as NIST, ISO, PCI, or HIPPA.
- Experience in developing cybersecurity policies and procedures
- Familiarity with risk management frameworks.
- Familiarity with Asset Management
- Able to define and understand various lines of business and the relationship to cybersecurity roles, responsibilities, and risk management decisions.
- Familiarity with access control management and strategies
- Able to manage vulnerability remediation through use of mitigation strategies
- Familiarity with security control assessments and procedures
- Ability to perform audits of systems, software, and security controls
- Familiarity with administering a corporate security awareness training program
- Experience with vetting vendors and vendor management
- Familiarity with legal and regulatory compliance requirements.
- HIDS/NIDS
- Network Monitoring Tools
- Case Management System
- Web Security Gateway
- Data Loss Prevention
- Network Access Control
- Encryption
- Vulnerability Identification

**Job Experience**:

- 5 years in a role within Information Technology
- 1-3 years documentation experience

**Desired Technical Certifications**:

- Security+ or equivalent

**Desired Education**:

- Bachelor’s Degree Required or equivalent experience

**Job Types**: Full-time, Permanent

**Salary**: Php62,500.00 - Php80,500.00 per month

**Benefits**:

- Health insurance
- Life insurance
- Opportunities for promotion

Schedule:

- 8 hour shift

Supplemental pay types:

- 13th month salary

Job Scope:
To manage all RX security assessments and play a key part in ensuring RX's security compliance optimization. Monitor assessments while ensuring that Reed Exhibitions internal systems are compliant with RELX and industry standards. Proactively manage the third-party risk assessments, compliance evidence gathering of their IT services, infrastructure, applications and relevant services against their Security policies and related frameworks. Training and development will be provided in all areas of the role as required.
Key Responsibilities:
Security Assessment Management
+ Serve as an advanced technical advisor for third-party assessments, providing detailed security insights and solutions.
+ Perform in-depth security reviews and risk assessments for new and existing third-party vendors, ensuring compliance with organizational and regulatory requirements.
+ Demonstrate advanced knowledge in RELX security compliance policies and procedures.
+ Stay current with updates and developments in security standards such as OWASP Top 10, ISO27001, and SOC 2, and ensure their proper implementation across the organization.
+ Develop and deliver training and awareness on security policies and standards to business units.
+ Gain in-depth knowledge of the organization's major infrastructure security controls, ensuring they align with RELX Policies and Standards, industry best practices, and regulatory requirements.
+ Coordinate with technology/service owners and business owners to conduct annual security audits, vulnerability assessments, and penetration tests where applicable.
+ Work collaboratively within all business areas and key stakeholders to ensure the review and approach of all security governance, risk, and compliance scope is appropriate and proactive.
+ Ensure continuous monitoring and reporting of compliance and risk status against NIST2.0, RELX Framework, ISO27001, SOC2, PCI DSS, regional and global regulations, and all other relevant standards.
+ Support internal and external audits by providing detailed documentation and evidence of security controls and practices.
+ Perform RX Business Unit and Third-Party security audits according to the CISO office strategic plan and produce detailed documentation and evidence against security controls and practices tested.
+ Act as a point of escalation for security-related incidents, providing advanced security support and guidance to Level I Analysts and other team members.
+ Provide regular updates and at least monthly metric reports to senior management on security compliance and risk posture.
+ Escalation of high impact security issues to Security Compliance Manager.
Ideal candidate profile:
Technical Skills:
+ Bachelor's Degree holder.
+ Background in IT, compliance, and/or information security.
+ Ability to work across all levels of seniority within business teams to drive a working partnership.
+ Strong analytical and critical thinking skills.
+ Understanding of industry standards for IT security (e.g., ISO27001/2, SOC 2, PCI DSS).
+ Basic understanding of IT security applications (e.g., firewalls, intrusion detection, virus protection).
+ Understanding of IT security testing and vulnerability management, and Threat Modeling.
+ Understanding in Cloud Environment (e.g., AWS, Azure or GCP)
+ Understanding of Service Level Management.
+ Desired understanding of OneTrust portal or Similar.
+ With CompTIA Security+ or Similar or Higher.
Personal Skills:
+ Ability to work across all levels of seniority within the organization and suppliers to drive a working partnership.
+ Good communication skills at all levels, both oral and written.
+ Good interpersonal skills.
+ Ability to produce effective influence and persuasive arguments in support of security assessment process goals.
+ Highly driven and self-motivated individuals.
+ Skilled in project management and able to work independently in a fast-paced environment.
We are committed to providing a fair and accessible hiring process. If you have a disability or other need that requires accommodation or adjustment, please let us know by completing our Applicant Request Support Form or please contact 1- .
Criminals may pose as recruiters asking for money or personal information. We never request money or banking details from job applicants. Learn more about spotting and avoiding scams here .
Please read our Candidate Privacy Policy .
We are an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law.
USA Job Seekers:
EEO Know Your Rights .
RELX is a global provider of information-based analytics and decision tools for professional and business customers, enabling them to make better decisions, get better results and be more productive.
Our purpose is to benefit society by developing products that help researchers advance scientific knowledge; doctors and nurses improve the lives of patients; lawyers promote the rule of law and achieve justice and fair results for their clients; businesses and governments prevent fraud; consumers access financial services and get fair prices on insurance; and customers learn about markets and complete transactions.
Our purpose guides our actions beyond the products that we develop. It defines us as a company. Every day across RELX our employees are inspired to undertake initiatives that make unique contributions to society and the communities in which we operate.

**Company Description**:

- Outsourced is a leading Business Process Outsourcing (BPO) in the Philippines that provides dedicated full time remote staff and offshore staffing services to international companies of all sizes. We specialize in providing offshore staff of the highest quality who will continue to exceed your expectations ongoing. We provide both remote
- **home-based** and state-of-the-art
- **office-based** offshore staffing options. We have spared no expense to ensure your offshore staff are comfortable and able to perform their work effectively and efficiently
- Design and implementation of Microsoft Security Solution portfolio
- Work alongside SOC Analysts to improve the detection of security incidents
- Research and implement new Microsoft feature sets that can be used within the SOC
- Assist with the development of more junior members of the team where required

**Qualifications**:

- Microsoft Certifications such as: AZ-104, SC-200, MS-500 & AZ-500
- Hands-on design & implementation experience of SIEM solutions such as: MS Sentinel, Splunk etc
- Experience of scripting languages such as Python/Powershell
- Experience with Azure DevOps
- Experience with Azure Security Solutions, MCAS, AADIP, Defender for endpoint, DNS, Defender for Identity, Office 365
- A good understanding of Information Security Governance, ISO 27001, IASME Governance etc
- Microsoft Windows Server & Desktop, O365 etc
- Linux - RedHat, CentOS, Ubuntu, Debian etc
- Experience in Virtualisation / Cloud and Scalability of infrastructures
- Previous experience dealing with multiple clients and products
- Excellent written and spoken English skills are vital for compiling high-quality reports and liaising with clients

**_What User Access Management contributes to Cardinal Health_**
The User Access Management team is responsible for managing identity and attributes for employees, contractors, customers, vendors, etc.
Ensures compliance with Cardinal Health security requirements for applications in the organization in relation to identity and access.
Analysts within the team ensure the right access to the right applications at the appropriate time through provisioning efforts, IdentityIQ management, SAP, and approval enforcement.
**_Functional Competencies_**
+ Maintain efforts to streamline the user provisioning processes.
+ Improve the transparency of access for our entitlement owners and managers.
+ Serve as the point of escalation from the business and IT; execute the provisioning steps needed to ensure an efficient and compliant process.
+ Partner with application teams to provide security, governance, and provisioning services enterprise-wide.
+ Minimum cross knowledge to provide process improvement of how the ENTIRE team works together to streamline job functions.
**_Activities/accountabilities include the following:_**
+ Partners with application teams to create/streamline provisioning processes.
+ Serve as liaison between business and IT to determine appropriate access for users, including user consultations, SoD checks, and access determination.
+ Able to take a group of users, review the access and identify changes that can be made to ensure consistency and repeatability in provisioning that group.
+ Ensures the consistency and cleanliness of the environments we manage.
+ Ensures all documentation on tasks performed has been updated and published in a shared location.
+ Act as an advocate for access controls and identity access management (IAM) services, ensuring correct/appropriate standards and processes are being adhered to
+ Achieve quality review standards of no repeat errors.
+ Initiate regular reviews of user to role mappings to ensure access meets the security design and security/access related problem resolution.
+ Focus on automation opportunities/improvements.
**_Qualifications_**
+ Application access support/administration
+ Functional experience with security principles, specifically access management.
+ Process improvement and lean principles.
_Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._
_Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._
_To read and review this privacy notice click_ here (

The security Analyst will address the challenge of managing cybersecurity and privacy risks in a way that is in line with Aspires strategy; The security analyst will provide independent, impartial assistance in IT and across the business, bringing insights from our work with internal and external systems, as well as knowledge of industry leading practice, regulation, and audit requirements.
- Perform vulnerability assessments, penetration tests and technical security compliance review.
- Perform penetration tests and writes recommendations for security improvements.
- Monitor managed components and manage incidents and problems.
- Design, develop, install, configure, test, monitor, maintain, troubleshoot, and upgrade cyber security infrastructure.
- Support various technical and non-technical stakeholders to specify and negotiate security requirements.

**JOB SPECIFICATIONS**

**1. **Education**:

- Bachelor's/College Degree in Computer Science/Information Technology or equivalent.

**2.** **Knowledge and skills**:

- Experience in information security or related field
- Experience with computer network penetration testing and techniques
- Understanding of firewalls, proxies, SIEM, antivirus, and IDPS concepts
- Ability to identify and mitigate network vulnerabilities and explain how to avoid them.
- Understanding of patch management with the ability to deploy patches in a timely manner while understanding business impact.
- Experienced in installing security software and documenting security issues.
- Excellent problem-solving and communication skills
- Ability to think critically.
- Good interpersonal skills
- Excellent written and oral communication skills

**3.** **Experience**:

- 1 year or more experience in experience in information security

**Job Types**: Full-time, Permanent, Fresh graduate

**Salary**: Php30,000.00 per month

**Benefits**:

- Company Christmas gift
- Health insurance
- Life insurance
- Paid training
- Promotion to permanent employee

Schedule:

- 8 hour shift
- Monday to Friday
- Night shift

Supplemental pay types:

- 13th month salary
- Overtime pay

Ability to commute/relocate:

- Taguig City: Reliably commute or planning to relocate before starting work (required)