265 Security Analyst jobs in the Philippines

The Security Analyst function protects the bank's information assets through continuous monitoring, incident response, threat detection, and control validation. It translates security policies into operational controls, manages vulnerabilities, performs threat hunting, and oversees attack surface management. The function also supports threat intelligence sharing and ensures alignment with regulatory requirements.

Duties and Responsibilities:

Monitoring & Detection

• Monitor dashboards for asset inventory, user behavior, and unauthorized changes.
• Triage SIEM alerts and follow established playbooks for escalation.

Policy & Documentation Support

• Assist in version control and review of infosec policies, procedures, and awareness materials.
  
  Maintain tracking for policy updates and training compliance.

Third-Party & Firewall Review

• Maintain onboarding checklist for outsourced providers using BSP outsourcing criteria.
• Track and verify firewall rule changes and coordinate reviews with infrastructure teams.

API, Cloud & System Logging

• Gather logs from APIs, cloud IAM systems, and backend services to support security investigations.
• Monitor cloud activity for signs of abnormal access or misconfiguration.

AppSec & KYC Support

• Perform baseline scans for lower-risk apps and assist in fixing findings with developers.
• Monitor onboarding and KYC behavior for fraud or identity anomalies.

Coordination & Reporting

• Coordinate interviews during incident investigations, gather audit evidence, and maintain compliance reports.
• Track patch statuses, configuration changes, and alert resolutions across teams. Other tasks as assigned by his/her immediate supervisor

Qualification:

• Bachelor's degree in Information Technology or Security, Cybersecurity, Computer Science, or equivalent.
• At Least 3  years in infrastructure/app security, ideally in fintech, banking, or SaaS environments.
• Proficient in AWS/GCP, Kubernetes, Terraform, CI/CD pipelines, network or network security, security operations, threat detection and hunting, and  vulnerability management.
• Hands-on with Burp Suite, SIEM/SOAR tools.
• Scripting skills (Python, Bash, Go) for automation and tooling is a plus.

Primary Details

Time Type: Full timeWorker Type: EmployeeThe role is to provide an effective and proactive response to cybersecurity-related events and incidents to protect QBE's assets and services.

In addition, the role will support business stakeholders in the event of a security incident, and support incident management and escalation processes to the appropriate incident management teams.

We are looking for Tier 1 level support that will investigate a diverse set of alerts. The role should adapt to any changes in security operations to comply with various business requirements.

Job Description

• Be part of a globally distributed team (24x7) that will use several security tools (e.g., SIEM, email triage platform, cloud security tooling, EDR solutions, etc) to investigate suspicious events.

• Proactively monitor and respond to suspicious or true positive incidents across our security platforms.

• Perform initial incident analysis of various security alerts by analysing and investigating security-related logs harvested from various security signals.

• Provide recommendations and initial assessments to Tier 2 resources for deeper analysis and triage.

• Perform timely escalation of cybersecurity incidents to Tier 2 resources and incident responders using incident management tools and other available channels.

• Conduct research using various proprietary and open-source tools to identify current and emerging threats and risks to QBE.

• Provide assessment and recommendations to mitigate potential threats or suppress any occurring false positive alerts.

• Perform ad-hoc tasks and completion of goals relating to ongoing projects and initiatives.

• Generating reports and providing insights on the efficacy of the current security tools, incident responses, procedures, and other security-related information.

Required knowledge and skills:

• Bachelor's degree in computer science, programming, or IT-related field. Fresh graduates are welcome to apply.

• The ability to work in a fast-paced and time-sensitive role.

• Be able to communicate effectively and update various stakeholders globally.

• Proactive, analytical, and able to solve complex investigations.

• Understanding of known threat actors, techniques, and procedures that modern attackers use to compromise organisations.

Advantage, but not required knowledge and skills:

• 1-3 years relevant security experience performing similar duties working in a Security Operation Centre, Cybersecurity, and other IT-related fields.

• Advanced training or certifications (e.g., ISC2, ISACA, SANS, Azure, etc.)

• Knowledge of security solutions and technologies like Windows, Linux, IPS/IDS, Firewalls, Email gateways, proxy technologies, cloud solutions, endpoints, and mobile devices.

• Be able to perform correlations and analytics with diverse types of logs, i.e., network, active directory, database, DNS, firewalls, proxies, host-based security, cloud, and applications logs.

Benefits in joining our team:

• Be part of a global team and enrich your cybersecurity technical skills from subject matter experts.

• Tailored professional development.

• Exclusive access to industry-leading training platforms.

• Opportunity to get firsthand experience across industry-leading security tools.

• We are a team that values diversity and inclusion.

QBE Cultural DNA

• Everything we do at QBE is underpinned by our DNA (which interlinks seven cultural elements) – because we know it's not just what we do that matters, it's how we do it that makes the difference. We expect all employees to role model and inspire the right behaviours that link to our cultural elements:
• We are customer-focused
• We are technical experts
• We are inclusive
• We are fast-paced
• We are courageous
• We are accountable
• We are a team
• All employees are expected to adhere to QBE's Code of Ethics and Conduct and apply sound risk management practices

US Only - Travel Frequency

• Infrequent (approximately 1-4 trips annually)

US Only - Physical Demands

• General office jobs: Work is generally performed in an office environment in which there is not substantial exposure to adverse environmental conditions. Must have the ability to remain in a stationary position for extended periods of time. Must be able to operate basic office equipment including telephone, headset and computer. Incumbent must be able to lift basic office equipment up to 20 lbs.

US Only - Disclaimer

• To successfully perform this job, the individual must be able to perform each essential job responsibility satisfactorily. Reasonable accommodations may be made to enable an individual with disabilities to perform the essential job responsibilities.

Job Type

• Individual Contributor

Australia/New Zealand Only - Advice/Non-Advice

• Non-Advice: This role is not authorised to provide financial product advice to retail customers in respect of General Insurance products. Financial product advice, means a statement or recommendation made to a retail customer with the intention of influencing their decision in considering a general insurance product.

Global Disclaimer

• The duties listed in this job description do not limit the assignment of work. They are not to be construed as a complete list of the duties normally to be performed in the position or those occasionally assigned outside an employee's normal duties. Our Group Code of Ethics and Conduct addresses the responsibilities we all have at QBE to our company, to each other and to our customers, suppliers, communities and governments. It provides clear guidance to help us to make good judgement calls.

Skills:

Adaptability, Business Continuity, Communication, Critical Thinking, Customer Service, Cybersecurity Risk Management, Digital Forensics, Forensic Investigations, Intentional collaboration, Malware Analysis, Managing performance, Process Improvements, Reporting and Analysis, Risk Management, Stakeholder Management

How to Apply:

To submit your application, click "Apply" and follow the step by step process.

Equal Employment Opportunity:

QBE is an equal opportunity employer and is required to comply with equal employment opportunity legislation in each jurisdiction it operates.

Cyber Security Analyst
Location:
Remote / Flexible (with overlap to US CST)

Department:
Security Operations

Schedule:
Monday–Friday, 8:00 AM–5:00 PM US CST (flexibility +/- 3 hours)

Salary: PHP
80,000 to 95,000/mo (paid bimonthly)

About The Role
As a
Cyber Security Analyst,
you will play a key role in supporting our Incident Response and

Security Operations programs, ensuring the safety and integrity of both the company and our clients'

systems. You will be responsible for monitoring, identifying, and investigating security events,

responding to incidents in a timely and structured manner, and escalating issues as needed. This

role requires strong analytical skills, attention to detail, and a passion for staying ahead of emerging

cybersecurity threats.

Key Responsibilities

• Develop an understanding of Marco's information systems, managed technology

solutions, and security architecture.

• Monitor security solutions, tickets, and communication channels to identify and triage

potential threats.

• Respond promptly to escalated incidents, perform investigations, and provide thorough

post-event analyses.

• Collaborate with clients, internal teams, vendors, and legal stakeholders to manage and

resolve security threats.

• Stay updated on the latest threat intelligence, security breaches, malware, and regulatory

changes.

• Continuously tune, manage, and evaluate security solutions for effectiveness.
• Follow the company's incident response plan and maintain proficiency with the NIST

Cybersecurity Framework (CSF).

• Document investigations, maintain accurate records, and comply with administrative

procedures.

• Participate in on-call rotation and provide after-hours support when required.
• Attend team and company meetings and contribute to daily security management tasks.
• Perform additional duties as assigned in line with company policies.

Qualifications

• Associate degree in Computer Science, Cybersecurity, Information Security, or related field

preferred.

• 1+ years in information technology, cybersecurity, or related experience (or equivalent

combination of education and experience).

• Certifications (preferred): Security+, CISSP, CISA, CEH, GSOC, or equivalent incident

response/forensics certifications.

• Understanding of IT service management and security operations concepts.
• Knowledge of common security products (firewalls, EDR, SIEM, network security, PIM/PAM

solutions).

• Proficiency with Microsoft Office and business collaboration tools.
• Strong organizational and time management skills with attention to detail.
• Excellent verbal and written communication skills across technical and non-technical

audiences.

• Self-motivated, proactive, and able to work independently with minimal supervision.
• Integrity, professionalism, and commitment to organizational values.
• Dedication to continuous improvement and delivering high-quality results.

Position Summary:

The Security Consultant will be responsible for maintaining the safety and integrity of the organization's or client's online systems and networks. This role includes proactive monitoring, implementation of security measures, and providing expert consultation on best practices and compliance requirements.

Required Certifications
(must be obtained prior to employment):

• Microsoft AZ-500 – Microsoft Certified: Azure Security Engineer Associate

• Microsoft SC-100 – Microsoft Cybersecurity Architect

Key Responsibilities:

• Deploy, configure, and administer Microsoft Entra ID and Microsoft 365 (M365) environments

• Conduct information security management reviews and Information Security Management System (ISMS) assessments

• Perform continual testing on current systems to identify potential vulnerabilities or security threats

• Ensure technical implementations are aligned with business processes and objectives

• Lead the design, implementation, operation, and maintenance of security management systems

• Participate in the creation, review, and updating of information security policies

• Provide complex technical advice, recommendations, and consulting on networks, infrastructure, and services

• Recommend and implement IT strategies, technologies, and policies to safeguard customer information and assets

• Advise on hacking tools, techniques, and advanced malware detection practices

• Formulate and support an IT security incident response strategy, including proper notification protocols

• Prepare security reports for internal and external stakeholders with clear recommendations and solutions

• Provide or support the development of implementation documentation

• Stay current on secure coding practices, cyber threats, and security trends

• Support compliance with regulatory, contractual, and client-specific security requirements

Qualifications:

• Bachelor's degree in Cybersecurity, Information Technology, or a related field (or equivalent experience)

• Proven experience in a security analyst or consultant role

• Strong knowledge of Microsoft Azure, M365, and Entra ID platforms

• Excellent communication and problem-solving skills

• Ability to work independently and collaboratively across departments and with clients

SUMMARY

• Position Shift: Monday to Friday, 8:00PM - 5:00AM PHT (8:00AM to 5:00PM EST)
• Location: Clark Freeport Zone, Pampanga, Philippines
• Position Type: Full Time Employee
• Salary: To be determined based on qualification associated with job role
• Work set-up: Temporary WFH for Cebu-based new hires (subject to change to Hybrid)

We are seeking an L1 SOC Analyst to join our Security Operations Centre (SOC) team. The SOC Analyst will work on a shift basis and will be responsible for monitoring, analysing, and responding to security alerts and incidents to ensure the protection of our customers and company's assets, systems, and data.

The ideal candidate will have a strong interest in cybersecurity and a desire to learn and grow in the field.

Our mission is to provide the highest quality outsourced IT and Cyber Security services for our clients, with responsive and effective communication at the core of our operations. We maintain excellence in our services through the continuous enhancement of our expertise, processes, and strategic technology partnerships.

Key Responsibilities

• Monitor security alerts generated by various security tools and systems, including XDR, SIEM, endpoint protection, and firewall logs.
• Analyse and investigate security events and incidents to determine the root cause and potential impact.
• Perform vulnerability management analysis and reporting to proactively improve the posture of our customers environments.
• Perform security incident response activities, including containment, eradication, and recovery.
• Collaborate with other SOC team members to maintain and improve security operations processes and procedures.
• Maintain accurate and timely incident records in the company's incident management system.
• Participate in SOC training programs to develop skills and knowledge in the cyber security field.
• Work on a shift basis, including weekends and holidays, ensuring 24/7 coverage and response readiness.

Qualifications and interests

• Personal and/or professional experience in Computer Science, cyber security, or a related field.
• Well-rounded knowledge of security and able to work independently, identify and drive improvement and always strive for excellence.
• Experience in cyber security (lab based or professional) and/or IT operations.
• Familiarity and understanding of security technologies such as SIEM, IDS/IPS, endpoint protection, and firewalls.
• Knowledge of XDR and Security tooling such as CrowdStrike, Microsoft Defender, Azure Sentinel and Vulnerability management solutions.
• Knowledge of common attack techniques, vulnerabilities, and mitigation strategies.
• Strong analytical and problem-solving skills.
• Ability to work independently and as part of a team.
• Strong written and verbal communication skills including report writing.
• Fluent in British-English both written and verbally.
• Willingness to work on a shift basis, including weekends and holidays.

We offer a fantastic lifestyle-driven working environment, personal and professional training and development to assist in your growth in the cyber security field as well as mentorship from experience Cyber Security professionals.

Job Type: Full-time

Pay: Up to Php55,000.00 per month

Experience:

• Security Analyst: 2 years (Required)

Work Location: In person

• Salary:

₱60,000 - ₱81,000
- Location:

Manila
- Country:

Philippines
- Business Unit:

Technology
- Vacancy Type:

Permanent
- Closing Date:

8 November 2025

Beige Sales

Work setup: We operate in a hybrid work environment, and we encourage applicants who are open to working in the office two days a week to apply.

Work schedule: 15:00 to 23:00 Manila time, with flexibility during major incidents or to support shifting schedules.

Employment type: Permanent

Location: Makati City, Metro Manila

Pay range: We value transparency and want to ensure a good fit for both parties. We encourage applicants who are comfortable within the salary range of Php 60,000 to 81,000 to apply.

Discover a world of endless possibilities with Cambridge University Press & Assessment, a distinguished global academic publisher and assessment organisation proudly affiliated with the prestigious University of Cambridge.

We are looking for a Security Analyst to join our Global Security Operations Centre (SOC) in Manila. In this key role, you will monitor, investigate, and respond to security alerts while proactively strengthening defences to prevent future incidents. You will analyse SIEM logs, contribute to incident response, and provide guidance to junior analysts to ensure effective threat containment. Collaborating with global teams, you will help protect sensitive data, enhance operational resilience, and support the organisation's overall security maturity.

Why Cambridge?

Cambridge University Press & Assessment is a world-renowned not-for-profit academic publisher and assessment organisation, proudly part of the prestigious University of Cambridge. With a legacy rooted in over 800 years of educational excellence, we are dedicated to unlocking the potential of learners and educators across the globe.

Joining Cambridge's second largest global office in the Philippines —operating for over 22 years with 1,300+ colleagues— means becoming a part of an extraordinary institution renowned worldwide. We are recognised as a Great Place to Work for three consecutive years, reflecting our inclusive culture, strong sense of purpose, and commitment to the professional growth and well-being of our people. At Cambridge, we don't just publish books or deliver tests—we empower progress, inspire curiosity, and champion the pursuit of knowledge.

What can you get from Cambridge?

At Cambridge, you'll become a part of a vibrant and forward-thinking community that transcends tradition, fostering a culture of continuous growth and personal development. Here, we provide the right environment for you to thrive, supporting your professional journey and empowering you to reach your highest potential, that is why our pay philosophy is intricately tied to your skills and competencies, ensuring that your compensation aligns with the unique value you bring to the role you are applying for.

The organization offers a wide range of benefits and opportunities including:

• Regular Employment on Day 1
• HMO Coverage and Life Insurance on Day 1
• Paid Annual Leaves (Vacation, Well-being, Flexible, Holiday, and Volunteering leaves)
• Vesting/Retirement package
• Opportunities for career growth and development
• Access to well-being programs
• Flexible schedule, hybrid work arrangement and work-life balance
• Opportunity to collaborate with colleagues from diverse branches that will expand your horizons and enrich your understanding of different cultures

What will you do as a Security Analyst?

Reporting to the Security Operations Lead, you will help defend our network infrastructure against cyber threats.

Your responsibilities will include:

• Monitor system logs daily to detect unusual activity and perform proactive threat hunting to protect the business around the clock.
• Analyse and resolve incidents using established procedures, ensuring timely and accurate responses.
• Follow incident response processes for alerts such as malware, DDoS attacks, and data breaches, escalating when necessary.
• ProvideLevel 2 support for Security Operations, escalating to Level 3 when required.
• Assess and report security risks across networks, systems, and applications.
• Maintain and update documentation, processes, and procedures to keep them current and useful.
• Stay informed about new cybersecurity threats, technologies, and trends.

What makes you the ideal candidate for this role?

An ideal candidate has the following qualities:

Essential:

• Proven professional experience in IT or Security Operations (e.g., technical support or junior security analyst roles).
• Solid understanding of information security through hands-on experience and formal training.
• Practical knowledge of key security tools and technologies such as firewalls, IDS/IPS, DLP, endpoint security, data encryption, NAC, web/email filtering, penetration testing, forensics, and SIEM.
• Clear written and verbal communication skills, able to explain issues to both technical and non-technical audiences.
• The ability to stay calm and focused under pressure.

Desirable:

• Knowledge of security frameworks and standards like ISO 27001 and PCI DSS

Are you driven by desire to be part of a globally renowned institution that celebrates innovation, embraces inclusion, and empowers learners? Then, we invite you to Pursue your Potential with us.

Applications received through the system will be reviewed on a rolling basis and may close the vacancy once sufficient applications are received. Therefore, if you are interested, tailor-fit your CV (advantageous if you submit one with a Cover Letter) and submit as early as possible.

Job Summary

Monitor, investigate and analyze security alerts. Performs in-depth analysis of network traffic and logs, and manages incident response, often requiring advanced technical skills and a deep understanding of cybersecurity frameworks and tools like SIEM, EDR, MDR. Key responsibilities include advanced incident handling, root cause analysis, triage, contributing to detection improvements and staying updated on emerging threats.

Job Specifications:

Education and Experience Required

Graduate of any collegiate course preferably in the field of ICT

Work related experience of at least one (1) year as a Security Analyst.

Good understanding or hands-on experience on incident response, forensics, malware reverse engineering including threat intelligence and other areas of security is desired.

Knowledge on security technologies such as SIEM, MDR, XDR etc. is required.

Knowledge in Network Security controls such as Next Generation Firewalls

Willing to work on shifts.

Duties and Responsibilities:

Security Operation Center Monitoring: In-depth analysis of security logs, network traffic, and system events to identify malicious activity.

• Incident Triage & Investigation: Analyze and investigate security alerts, determining the nature and severity of threats.

• Incident Response & Containment: Handle security incidents and breaches, implementing measures to contain and mitigate risks.

• Malware Analysis & Forensics: Assist in performing malware analysis and forensic investigations when required.

• Detection & Policy Improvement: Recommend and implement improvements to detection rules, playbooks, and security policies.

• Threat Hunting: Assist in proactive search for and identify advanced threats using various tools and techniques.

• Tool Management & Optimization: Assist in the set-up and configuration of security tools like SIEM and EDR to improve their effectiveness.

• Reporting: Document security incidents and create detailed reports for management and other teams.

• Knowledge Development: Stay informed about the latest cybersecurity threats, attack techniques, and vulnerabilities.

• Coordination: Work with vendors and partners in the SOC services fulfillment and meeting the SLA

No matter who you are, Pax8 is a place you can call home. We are growing globally, and are now expanding across Australia, New Zealand and Asia.

Culture is important to us, and at Pax8, it's business, and it
IS
personal. We are passionate, creative, and humorously offbeat. We work hard, keep it fun, and expect the best.

We Elev8 each other. We Advoc8 for our partners. We Innov8 continuously. We Celebr8 life.

Overview:
Pax8 is the leading value-added cloud-based SaaS marketplace, simplifying the cloud journey for our partners by integrating technology, business intelligence, and proactive service to deliver an unparalleled experience. Serving thousands of partners through the indirect sales channel, our mission is to be the world's favorite marketplace for technology professionals to buy cloud products. We are a fast-growing, dynamic, and high-energy organization with a start-up feel, allowing you to make a meaningful impact on the business.
Culture is important to us, and at Pax8, it's business, and it IS personal. We embody
Compassionate Candour
by aiming to assist others with candid, actionable feedback. We
Seek to Understand
by being open, curious, and committed to learning. We believe in
We Before Me
, actively collaborating and seeking out diverse perspectives to ensure a win for Team Pax8. Our team takes pride in
Do What You Say
, taking ownership, honoring commitments, prioritizing, and delivering on promises. We encourage everyone to
Light Up Learning
by being brave and trying new ideas, embracing vulnerability, and sharing failures so everyone can learn. Finally, we are
Driven by Passion
, connecting personal passion to Pax8's mission, and remaining resilient in the face of adversity and uncertainty in pursuit of our goals.
At Pax8, we are passionate, creative, and humorously offbeat. We work hard, keep it fun, and expect the best.
Position Summary:
The Security Analyst at Pax8 is responsible for triaging and responding to cybersecurity events that occur throughout the day. This will involve analysis of events, incident escalation, and remediation particularly with users in compatible time zones. This role will also analyze and prioritize detected vulnerabilities, monitor threat intelligence and determine applicability to Pax8 and our Partners, configure and monitor SaaS security controls, and collaborate with the rest of the Security Operations team and our colleagues.

Essential Responsibilities and Percentage of Time Spent (includes, but is not limited to):

• Monitoring for reported incidents and automated alerts from our security tools. Triage and drive remediation efforts as necessary and clearly document findings.
• Perform forensic review of events and determine risk to Pax8 business operations.
• Assess security vulnerabilities in corporate and production systems, using both common scoring mechanisms and internal engineering context. Triage and prioritize for responsible teams.
• Help develop and monitor threat intelligence sources. Analyze threat intel data and provide unique analysis on applicability to Pax8's business and marketplace.
• Create and improve run books and automation capabilities across all SecOps areas.
• Compose written vulnerability and threat opinions for other Pax8 users and discuss in proper channels as needed.
• Generate metrics and data to support overall Trust and Security initiatives.
• Stay up to date on industry trends and best practices: Continuously learn and adapt the security program to address evolving threats.
• Collaborate with other departments and act as a liaison with IT, engineering, legal, data management office, HR, business leaders, and other departments to ensure security considerations are integrated into all business processes.

Ideal Skills, Experience, and Competencies:

• Three or more years of experience in a security-specific operations or engineering role.
• Experience supporting a SaaS security solution or enterprise browser environment including risk-based prioritization and control configuration.
• Other experience should include one or more of these areas: Vulnerability assessment and management, identity management, or threat intelligence activities.
• At least two years of experience in L2 or higher incident response, forensic analysis, remediation, and risk-based prioritization efforts including technical remediation in corporate enterprise environments.
• Operational experience in securing public cloud deployments such as AWS, Azure, or GCP either directly or through use of CSPM tooling is beneficial.
• Experience using a major SIEM product, including ability to construct ad-hoc searches and perform analysis in related tools.
• Experience in the Microsoft security suite of tools including Defender, Entra, Compliance Center, and Intune.
• Understanding of security best practices and frameworks.
• Excellent verbal and written communication, interpersonal, and collaboration skills will be a requirement.

Required Behaviors:

• Compassionate Candour—We aim to assist others with candid, actionable feedback.
• Seek to Understand—Be open, curious and committed to learning.
• We Before Me—Actively collaborate and seek out diverse perspectives to ensure a win for Team Pax8.
• Do What You Say—Take ownership and honor your commitments; prioritize and deliver.
• Light Up Learning—Be brave and try new ideas; be vulnerable and share your failures so everyone can learn from our mistakes.
• Driven by Passion—Connects personal passion to Pax8 mission, resilient in face of adversity and uncertainty in pursuit of mission.

Required Education & Certifications:

• B.A./B.S. in a related field or equivalent work experience.
• Security focused certifications such as CISSP, GIAC, CEH, CySA+ (optional, but desired).
• Cloud and cloud security-focused certifications related to AWS, Azure, and GCP (optional).

Work Environment:
Professional office environment. Routinely uses standard office equipment such as computers, phones, copy machines, printers, and filing cabinets. Remote and/or hybrid work at Pax8 requires all employees to have adequate, secure, and private internet service.

Physical Demands:
A sedentary role that primarily involves sitting/standing.

Travel Requirements:
Infrequent travel is expected of this position.

People Org Details
Reports to:
Sr. Director of Security Operations

Location:
Manila, Philippines

Position:
Full-time

Position Level:
Individual Contributor

Effective Date:
August 2025

About Us:
Pax8 is the leading value-added cloud-based SaaS marketplace, simplifying the cloud journey for our partners by integrating technology, business intelligence and proactive service to deliver an unparalleled experience. Serving thousands of partners through the indirect sales channel, our mission is to be the world's favourite place to buy cloud products.

Equal Opportunities
Pax8 is an equal opportunities employer and welcome individuals who are in possession of the appropriate requirements to work within the country the role is based in. Offered individuals will be asked to undertake identity, security compliance and reference checks. Your privacy is important to us. Your data will be held in accordance with Data Privacy best practices and processed only in accordance with our recruiting processes.

Job Applicant Privacy Notice

About us

blueAPACHE is an Australian owned award-winning Managed Service Provider, recognised for the 5th year running, as Mid-Market Partner of the Year at the ARN Innovation Awards.

We pride ourselves on being a genuinely great place to work, with a vibrant culture, clear vision, and strong leadership. When joining blueAPACHE, you are joining an organisation that is driven by our core values of employee and customer experience.

We are proud to be an equal opportunity employer and are committed to building a diverse and inclusive workplace where we embrace our individual talents, and our differences.

Goals:

As a Level 1 Security Analyst within a Managed Service Provider (MSP), you will be responsible for continuous monitoring, detection, and initial response to security incidents affecting multiple client environments.

This role requires working on a 24x7 roster to deliver timely, high-quality security operations support for diverse MSP customers. The analyst will collaborate closely with the MSP security team to maintain service level agreements (SLAs) and ensure client asset protection.

• Minimum 1-2 years' experience in a SOC or security analyst role, preferably within an MSP or other environment.
• Hands-on experience with SIEM tools (e.g., Rapid7 InsightIDR, Splunk, QRadar) and endpoint detection platforms.
• Familiarity with networking concepts, operating systems (Windows/Linux), and common security threats.
• Strong analytical and investigative skills with ability to handle multiple clients simultaneously.
• Excellent written and verbal communication skills for client interaction and documentation.
• Ability to work effectively in a 24x7 shift roster including off-hours and public holidays.
• Relevant certifications such as CompTIA Security+, Certified SOC Analyst (CSA), or equivalent is advantageous.

Working Conditions:

• 24x7 shift work in a fast-paced MSP security operations center.
• Handling multiple client environments and adhering to varied SLAs.
• Possible requirement for on-call or overtime during critical incidents.

Career Advancement:

• Advancement to higher-level security analyst and specialized information security roles occurs as skills and experience increase.

Responsibilities:

• Monitor security alerts and events from multiple client environments using SIEM, endpoint protection platforms, IDS/IPS, and other MSP security tools.
• Perform initial investigation and triage of potential security incidents; escalate to Level 2 analysts or relevant teams as per escalation protocols.
• Maintain detailed documentation of incidents, actions taken, and resolutions in MSP ticketing systems.
• Support incident response activities including containment, root cause analysis, and remediation coordination across client environments.
• Communicate clearly with internal teams and clients regarding incident status, follow-up actions, and security recommendations.
• Assist in onboarding new clients' security monitoring and alert tuning.
• Follow MSP security policies, procedures, and compliance requirements to ensure consistent service delivery.
• Participate actively in a 24x7 rotating roster including nights, weekends, and public holidays to maintain continuous security monitoring.

blueAPACHE continues to grow alongside some of Australia's leading midmarket businesses, our valued clients. We continue to stay abreast of current technologies to maintain our competitive advantage, offering the opportunity to continually expand your technical expertise and provide an uncompressing offering to our clients. We recognise our people are our most significant differentiator.

• We offer options for you to interview virtually.
• blueAPACHE offers an environment to make a real difference, develop careers within a supportive and rewarding environment.
• Flexibility to work the way that aligns with our values of employee and customer experience, including hybrid/work from home model.
• Regular social events and an awesome culture – work with a team of experts in their field.
• Ongoing training and development including paid certifications.
• Quality hardware and laptop provided.
• Employee referral programs - once you are in and you are loving it - you can refer a friend and get paid for it

*** Please note, all offers of employment at blueAPACHE are subject to National Police Checking Service.