291 Security Analyst jobs in the Philippines

Primary Details
Time Type: Full time

Worker Type: Employee

The role is to provide an effective and proactive response to cybersecurity-related events and incidents to protect QBE's assets and services.

In addition, the role will support business stakeholders in the event of a security incident, and support incident management and escalation processes to the appropriate incident management teams.

We are looking for Tier 1 level support that will investigate a diverse set of alerts. The role should adapt to any changes in security operations to comply with various business requirements.

Job Description

• Be part of a globally distributed team (24x7) that will use several security tools (e.g., SIEM, email triage platform, cloud security tooling, EDR solutions, etc) to investigate suspicious events.
• Proactively monitor and respond to suspicious or true positive incidents across our security platforms.
• Perform initial incident analysis of various security alerts by analysing and investigating security-related logs harvested from various security signals.
• Provide recommendations and initial assessments to Tier 2 resources for deeper analysis and triage.
• Perform timely escalation of cybersecurity incidents to Tier 2 resources and incident responders using incident management tools and other available channels.
• Conduct research using various proprietary and open-source tools to identify current and emerging threats and risks to QBE.
• Provide assessment and recommendations to mitigate potential threats or suppress any occurring false positive alerts.
• Perform ad-hoc tasks and completion of goals relating to ongoing projects and initiatives.
• Generating reports and providing insights on the efficacy of the current security tools, incident responses, procedures, and other security-related information.

Required knowledge and skills:

• Bachelor's degree in computer science, programming, or IT-related field. Fresh graduates are welcome to apply.
• The ability to work in a fast-paced and time-sensitive role.
• Be able to communicate effectively and update various stakeholders globally.
• Proactive, analytical, and able to solve complex investigations.
• Understanding of known threat actors, techniques, and procedures that modern attackers use to compromise organisations.

Advantage, but not required knowledge and skills:

• 1-3 years relevant security experience performing similar duties working in a Security Operation Centre, Cybersecurity, and other IT-related fields.
• Advanced training or certifications (e.g., ISC2, ISACA, SANS, Azure, etc.)
• Knowledge of security solutions and technologies like Windows, Linux, IPS/IDS, Firewalls, Email gateways, proxy technologies, cloud solutions, endpoints, and mobile devices.
• Be able to perform correlations and analytics with diverse types of logs, i.e., network, active directory, database, DNS, firewalls, proxies, host-based security, cloud, and applications logs.

Benefits in joining our team:

• Be part of a global team and enrich your cybersecurity technical skills from subject matter experts.
• Tailored professional development.
• Exclusive access to industry-leading training platforms.
• Opportunity to get firsthand experience across industry-leading security tools.
• We are a team that values diversity and inclusion.

QBE Cultural DNA

• Everything we do at QBE is underpinned by our DNA (which interlinks seven cultural elements) – because we know it's not just what we do that matters, it's how we do it that makes the difference. We expect all employees to role model and inspire the right behaviours that link to our cultural elements:
• We are customer-focused
• We are technical experts
• We are inclusive
• We are fast-paced
• We are courageous
• We are accountable
• We are a team
• All employees are expected to adhere to QBE's Code of Ethics and Conduct and apply sound risk management practices

US Only - Travel Frequency

• Infrequent (approximately 1-4 trips annually)

US Only - Physical Demands

• General office jobs: Work is generally performed in an office environment in which there is not substantial exposure to adverse environmental conditions. Must have the ability to remain in a stationary position for extended periods of time. Must be able to operate basic office equipment including telephone, headset and computer. Incumbent must be able to lift basic office equipment up to 20 lbs.

US Only - Disclaimer

• To successfully perform this job, the individual must be able to perform each essential job responsibility satisfactorily. Reasonable accommodations may be made to enable an individual with disabilities to perform the essential job responsibilities.

Job Type

• Individual Contributor

Australia/New Zealand Only - Advice/Non-Advice

• Non-Advice: This role is not authorised to provide financial product advice to retail customers in respect of General Insurance products. Financial product advice, means a statement or recommendation made to a retail customer with the intention of influencing their decision in considering a general insurance product.

Global Disclaimer

• The duties listed in this job description do not limit the assignment of work. They are not to be construed as a complete list of the duties normally to be performed in the position or those occasionally assigned outside an employee's normal duties. Our Group Code of Ethics and Conduct addresses the responsibilities we all have at QBE to our company, to each other and to our customers, suppliers, communities and governments. It provides clear guidance to help us to make good judgement calls.

Skills:
Adaptability, Business Continuity, Communication, Critical Thinking, Customer Service, Cybersecurity Risk Management, Digital Forensics, Forensic Investigations, Intentional collaboration, Malware Analysis, Managing performance, Process Improvements, Reporting and Analysis, Risk Management, Stakeholder Management

How to Apply:

To submit your application, click "Apply" and follow the step by step process.

Equal Employment Opportunity:

QBE is an equal opportunity employer and is required to comply with equal employment opportunity legislation in each jurisdiction it operates.

WHO ARE WE?

Here at Insightz Technology, we're on a mission to keep internet users safe from cyber threats — and we do it by living our tagline: "We See What Hackers See." As a global team, we love exploring creative ways to spot risks and build rock-solid defenses. If you're someone who enjoys tackling security challenges and has a genuine passion for protecting people online, you might be exactly who we're looking for to join our team

MISSION:

At Insightz Technology, we believe security should be simple. Our mission is to provide top-tier cybersecurity solutions that eliminate unnecessary costs and complexity.

By staying ahead of industry trends, we deliver AI-driven security tailored to each business's unique needs to ensure the most effective and adaptive protection.

VISION:

Our vision is to make cybersecurity accessible to all organizations regardless of size or resources.

We strive to deliver comprehensive, affordable protection with instant deployment and a seamlessly intuitive interface. We eliminate complexity while tailoring security to each business's unique needs.

Job description:

Insightz Technology is seeking a highly motivated and skilled Security Analyst to join our dynamic Security Operations Center (SOC). In this role, you will be pivotal in proactively hunting for threats, responding to security incidents, and ensuring the robust security posture of our organization. You will leverage your expertise with Fortinet security platforms and your deep understanding of networking and security protocols to safeguard our critical assets.

Responsibilities:

- Proactively conduct threat hunting activities to identify and mitigate potential security threats.

- Respond to and investigate security incidents, performing root cause analysis and implementing remediation measures.

- Monitor and analyze security logs and alerts from various sources, including Fortinet security platforms.

- Configure, maintain, and troubleshoot Fortinet security devices (firewalls, IPS/IDS, etc.).

- Develop and maintain incident response plans and procedures.

- Perform vulnerability assessments and penetration testing.

- Analyze network traffic and security logs to identify suspicious activity. * - - Develop and maintain security documentation and reports.

- Collaborate with other IT teams to implement security best practices.

- Utilize scripting languages (Python, SQL) for automation and data analysis. Manage and maintain Linux and Windows systems securely.

Qualifications:

- Bachelor's degree in Information Technology, Cybersecurity, or any related field.

- 5 years of hands-on working experience in a Security Operations Center (SOC), with a focus on threat hunting and incident response.- Ample experience handling SIEM and EDR- Experience in Cyber Threat Hunting and SOC IR

Hold at least two relevant industry certifications, such as:

* CISSP (Certified Information Systems Security Professional)

* GIAC (Global Information Assurance Certification) certifications (e.g., GCIH, GCIA, GPEN)

* CompTIA Security+

* CEH(Certified Ethical Hacker)

- Proven experience with Fortinet security platforms (FortiGate, FortiAnalyzer, etc.).

- Strong understanding of networking protocols (TCP/IP, DNS, HTTP, etc.).

- Proficiency in scripting languages such as Python and SQL.

- Solid understanding of Linux and Windows operating systems.

- Excellent analytical and problem-solving skills. * Strong communication and interpersonal skills.

- Ability to work well under pressure.

Preferred Qualifications:

- Experience with SIEM (Security Information and Event Management) systems.

- Knowledge of cloud security principles.

- Experience with vulnerability scanning tools.

Job Types: Full-time, Permanent

Pay: Php100, Php150,000.00 per month

Benefits:

• Company events
• Opportunities for promotion
• Paid training
• Work from home

Work Location: Remote

No matter who you are, Pax8 is a place you can call home. We are growing globally, and are now expanding across Australia, New Zealand and Asia.

Culture is important to us, and at Pax8, it's business, and it IS personal. We are passionate, creative, and humorously offbeat. We work hard, keep it fun, and expect the best.

We Elev8 each other. We Advoc8 for our partners. We Innov8 continuously. We Celebr8 life.

Overview:

Pax8 is the leading value-added cloud-based SaaS marketplace, simplifying the cloud journey for our partners by integrating technology, business intelligence, and proactive service to deliver an unparalleled experience. Serving thousands of partners through the indirect sales channel, our mission is to be the world's favorite marketplace for technology professionals to buy cloud products. We are a fast-growing, dynamic, and high-energy organization with a start-up feel, allowing you to make a meaningful impact on the business.

Culture is important to us, and at Pax8, it's business, and it IS personal. We embody Compassionate Candour by aiming to assist others with candid, actionable feedback. We Seek to Understand by being open, curious, and committed to learning. We believe in We Before Me , actively collaborating and seeking out diverse perspectives to ensure a win for Team Pax8. Our team takes pride in Do What You Say , taking ownership, honoring commitments, prioritizing, and delivering on promises. We encourage everyone to Light Up Learning by being brave and trying new ideas, embracing vulnerability, and sharing failures so everyone can learn. Finally, we are Driven by Passion , connecting personal passion to Pax8's mission, and remaining resilient in the face of adversity and uncertainty in pursuit of our goals.

At Pax8, we are passionate, creative, and humorously offbeat. We work hard, keep it fun, and expect the best.

Position Summary:

The Security Analyst at Pax8 is responsible for triaging and responding to cybersecurity events that occur throughout the day. This will involve analysis of events, incident escalation, and remediation particularly with users in compatible time zones. This role will also analyze and prioritize detected vulnerabilities, monitor threat intelligence and determine applicability to Pax8 and our Partners, configure and monitor SaaS security controls, and collaborate with the rest of the Security Operations team and our colleagues.

Essential Responsibilities and Percentage of Time Spent (includes, but is not limited to):

• Monitoring for reported incidents and automated alerts from our security tools. Triage and drive remediation efforts as necessary and clearly document findings.
• Perform forensic review of events and determine risk to Pax8 business operations.
• Assess security vulnerabilities in corporate and production systems, using both common scoring mechanisms and internal engineering context. Triage and prioritize for responsible teams.
• Help develop and monitor threat intelligence sources. Analyze threat intel data and provide unique analysis on applicability to Pax8's business and marketplace.
• Create and improve run books and automation capabilities across all SecOps areas.
• Compose written vulnerability and threat opinions for other Pax8 users and discuss in proper channels as needed.
• Generate metrics and data to support overall Trust and Security initiatives.
• Stay up to date on industry trends and best practices: Continuously learn and adapt the security program to address evolving threats.
• Collaborate with other departments and act as a liaison with IT, engineering, legal, data management office, HR, business leaders, and other departments to ensure security considerations are integrated into all business processes.

Ideal Skills, Experience, and Competencies:

• Three or more years of experience in a security-specific operations or engineering role.
• Experience supporting a SaaS security solution or enterprise browser environment including risk-based prioritization and control configuration.
• Other experience should include one or more of these areas: Vulnerability assessment and management, identity management, or threat intelligence activities.
• At least two years of experience in L2 or higher incident response, forensic analysis, remediation, and risk-based prioritization efforts including technical remediation in corporate enterprise environments.
• Operational experience in securing public cloud deployments such as AWS, Azure, or GCP either directly or through use of CSPM tooling is beneficial.
• Experience using a major SIEM product, including ability to construct ad-hoc searches and perform analysis in related tools.
• Experience in the Microsoft security suite of tools including Defender, Entra, Compliance Center, and Intune.
• Understanding of security best practices and frameworks.
• Excellent verbal and written communication, interpersonal, and collaboration skills will be a requirement.

Required Behaviors:

• Compassionate Candour—We aim to assist others with candid, actionable feedback.
• Seek to Understand—Be open, curious and committed to learning.
• We Before Me—Actively collaborate and seek out diverse perspectives to ensure a win for Team Pax8.
• Do What You Say—Take ownership and honor your commitments; prioritize and deliver.
• Light Up Learning—Be brave and try new ideas; be vulnerable and share your failures so everyone can learn from our mistakes.
• Driven by Passion—Connects personal passion to Pax8 mission, resilient in face of adversity and uncertainty in pursuit of mission.

Required Education & Certifications:

• B.A./B.S. in a related field or equivalent work experience.
• Security focused certifications such as CISSP, GIAC, CEH, CySA+ (optional, but desired).
• Cloud and cloud security-focused certifications related to AWS, Azure, and GCP (optional).

Work Environment:

Professional office environment. Routinely uses standard office equipment such as computers, phones, copy machines, printers, and filing cabinets. Remote and/or hybrid work at Pax8 requires all employees to have adequate, secure, and private internet service.

Physical Demands:

A sedentary role that primarily involves sitting/standing.

Travel Requirements:

Infrequent travel is expected of this position.

People Org Details

Reports to:

Sr. Director of Security Operations

Location:

Manila, Philippines

Position:

Full-time

Position Level:

Individual Contributor

Effective Date:

August 2025

About Us:

Pax8 is the leading value-added cloud-based SaaS marketplace, simplifying the cloud journey for our partners by integrating technology, business intelligence and proactive service to deliver an unparalleled experience. Serving thousands of partners through the indirect sales channel, our mission is to be the world's favourite place to buy cloud products.

Equal Opportunities

Pax8 is an equal opportunities employer and welcome individuals who are in possession of the appropriate requirements to work within the country the role is based in. Offered individuals will be asked to undertake identity, security compliance and reference checks. Your privacy is important to us. Your data will be held in accordance with Data Privacy best practices and processed only in accordance with our recruiting processes.

Job Applicant Privacy Notice

The Security Analyst function protects the bank's information assets through continuous monitoring, incident response, threat detection, and control validation. It translates security policies into operational controls, manages vulnerabilities, performs threat hunting, and oversees attack surface management. The function also supports threat intelligence sharing and ensures alignment with regulatory requirements.

Duties and Responsibilities:

Monitoring & Detection

• Monitor dashboards for asset inventory, user behavior, and unauthorized changes.
• Triage SIEM alerts and follow established playbooks for escalation.

Policy & Documentation Support

• Assist in version control and review of infosec policies, procedures, and awareness materials.
  
  Maintain tracking for policy updates and training compliance.

Third-Party & Firewall Review

• Maintain onboarding checklist for outsourced providers using BSP outsourcing criteria.
• Track and verify firewall rule changes and coordinate reviews with infrastructure teams.

API, Cloud & System Logging

• Gather logs from APIs, cloud IAM systems, and backend services to support security investigations.
• Monitor cloud activity for signs of abnormal access or misconfiguration.

AppSec & KYC Support

• Perform baseline scans for lower-risk apps and assist in fixing findings with developers.
• Monitor onboarding and KYC behavior for fraud or identity anomalies.

Coordination & Reporting

• Coordinate interviews during incident investigations, gather audit evidence, and maintain compliance reports.
• Track patch statuses, configuration changes, and alert resolutions across teams. Other tasks as assigned by his/her immediate supervisor

Qualification:

• Bachelor's degree in Information Technology or Security, Cybersecurity, Computer Science, or equivalent.
• At Least 3  years in infrastructure/app security, ideally in fintech, banking, or SaaS environments.
• Proficient in AWS/GCP, Kubernetes, Terraform, CI/CD pipelines, network or network security, security operations, threat detection and hunting, and  vulnerability management.
• Hands-on with Burp Suite, SIEM/SOAR tools.
• Scripting skills (Python, Bash, Go) for automation and tooling is a plus.

Cyber Security Analyst
Location:
Remote / Flexible (with overlap to US CST)

Department:
Security Operations

Schedule:
Monday–Friday, 8:00 AM–5:00 PM US CST (flexibility +/- 3 hours)

Salary: PHP
80,000 to 95,000/mo (paid bimonthly)

About The Role
As a
Cyber Security Analyst,
you will play a key role in supporting our Incident Response and

Security Operations programs, ensuring the safety and integrity of both the company and our clients'

systems. You will be responsible for monitoring, identifying, and investigating security events,

responding to incidents in a timely and structured manner, and escalating issues as needed. This

role requires strong analytical skills, attention to detail, and a passion for staying ahead of emerging

cybersecurity threats.

Key Responsibilities

• Develop an understanding of Marco's information systems, managed technology

solutions, and security architecture.

• Monitor security solutions, tickets, and communication channels to identify and triage

potential threats.

• Respond promptly to escalated incidents, perform investigations, and provide thorough

post-event analyses.

• Collaborate with clients, internal teams, vendors, and legal stakeholders to manage and

resolve security threats.

• Stay updated on the latest threat intelligence, security breaches, malware, and regulatory

changes.

• Continuously tune, manage, and evaluate security solutions for effectiveness.
• Follow the company's incident response plan and maintain proficiency with the NIST

Cybersecurity Framework (CSF).

• Document investigations, maintain accurate records, and comply with administrative

procedures.

• Participate in on-call rotation and provide after-hours support when required.
• Attend team and company meetings and contribute to daily security management tasks.
• Perform additional duties as assigned in line with company policies.

Qualifications

• Associate degree in Computer Science, Cybersecurity, Information Security, or related field

preferred.

• 1+ years in information technology, cybersecurity, or related experience (or equivalent

combination of education and experience).

• Certifications (preferred): Security+, CISSP, CISA, CEH, GSOC, or equivalent incident

response/forensics certifications.

• Understanding of IT service management and security operations concepts.
• Knowledge of common security products (firewalls, EDR, SIEM, network security, PIM/PAM

solutions).

• Proficiency with Microsoft Office and business collaboration tools.
• Strong organizational and time management skills with attention to detail.
• Excellent verbal and written communication skills across technical and non-technical

audiences.

• Self-motivated, proactive, and able to work independently with minimal supervision.
• Integrity, professionalism, and commitment to organizational values.
• Dedication to continuous improvement and delivering high-quality results.

Primary Details

Time Type: Full timeWorker Type: EmployeeThe role is to provide an effective and proactive response to cybersecurity-related events and incidents to protect QBE's assets and services.

In addition, the role will support business stakeholders in the event of a security incident, and support incident management and escalation processes to the appropriate incident management teams.

We are looking for Tier 1 level support that will investigate a diverse set of alerts. The role should adapt to any changes in security operations to comply with various business requirements.

Job Description

• Be part of a globally distributed team (24x7) that will use several security tools (e.g., SIEM, email triage platform, cloud security tooling, EDR solutions, etc) to investigate suspicious events.

• Proactively monitor and respond to suspicious or true positive incidents across our security platforms.

• Perform initial incident analysis of various security alerts by analysing and investigating security-related logs harvested from various security signals.

• Provide recommendations and initial assessments to Tier 2 resources for deeper analysis and triage.

• Perform timely escalation of cybersecurity incidents to Tier 2 resources and incident responders using incident management tools and other available channels.

• Conduct research using various proprietary and open-source tools to identify current and emerging threats and risks to QBE.

• Provide assessment and recommendations to mitigate potential threats or suppress any occurring false positive alerts.

• Perform ad-hoc tasks and completion of goals relating to ongoing projects and initiatives.

• Generating reports and providing insights on the efficacy of the current security tools, incident responses, procedures, and other security-related information.

Required knowledge and skills:

• Bachelor's degree in computer science, programming, or IT-related field. Fresh graduates are welcome to apply.

• The ability to work in a fast-paced and time-sensitive role.

• Be able to communicate effectively and update various stakeholders globally.

• Proactive, analytical, and able to solve complex investigations.

• Understanding of known threat actors, techniques, and procedures that modern attackers use to compromise organisations.

Advantage, but not required knowledge and skills:

• 1-3 years relevant security experience performing similar duties working in a Security Operation Centre, Cybersecurity, and other IT-related fields.

• Advanced training or certifications (e.g., ISC2, ISACA, SANS, Azure, etc.)

• Knowledge of security solutions and technologies like Windows, Linux, IPS/IDS, Firewalls, Email gateways, proxy technologies, cloud solutions, endpoints, and mobile devices.

• Be able to perform correlations and analytics with diverse types of logs, i.e., network, active directory, database, DNS, firewalls, proxies, host-based security, cloud, and applications logs.

Benefits in joining our team:

• Be part of a global team and enrich your cybersecurity technical skills from subject matter experts.

• Tailored professional development.

• Exclusive access to industry-leading training platforms.

• Opportunity to get firsthand experience across industry-leading security tools.

• We are a team that values diversity and inclusion.

QBE Cultural DNA

• Everything we do at QBE is underpinned by our DNA (which interlinks seven cultural elements) – because we know it's not just what we do that matters, it's how we do it that makes the difference. We expect all employees to role model and inspire the right behaviours that link to our cultural elements:
• We are customer-focused
• We are technical experts
• We are inclusive
• We are fast-paced
• We are courageous
• We are accountable
• We are a team
• All employees are expected to adhere to QBE's Code of Ethics and Conduct and apply sound risk management practices

US Only - Travel Frequency

• Infrequent (approximately 1-4 trips annually)

US Only - Physical Demands

• General office jobs: Work is generally performed in an office environment in which there is not substantial exposure to adverse environmental conditions. Must have the ability to remain in a stationary position for extended periods of time. Must be able to operate basic office equipment including telephone, headset and computer. Incumbent must be able to lift basic office equipment up to 20 lbs.

US Only - Disclaimer

• To successfully perform this job, the individual must be able to perform each essential job responsibility satisfactorily. Reasonable accommodations may be made to enable an individual with disabilities to perform the essential job responsibilities.

Job Type

• Individual Contributor

Australia/New Zealand Only - Advice/Non-Advice

• Non-Advice: This role is not authorised to provide financial product advice to retail customers in respect of General Insurance products. Financial product advice, means a statement or recommendation made to a retail customer with the intention of influencing their decision in considering a general insurance product.

Global Disclaimer

• The duties listed in this job description do not limit the assignment of work. They are not to be construed as a complete list of the duties normally to be performed in the position or those occasionally assigned outside an employee's normal duties. Our Group Code of Ethics and Conduct addresses the responsibilities we all have at QBE to our company, to each other and to our customers, suppliers, communities and governments. It provides clear guidance to help us to make good judgement calls.

Skills:

Adaptability, Business Continuity, Communication, Critical Thinking, Customer Service, Cybersecurity Risk Management, Digital Forensics, Forensic Investigations, Intentional collaboration, Malware Analysis, Managing performance, Process Improvements, Reporting and Analysis, Risk Management, Stakeholder Management

How to Apply:

To submit your application, click "Apply" and follow the step by step process.

Equal Employment Opportunity:

QBE is an equal opportunity employer and is required to comply with equal employment opportunity legislation in each jurisdiction it operates.

Position Summary:

The Security Consultant will be responsible for maintaining the safety and integrity of the organization's or client's online systems and networks. This role includes proactive monitoring, implementation of security measures, and providing expert consultation on best practices and compliance requirements.

Required Certifications
(must be obtained prior to employment):

• Microsoft AZ-500 – Microsoft Certified: Azure Security Engineer Associate

• Microsoft SC-100 – Microsoft Cybersecurity Architect

Key Responsibilities:

• Deploy, configure, and administer Microsoft Entra ID and Microsoft 365 (M365) environments

• Conduct information security management reviews and Information Security Management System (ISMS) assessments

• Perform continual testing on current systems to identify potential vulnerabilities or security threats

• Ensure technical implementations are aligned with business processes and objectives

• Lead the design, implementation, operation, and maintenance of security management systems

• Participate in the creation, review, and updating of information security policies

• Provide complex technical advice, recommendations, and consulting on networks, infrastructure, and services

• Recommend and implement IT strategies, technologies, and policies to safeguard customer information and assets

• Advise on hacking tools, techniques, and advanced malware detection practices

• Formulate and support an IT security incident response strategy, including proper notification protocols

• Prepare security reports for internal and external stakeholders with clear recommendations and solutions

• Provide or support the development of implementation documentation

• Stay current on secure coding practices, cyber threats, and security trends

• Support compliance with regulatory, contractual, and client-specific security requirements

Qualifications:

• Bachelor's degree in Cybersecurity, Information Technology, or a related field (or equivalent experience)

• Proven experience in a security analyst or consultant role

• Strong knowledge of Microsoft Azure, M365, and Entra ID platforms

• Excellent communication and problem-solving skills

• Ability to work independently and collaboratively across departments and with clients

SUMMARY

• Position Shift: Monday to Friday, 8:00PM - 5:00AM PHT (8:00AM to 5:00PM EST)
• Location: Clark Freeport Zone, Pampanga, Philippines
• Position Type: Full Time Employee
• Salary: To be determined based on qualification associated with job role
• Work set-up: Temporary WFH for Cebu-based new hires (subject to change to Hybrid)

We're Hiring: Information Security Analyst – Incident Investigation

Location:
Cyber Security Operations Center

Reports To:
Cyber Security Incident Investigation and Threat Intel Manager

Division:
Cyber Security Investigation and Threat Intel

Are you passionate about uncovering the root cause of security incidents and leading investigations that make a real impact? Join our Cyber Security Operations Group as an Incident Investigation Analyst and help us strengthen our defenses against advanced threats.

What You'll Do

• Collect and analyze evidence or artifacts to determine root cause of incidents.
• Provide recommendations to improve the organization's security posture.
• Draft incident and threat intelligence reports.
• Coordinate with internal and external teams (HR, Legal, Compliance, Fraud, etc.).
• Assist the incident response team and stay updated on global security trends.

What You Bring

• Education:
  Graduate of IT or Engineering-related course (e.g., Computer Science, Computer Engineering, Physics, Mathematics, MIS, ECE).
• Experience:
  Minimum 4–8 years in cybersecurity, with at least 4 years of hands-on experience in incident investigation and threat intelligence.
• Skills:
• Incident response, digital forensics, malware analysis, and administrative investigation
• Advanced understanding of TCP/IP, UNIX/Linux and Windows OS
• Experience with security tools and frameworks (Splunk, Hadoop, ELK, YARA, etc.)
• Excellent communication, analytical, and leadership skills

What Sets You Apart

• Deep expertise in incident investigation and threat intelligence
• Ability to work under pressure and outside regular hours as needed
• Impeccable personal and professional integrity

What Success Looks Like

• Timely and thorough investigative and threat intel reports
• Enhanced detection and prevention capabilities
• Documented and scalable security processes

Why Join Us?

This is more than a job—it's a mission-critical role. You'll be part of a team that's shaping the future of cybersecurity, where your expertise directly protects our organization. If you're ready for a challenge and want to make a difference, we want you on our team.

Apply now and help us stay ahead of cyber threats.

Responsibilities:

• Actively monitor, detect, and respond to security alerts and incidents per defined SLA.
• Incidents are acknowledged and responded to within the agreed response SLO
• Perform alert triage and analysis including asset and custodian identification, reputational checking, and alert validation
• Perform containment and eradication within the agreed response SLO
• Ensures resolution of incidents within the defined SLOs
• Utilize IR toolsets such as ServiceNow, EAS, IPS, WAF, NAC, Firewall etc
• Timely submission of Operational Performance reports/dashboards/value reports for consumption of management

Qualifications:

• Bachelor's degree of Information Technology, Computer Science, Computer Engineering
• At least 1-2 years' work experience in Incident Response
• Knowledgeable in Security Monitoring and Service Management Tools