340 Log Management jobs in the Philippines

• Azure Infrastructure & Security: NSGs, Routing, Peering, Private Endpoints, Firewalls, WAFs, Sentinel
• Networking: Cisco, FortiGate, VPN, Hybrid Connectivity, Network Security
• IAM & PAM: Azure AD, Conditional Access, RBAC, Azure PIM, CyberArk, BeyondTrust
• Automation & Scripting: PowerShell, Infrastructure as Code (IaC)
• Virtualisation: VMware, Hyper-V
• Security Standards & Compliance: Essential 8, NIST, SOCI
• SIEM & Log Management: Azure Sentinel, Security log ingestion

PRINCIPAL RESPONSIBILITIES

· Analyze security breaches and weaknesses, identify security gaps, provide remediation advice, and recommend actionable solutions for risk mitigation.

· Initiate security awareness training for employees.

· Monitor and optimize network and server security performance using monitoring tools to identify and address issues proactively.

· Conduct regular network & security assessments and audits to identify optimization opportunities.

· Develop and maintain comprehensive documentation related to IT infrastructure security configurations, processes, and procedures.

· Provide after-hours support when required in emergencies.

· Lead project implementations, configure and manage cybersecurity tools like Endpoint Protection tools, EPP/EDR, SIEM/XDR, DLP, SASE and File Encryption to ensure timely delivery and successful results.

· Involve in data security projects and activities such as DR, migration, retrieval and protection.

· Provide technical guidance and support to internal teams and customers on security product-related issues.

· Write detailed technical reports for both technical staff and non-technical stakeholders, outlining security issues and solutions.

· Stay updated on the latest cybersecurity threats, vulnerabilities, and trends.

· Work closely with network and systems teams for any security related projects or activities.

TECHNICAL QUALIFICATIONS

· Bachelor's Degree in Computer Engineering or Computer Science

· Familiarity with operating systems (Windows, Linux, Unix, etc.)

· Knowledge of networking protocols and technologies

· Proficiency in using cybersecurity tools such as Wireshark, Nmap, Metasploit, Trend Micro.

· Basic understanding of encryption techniques and cryptography

· Ability to perform security assessments and vulnerability scans

· Certifications such as CISSP, CEH, GSSP, GSEC, CSSLP, GIAC, ISA Cybersecurity is desirable.

· Proven experience in Python, Ansible and other network automation tools.

· Strong understanding of cybersecurity principles, protocols, and best practices.

· Excellent problem-solving and analytical skills.

· Strong communication and teamwork skills.

· Proven experience in Security devices and tools like firewall, EDR, SIEM, Endpoint Protection, SASE and vulnerability management tools

· Familiarity with compliance frameworks such as SOC 2, ISO 27001, and PCI.

Job description:

The position will play a critical role in our IT security team, focusing on the safeguarding of our computer networks and systems. This role involves assessing our security measures, identifying vulnerabilities, implementing security solutions, and responding to security breaches. The ideal candidate will have a strong foundation in information security principles, be detail-oriented, and possess excellent problem-solving skills.

Key Responsibilities:

• Monitor our network for security breaches and investigate a violation when one occurs.
• Install and use software, such as firewalls and data encryption programs, to protect sensitive information.
• Perform vulnerability testing, risk analyses, and security assessments.
• Plan, implement, and upgrade security measures and controls.
• Develop and document security policies and procedures.
• Conduct internal and external security audits.
• Manage network, intrusion detection, and prevention systems.
• Analyze security breaches to identify the root cause.
• Coordinate with different departments to improve security.
• Stay updated on the latest intelligence, including hackers' methodologies, to anticipate security breaches.
• Provide technical advice to colleagues on how to securely develop and maintain computer systems.

Requirements:

• Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent work experience.
• Preferrably with Professional Certification as Google Cloud Security Engineer.
• Proven work experience as a Security Engineer or similar role.
• Familiarity with various operating systems and databases.
• Experience in using security tools and technologies.
• Knowledge of patch management, firewalls, and intrusion detection/prevention systems.
• Understanding of secure coding practices, ethical hacking, and threat modeling.
• Excellent problem-solving and communication skills.
• Willing to work in graveyard shift.

Interested applicants may also send their CVs to Apply now and be part of our growing team

Job Type: Full-time

Pay: Php40, Php70,000.00 per month

Benefits:

• Company events
• Flextime
• Health insurance
• Paid training
• Work from home

Work Location: Remote

About the Role

We are looking for a skilled Web & API Security Engineer with strong offensive security expertise. In this hands-on role, you will test modern web applications and APIs to find vulnerabilities, simulate real-world attacks, and work with engineering teams to improve our platform's security.

What You'll Do

• Perform manual security testing on web applications and APIs (REST, GraphQL, gRPC).
• Identify vulnerabilities such as logic flaws, authentication bypasses, and chained exploits.
• Simulate real-world attacks and design potential attack paths.
• Test and analyze security controls like WAFs, rate limits, and authentication systems.
• Document findings clearly to help engineers fix issues quickly.
• Explore edge cases and scenarios often missed by automated tools.

What We're Looking For

• Proven experience in penetration testing of web apps and APIs.
• Strong knowledge of HTTP, cookies, sessions, JWTs, CORS, and authentication flows.
• Expertise in AuthN/AuthZ vulnerabilities (OAuth, IDOR, BOLA, SSO bypass).
• Familiarity with API attack methods (replay attacks, schema issues, parameter pollution).
• Proficiency with tools like Burp Suite Pro, Postman, sqlmap, jwt_tool, and scripting (Python/Bash).
• Ability to think like an attacker and uncover hidden risks.

Job Type: Full-time

Pay: Php100, Php120,000.00 per month

Application Question(s):

• Are you comfortable working in a hybrid set up?
• Are you comfortable working night shift?
• Do you have hands-on experience with Burp Suite Pro for manual security testing?
• Have you used of mitmproxy for intercepting and analyzing traffic?

Experience:

• Manual Penetration Testing: 5 years (Required)
• Python or Bash: 5 years (Required)
• API: 5 years (Required)

Work Location: In person

We are seeking a skilled and motivated Security Engineer to join our Enterprise Security and Access team, focusing on the implementation and operational support of SailPoint IdentityNow. This role involves designing, configuring, and maintaining identity governance workflows, ensuring secure and compliant access across the organization.

Key ResponsibilitiesImplement and maintain SailPoint IdentityNow solutions for identity lifecycle managementDevelop and troubleshoot workflows, transforms, and provisioning policiesIntegrate IdentityNow with systems such as Active Directory, LDAP, HRIS, and cloud platformsConduct unit testing and peer reviews to ensure quality and security of IAM configurationsCollaborate with global teams including cybersecurity, development, QA, and product managementDocument processes, change controls, and technical configurationsMentor junior team members and contribute to knowledge sharingSupport compliance initiatives (SOX, GDPR, HIPAA) through access certification and audit reporting

Required Qualifications3+ years of hands-on experience with SailPoint IdentityNowStrong understanding of IAM concepts: provisioning, RBAC, certification, and governanceExperience with scripting (BeanShell, PowerShell), REST APIs, and connector configurationsFamiliarity with backend infrastructure and cloud environments (Azure, AWS)Excellent troubleshooting and documentation skillsBachelor's degree in Computer Science, Information Security, or related field

Preferred SkillsSailPoint IdentityNow certification (Engineer or Professional)Experience with ITSM tools and change management processesKnowledge of security frameworks and regulatory standardsExposure to DevOps and CI/CD pipelinesStrong communication and stakeholder engagement skills

Let's be #BrilliantTogether

Overview
The role's primary focus is protecting the Firm's information security interests, leveraging advanced security tools and applications. As part of the Information Security Office (ISO), this role will work closely with technology functions to identify areas of improvement and supporting initiatives to promote information security within the organization.

Responsibilities

• Planning, implementing, managing, monitoring, and upgrading security measures for the protection of the organization's data, systems, and networks.
• Troubleshooting Security and network related problems.
• Responding to all system and/or network security issues.
• Ensuring the organization's data and infrastructure are protected by enabling the appropriate security controls.
• Participating in the change management process.
• Testing and identifying network and/or system security vulnerabilities.
• Evaluating the organization's security requirements and establishing best practices and standard accordingly.
• Daily administrative tasks, reporting, and communication with the relevant stakeholders in the organization.

Required Qualifications- Bachelor's degree in information technology or a related IT course.
- At least 4–6 years of experience in Security Engineering, including establishing and monitoring information security controls.
- Minimum of 4 years of hands-on experience with at least 1 or more of the following security tools and technologies:

• Zscaler Cloud Security
• Microsoft Sentinel
• Microsoft Defender Suites (Identity, Endpoint, Security, Cloud, etc.)
• CyberArk Privileged Access Management (PAM)
• Tenable Vulnerability Management
• Physical Security
• Excellent verbal and written communication skills, with the ability to coordinate effectively with vendors and global teams. Proven and strong technical writing capability – candidates should be prepared to provide and/or discuss writing samples.
• Strong administrative capabilities in task development, time management, and resource allocation to meet target deadlines.
• Demonstrated troubleshooting, follow-through, and critical-thinking skills.
• High level of risk intelligence and security awareness.
• Relevant vendor and/or vendor neutral certification(s) such as Microsoft Security Operations Analyst (SC-200), Microsoft Cybersecurity Architect (SC-100), CyberArk Trustee / CyberArk Defender / CyberArk Sentry / CyberArk Guardian, Zscaler Digital Transformation Administrator (ZDTA) / Zscaler Digital Transformation Engineer (ZDTE), CASP+, ISC2 SSCP.

Work Shift and Arrangement

• Embrace a dynamic work environment to work on a mid-shift (2:00PM-11:00PM PHT) or graveyard shift (11:00PM-8:00AM PHT).
• On-call rotation participation.
• Amenable to go on a hybrid working arrangement (at least 3 days work onsite per week) and work in Makati City.

What You Can Expect From Us
At ISS STOXX, our people are our driving force. We are committed to building a culture that values diverse skills, perspectives, and experiences. We hire the best talent in our industry and empower them with the resources, support, and opportunities to grow—professionally and personally.

Together, we foster an environment that fuels creativity, drives innovation, and shapes our future success.

Let's empower, collaborate, and inspire.

Let's be #BrilliantTogether.

About ISS STOXX
ISS STOXX GmbH is a leading provider of research and technology solutions for the financial market. Established in 1985, we offer top-notch benchmark and custom indices globally, helping clients identify investment opportunities and manage portfolio risks. Our services cover corporate governance, sustainability, cyber risk, and fund intelligence. Majority-owned by Deutsche Börse Group, ISS STOXX has over 3,400 professionals in 33 locations worldwide, serving around 6,400 clients, including institutional investors and companies focused on ESG, cyber, and governance risk. Clients trust our expertise to make informed decisions for their stakeholders' benefit.

Visit our website:

View additional open roles:

Institutional Shareholder Services ("ISS") is committed to fostering, cultivating, and preserving a culture of diversity and inclusion. It is our policy to prohibit discrimination or harassment against any applicant or employee on the basis of race, color, ethnicity, creed, religion, sex, age, height, weight, citizenship status, national origin, social origin, sexual orientation, gender identity or gender expression, pregnancy status, marital status, familial status, mental or physical disability, veteran status, military service or status, genetic information, or any other characteristic protected by law (referred to as "protected status"). All activities including, but not limited to, recruiting and hiring, recruitment advertising, promotions, performance appraisals, training, job assignments, compensation, demotions, transfers, terminations (including layoffs), benefits, and other terms, conditions, and privileges of employment, are and will be administered on a non-discriminatory basis, consistent with all applicable federal, state, and local requirements.

Job description:

About the Role

We are looking for a skilled Web & API Security Engineer with strong offensive security expertise. In this hands-on role, you will test modern web applications and APIs to find vulnerabilities, simulate real-world attacks, and work with engineering teams to improve our platform's security.

What You'll Do

• Perform manual security testing on web applications and APIs (REST, GraphQL, gRPC).
• Identify vulnerabilities such as logic flaws, authentication bypasses, and chained exploits.
• Simulate real-world attacks and design potential attack paths.
• Test and analyze security controls like WAFs, rate limits, and authentication systems.
• Document findings clearly to help engineers fix issues quickly.
• Explore edge cases and scenarios often missed by automated tools.

What We're Looking For

• Proven experience in penetration testing of web apps and APIs.
• Strong knowledge of HTTP, cookies, sessions, JWTs, CORS, and authentication flows.
• Expertise in AuthN/AuthZ vulnerabilities (OAuth, IDOR, BOLA, SSO bypass).
• Familiarity with API attack methods (replay attacks, schema issues, parameter pollution).
• Proficiency with tools like Burp Suite Pro, Postman, sqlmap, jwt_tool, and scripting (Python/Bash).
• Ability to think like an attacker and uncover hidden risks.

Job Purpose:

We are seeking a candidate with 3 or more years of hands-on experience with enterprise-level network design and deployment, deploying and maintaining networking devices, with basic knowledge of security and load balancer technology.

Job Responsibilities:

• A deep understanding of various factors to support various aspects of Security technology (Cisco, Palo Alto, Fortinet, F5, etc.) in an Enterprise network, Service Provider network, WAN/LAN Networking.
• The ability to create high- and low-level design documents, test plans, develop use cases, and participate in implementation.
• Fully able to support routine technical queries related to a single product/small set of products and able to support less experienced team members
• Take ownership for listening to and understanding customer problems by asking relevant questions to resolve typically known problems within required timescales. Knows when problems need to be further escalated to ensure satisfactory resolution.
• Develop an understanding of the customer's environment and service delivery requirements to enable the delivery of a first-class service.
• To interpret client needs, assess the full requirements, and identify suitable solutions.
• support on the service delivery and network solution implementation.
• Builds simulated networks in test labs to validate the design and solution and to resolve highly complex problems and compatibility issues.
• Executes all phases of project delivery including plan, design, network staging, implementation, migration, testing, handover, etc.
• Write, review, implement and document configuration changes in customer environments
• Communicating with client (and internal) end user and management groups regarding infrastructure design, maintenance, and administration

Qualifications:

• Bachelor's degree in Computer Science, Information Technology, Engineering, or related field.
• 3+ years of hands-on experience in network engineering with focus on Security platforms.
• Strong experience in configuring, managing, and troubleshooting security devices, including:
• Next-Generation Firewalls (NGFWs): Palo Alto Networks (PAN-OS), Fortinet FortiGate, Cisco ASA/Firepower, Check Point.
• Load Balancers & Web Application Firewalls (WAFs): F5 BIG-IP (LTM, GTM, ASM, APM), Citrix ADC (NetScaler), and Custom Profiles.
• Intrusion Prevention Systems (IPS/IDS): Palo Alto Threat Prevention, FortiIPS.
• VPN & Remote Access Solutions: Cisco AnyConnect, GlobalProtect, FortiClient, F5 APM.
• Exposure in complex network security analysis and troubleshooting
• Exposure in network security protocols such as:
• Firewall and Routing/Switching: BGP, OSPF, VLAN, VRF, VXLAN.
• VPN Technologies: IPsec, SSL/TLS VPN, L2TP, GRE.
• Authentication & Access Control: RADIUS, TACACS+, LDAP, SAML, OAuth.
• Encryption Standards: AES, RSA, SHA, ECC.
• Experience in security monitoring, threat analysis, and incident response.
• Strong scripting skills (Python, Bash, PowerShell) for automation and security policy management.
• Perform security audits and risk assessments to identify potential threats and recommend mitigations.
• Develop and enforce security policies related to access control, firewall rules, and network segmentation.
• Manage and audit firewall policies and network access control lists (ACLs).
• Knowledge of Cisco software technologies, including IOS, IOS-XE, IOS-XR, and NX-OS.
• Proficient with the design, installation, configuration, troubleshooting, and monitoring of core LAN/WAN/ MAN services, as well as Wireless solutions
• Expertise in creating repeatable, reliable, scalable network architectures, with fault tolerance, performance tuning, monitoring systems, statistics/metrics collection, and disaster recovery
• Perform network performance tuning, capacity planning, and high availability management.
• Use packet capture tools such as Wireshark for network troubleshooting and analysis.

Certification is an advantage:

• Minimum requirement: CCNA certification (Cisco Certified Network Associate).
• Cisco Certified Network Professional (CCNP) – Security
• Cisco Certified Network Professional (CCNP) – Enterprise
• Cisco Certified CyberOps Professional
• Check Point Certified Security Expert (CCSE)
• Palo Alto Networks Certified Network Security Engineer (PCNSE)
• Fortinet NSE 4, NSE 7

Work Setup:
Monday - Friday, Hybrid Setup (2-3 times a week onsite.)

Location:
Makati City

Let's be #BrilliantTogether

Overview
The role's primary focus is protecting the Firm's information security interests, leveraging advanced security tools and applications. As part of the Information Security Office (ISO), this role will work closely with technology functions to identify areas of improvement and supporting initiatives to promote information security within the organization.

Responsibilities

• Planning, implementing, managing, monitoring, and upgrading security measures for the protection of the organization's data, systems, and networks.
• Troubleshooting Security and network related problems.
• Responding to all system and/or network security issues.
• Ensuring the organization's data and infrastructure are protected by enabling the appropriate security controls.
• Participating in the change management process.
• Testing and identifying network and/or system security vulnerabilities.
• Evaluating the organization's security requirements and establishing best practices and standard accordingly.
• Daily administrative tasks, reporting, and communication with the relevant stakeholders in the organization.

Required Qualifications

• Bachelor's degree in information technology or similar IT related course.
• Must have 5-12 years of Security Engineering experience including establishing and monitoring information security controls.
• Proven and strong technical writing capability – be prepared to provide and/or discuss samples.

Essential Skills

• 5+ years of real-world experience in one or more of the following security tools and technologies:

• Microsoft Sentinel

• Microsoft Defender Suites (Identity, Endpoint, Security, Cloud, others)
• CyberArk Privileged Access Management (PAM)
• Zscaler Cloud Security
• Tenable Vulnerability Management

• Physical Security

• Excellent verbal and written communication skills, with the ability to coordinate effectively with vendors and global teams; strong administrative capabilities in task development, time management, and resource allocation to meet target deadlines.

• Demonstrated troubleshooting, follow-through, and critical-thinking skills.
• Have a high-level of risk intelligence and security awareness.
• Relevant vendor and/or vendor neutral certification(s) such as Microsoft Security Operations Analyst (SC-200), Microsoft Cybersecurity Architect (SC-100), CyberArk Trustee / CyberArk Defender / CyberArk Sentry / CyberArk Guardian, Zscaler Digital Transformation Administrator (ZDTA) / Zscaler Digital Transformation Engineer (ZDTE), CASP+, ISC2 SSCP.

Work Shift and Arrangement

• Embrace a dynamic work environment to work on a mid-shift (2:00PM-11:00PM PHT) or graveyard shift (11:00PM-8:00AM PHT).
• On-call rotation participation.
• Amenable to go on a hybrid working arrangement (at least 3 days work onsite per week) and work in Makati City.

What You Can Expect From Us
At ISS STOXX, our people are our driving force. We are committed to building a culture that values diverse skills, perspectives, and experiences. We hire the best talent in our industry and empower them with the resources, support, and opportunities to grow—professionally and personally.

Together, we foster an environment that fuels creativity, drives innovation, and shapes our future success.

Let's empower, collaborate, and inspire.

Let's be #BrilliantTogether.

About ISS STOXX
ISS STOXX GmbH is a leading provider of research and technology solutions for the financial market. Established in 1985, we offer top-notch benchmark and custom indices globally, helping clients identify investment opportunities and manage portfolio risks. Our services cover corporate governance, sustainability, cyber risk, and fund intelligence. Majority-owned by Deutsche Börse Group, ISS STOXX has over 3,400 professionals in 33 locations worldwide, serving around 6,400 clients, including institutional investors and companies focused on ESG, cyber, and governance risk. Clients trust our expertise to make informed decisions for their stakeholders' benefit.

Visit our website:

View additional open roles:

Institutional Shareholder Services ("ISS") is committed to fostering, cultivating, and preserving a culture of diversity and inclusion. It is our policy to prohibit discrimination or harassment against any applicant or employee on the basis of race, color, ethnicity, creed, religion, sex, age, height, weight, citizenship status, national origin, social origin, sexual orientation, gender identity or gender expression, pregnancy status, marital status, familial status, mental or physical disability, veteran status, military service or status, genetic information, or any other characteristic protected by law (referred to as "protected status"). All activities including, but not limited to, recruiting and hiring, recruitment advertising, promotions, performance appraisals, training, job assignments, compensation, demotions, transfers, terminations (including layoffs), benefits, and other terms, conditions, and privileges of employment, are and will be administered on a non-discriminatory basis, consistent with all applicable federal, state, and local requirements.