112 Security Architect jobs in the Philippines

Job Posting: Network Security Architect

Position Overview

We are seeking a highly skilled Network Security Architect to join our dynamic team. This role involves designing, implementing, and managing advanced security solutions in a fast-paced environment. The ideal candidate will have extensive hands-on experience with leading firewall and security technologies, along with a proven track record in architecting secure network infrastructures.

Key Details

• Location
  : BGC Taguig or Makati
• Shift
  : Night Shift/Shifting – Flexibility is required
• Work Setup
  : RTWO/Hybrid
• Experience Level
  : 10+ years
• Salary Range
  : PHP 130,000 – 200,000 (depending on experience)

Required Skills & Experience

• 8+ years in network security, including at least 3 years in a security architect role
• Hands-on expertise with Checkpoint Firewalls, Palo Alto Firewalls, Cisco ISE, Cloudflare WAF, Illumio Core, Proofpoint email security, Tufin SecureChange+, and Zscaler ZIA/ZPA/ZDX
• Deep knowledge of security fundamentals, including VPNs, IPS/IDS, SSL decryption, and network protocols (TCP/IP, BGP, OSPF)
• Proven ability to design, implement, and manage cybersecurity operations, incident response, and vulnerability management

Technical Expertise

• Advanced proficiency in Palo Alto firewall technologies (PA Series, Panorama, GlobalProtect) and Checkpoint firewalls
• Strong command of security policies, rule sets, NAT, App-ID, User-ID, Content-ID, and URL filtering
• In-depth experience with security policy development, firewall rule management, network segmentation, and access controls
• Expertise in cloud security best practices and integrating multi-vendor solutions in hybrid and cloud setups
• Familiarity with security automation and scripting to optimise processes

Secondary Skills

• Excellent communication and collaboration abilities
• Strong analytical and problem-solving skills
• Capability to thrive under pressure in a high-velocity setting
• Solid organisational skills with keen attention to detail
• Knowledge of compliance standards such as PCI-DSS, ISO 27001, HIPAA, GDPR, and NIST
• Availability for on-call incident response and security alerts as needed

Must-Have Qualifications

• Hands-on experience with the specified tools and technologies
• B.E./B.Tech/MCA degree with 6-10 years of relevant experience
• Palo Alto Networks Certified Network Security Engineer (PCNSE) is highly preferred
• Relevant certifications such as CISSP, CISM, CCIE Security, PCNSE, or equivalent
• Vendor-specific certifications from Checkpoint, Zscaler, Cisco, and Cloudflare are highly desirable

Good-to-Have

• Strong communication skills

Additional Requirements

• Must be willing to work in Taguig or Makati
• Preference for candidates with a stable employment history (no frequent short-term roles under 1 year)

Key Responsibilities

1. Configure, manage, and troubleshoot Palo Alto firewalls and related security solutions across data centres, cloud, and hybrid environments. Develop, implement, and refine security policies to ensure consistent enforcement.
2. Lead investigations into complex firewall issues and performance challenges, leveraging deep technical expertise for resolution. Apply a comprehensive understanding of VPNs, IPS/IDS, SSL decryption, and protocols like TCP/IP, BGP, and OSPF.
3. Partner with network and security teams to align firewall configurations with broader network designs and security strategies. Handle firmware upgrades, patching, and capacity planning for firewalls. Collaborate with cross-functional groups, including network engineers, cloud architects, and SOC teams, for seamless integrations.
4. Demonstrate self-motivation, quick learning, and adaptability in a 24/7 operational environment. Participate in on-call rotations, manage critical incidents outside business hours, and apply ITIL principles for effective service management.

If you are a proactive security professional ready to drive robust network defences, apply now

Please share this job with your network. Thank you

Role:
Network Security Architect

Location:
Philippines

Required Skills:

• 8+ years of experience in network security with at least 3 years in security architect role
• Hands on experience with Checkpoint Firewalls, Palo Alto Firewalls, Cisco ISE, Cloudflare WAF, Illumio Core, Proofpoint email security, Tuffin Secure Change+, Zscaler ZIA/ZPA/ZDX.
• Deep understanding of security concepts, VPNs, IPS/IDS, SSL decryption, and network protocols (TCP/IP, BGP, OSPF).
• Proven expertise in designing, implementing, and managing Cyber Security Operations, incident response, and vulnerability management.

Technical Expertise:

• Expertise in Palo Alto firewall technologies (PA Series, Panorama, Global Protect) and checkpoint firewalls.
• Strong knowledge of security policies, rule sets, NAT, app-ID, user-ID, content-ID, and URL filtering.
• In-depth knowledge of security policy creation, firewall rule sets, network segmentation, and access controls.
• Proficiency in cloud security best practices and multi-vendor security solutions for hybrid and cloud environments.
• Familiarity with security automation and scripting for streamlining security processes.

Secondary Skills:

• Excellent communication and collaboration skills.
• Strong analytical thinking and problem-solving abilities.
• Ability to work under pressure and in a fast-paced environment.
• Strong organizational skills with attention to detail.
• Experience with compliance frameworks such as PCI-DSS, ISO 27001, HIPAA, GDPR and NIST
• Willingness to respond to on-call incidents and security alerts when necessary.

Must-Have:

• Must have hand on experience on above mentioned tools
• B.E/B.Tech/MCA with 6-10 years of experience.
• Palo Alto Networks Certified Network Security Engineer (PCNSE) is highly preferred.
• Relevant certifications such as CISSP, CISM, CCIE security, PCNSE or equivalent.
• Vendor specific certifications from checkpoint, Zscaler, cisco, and Cloudflare are highly desirable.

Good-to-Have:

• Good communication skills.

Responsibility of / Expectations from the Role:

• Configure, manage, and troubleshoot Palo Alto firewalls and security solutions across multiple environments (data centers, cloud, etc.).
• Develop, implement, and optimize security policies and procedures, ensuring they are properly applied and enforced.
• Configure, manage, and troubleshoot Palo Alto firewalls and security solutions across multiple environments (data centers, cloud, etc.).
• Develop, implement, and optimize security policies and procedures, ensuring they are properly applied and enforced.
• Lead the investigation of complex firewall issues and performance problems, applying deep technical knowledge to resolve incidents.
• Deep understanding of security concepts, VPNs, IPS/IDS, SSL decryption, and network protocols (TCP/IP, BGP, OSPF).
• Collaborate with the network and security teams to ensure the firewall configurations align with network design and overall security strategy
• Perform firmware upgrades, security patching, and capacity planning for Palo Alto firewalls.
• Work closely with cross-functional teams, including network engineers, cloud architects, and SOC teams, to ensure smooth integration of firewall solutions
• Self-motivated and quick learner and should be flexible in working 24*7 environment.
• Must be available for on-call rotations and able to handle critical incidents during non-business hours. Must have ITIL Understanding.

Required Technical Skill Set:

· years of experience in network security with at least 3 years in security architect role

Hands on experience with Checkpoint Firewalls, Palo Alto Firewalls, Cisco ISE, Cloudflare WAF, Illumio Core, Proofpoint email security, Tuffin Secure Change+, Zscaler ZIA/ZPA/ZDX.

Deep understanding of security concepts, VPNs, IPS/IDS, SSL decryption, and network protocols (TCP/IP, BGP, OSPF).

Proven expertise in designing, implementing, and managing Cyber Security Operations, incident response, and vulnerability management.

·   
Technical Expertise:

Expertise in Palo Alto firewall technologies (PA Series, Panorama, Global Protect) and checkpoint firewalls.

Strong knowledge of security policies, rule sets, NAT, app-ID, user-ID, content-ID, and URL filtering.

In-depth knowledge of security policy creation, firewall rule sets, network segmentation, and access controls.

Proficiency in cloud security best practices and multi-vendor security solutions for hybrid and cloud environments.

Familiarity with security automation and scripting for streamlining security processes.

·
Secondary Skills:

Excellent communication and collaboration skills.

Strong analytical thinking and problem-solving abilities.

Ability to work under pressure and in a fast-paced environment.

Strong organizational skills with attention to detail.

Experience with compliance frameworks such as PCI-DSS, ISO 27001, HIPAA, GDPR and NIST

Willingness to respond to on-call incidents and security alerts when necessary.

Summary

This role leads the design and implementation of enterprise cloud network security solutions, focusing on CASB and CNAPP technologies. The architect will manage Microsoft cloud security tools and contribute to the development of secure, scalable cloud environments.

Key Responsibilities:

• Design and implement cloud-native security architectures and CASB strategies.
• Manage and configure Microsoft Defender for Cloud Apps, CNAPP, and Microsoft Entra ID.
• Conduct security assessments and audits of cloud infrastructure.
• Develop and maintain cloud security policies, standards, and documentation.
• Collaborate with engineering teams to transition from hands-on implementation to strategic architecture.

Must-Have Skills & Experience:

• 3–5 years of hands-on experience in cloud network security engineering.
• Proven experience managing enterprise CASB and CNAPP solutions.
• Strong expertise in Microsoft cloud security technologies (Defender, Entra ID, CNAPP).
• Background in network security or cloud security engineering.
• Demonstrated experience in enterprise-level cloud security monitoring and solution deployment.

Preferred Qualifications:

• 10 years of overall experience in IT/security (flexible for candidates with strong cloud security engineering background).
• Experience with Palo Alto Prisma or Vectra AI.
• Familiarity with Zscaler is a plus.
• Strong problem-solving and communication skills.

Job Description

The Security Architect must gain understanding of the organization's technology and information systems, and define the architectural description, embed security-by-design requirements and controls to the IT infrastructure, software, processes and operations.

Roles and Responsibilities

• Plan, research, and design flexible and robust security architectures for all bank projects and initiatives, detailing security controls and protection mechanisms.
• Partner with Solutions Architects, domain architects, business, and product teams to integrate security seamlessly into solution designs.
• Perform security design reviews, lead threat modeling exercises, identify security architecture gaps, and develop actionable security risk management plans.
• Continuously review current system security across IT infrastructure, networks, APIs, and software applications, recommending and implementing strategic enhancements.
• Conduct thorough technical design studies, reviews, and evaluations of applications prior to deployment to ensure security requirements are met.
• Evaluate security architecture and designs to determine the adequacy of security design and architecture proposed or provided in response to requirements contained in acquisition documents.
• Research on the latest security standards and ensures that acquired or developed systems and architecture are consistent with cybersecurity architecture standards
• Perform other duties that are required of and related to the core functions of a Security Architect.

Qualifications

• Graduate of a bachelor's degree
• Experience in a wide range of security technologies, cloud platforms, API, and DevSecOps
• Demonstrated experience (at least 2-5 years) in security design and architecting, security engineering, with strong background (and proven record) in designing, implementing, and integrating security solutions and technologies. With a minimum of 2-3years in a leadership or senior role.
• Proficient in security and network infrastructure, design and operations, software development security practices (i.e., OWASP), API-design, microservices, vulnerability management, penetration testing, and threat modeling
• Proficient in full lifecycle secure system development, from concept to implementation and support
• Preferred certifications: CISSP, CISM, CCSP, Cloud-related certifications, and other IT and risk related certifications
• Proficient in information security, cybersecurity and data privacy principles and standards (NIST, CIS Controls, ISO 27001:2013, PCI DSS v. 3.2, and similar standards)
• Strong leadership and ability to motivate a team and work independently with peers across various levels of management, and multiple priorities in a fast-paced and dynamic environment.
• Analytical/Critical thinking and problem-solving skills with strong attention to accuracy and detail
• Effective written and oral communication skills for engaging with senior stakeholders and cross-functional teams

工作职责

设计和实施云安全架构,确保云平台(AWS、华为云、阿里云等)以及本地数据中心上的应用和数据资源安全

参与设计与实施云平台的安全控制,如身份与访问管理、数据加密、防火墙和安全组等

安全监控与安全事件响应

构建云安全监控管理平台,使用工具(如 AWS CloudTrail、CloudWatch、GuardDuty、蜜罐等)监控云环境的安全事件和异常行为

支持 DevSecOps 文化,将安全嵌入到持续集成/持续交付(CI/CD)管道中

跟踪云安全领域的最新威胁与趋势,确保云架构始终符合最新的安全要求。

工作要求:

至少 5 年以上在云安全领域的工作经验,3 年以上的云安全架构设计经验。

深入了解 AWS、华为云 或阿里云等主要云平台的安全服务和功能。

精通云安全架构设计,熟悉安全控制、风险评估、合规要求、漏洞扫描、身份管理等领域。

熟悉 AWS IAM、AWS KMS、AWS Shield、AWS WAF、AWS GuardDuty 等 AWS 安全服务

精通网络安全技术,能够设计和实施 VPC、子网、NACL、安全组等网络安全控制

熟悉容器和 Kubernetes 安全,了解如何在云环境中保护容器和微服务架构

精通常见的攻击如SQL注入、XSS攻击、CC攻击、反弹shell的原理以及防御方式

加分项:

AWS Certified Security - Specialty 或相关云安全认证(如 Certified Information Systems Security Professional (CISSP))。

具备安全事件的实战经验,如系统被入侵、数据泄露等事件的处理经验

熟悉 DevSecOps 和 CI/CD 流程中的安全集成。

有在金融、互联网或其他高合规性行业工作的经验。"

The Security Architect is responsible for establishing enterprise-level security architecture following industry best standards and practices for application, infrastructure, and architecture security on both cloud and on-premises environments based on emerging cybersecurity trends and threats.

Development of security control requirements to ensure security-related information for external interfaces, information being exchanged across the interfaces, and protection mechanisms associated with each interface.

• Develop and design a security architecture, primarily on cloud and application security designs that fit into the business requirements and objectives, conform with regulatory requirements, and balance the implementation of appropriate countermeasures against the corresponding risks to the Bank's information.
• Act as a liaison between business and technology from a security perspective. Collaborate with solution architects, software developers, security analysts, and other relevant stakeholders to ensure sufficient and appropriate security requirements are in place throughout the whole project development and lifecycle.
• Contribute in designing, establishing, and implementing security policies, technical security standards, and procedures that ensure alignment with the Bank's security framework for maintaining a robust secure environment.
• Continuously analyze and assess the security architecture and security capabilities of the Bank against emerging threats to continuously improve the security posture and the Bank's ability to adapt and ensure effectiveness of its security measures against the industry threat landscape.
• Participate in conducting security awareness initiatives by providing guidance and training to employees on security best practices, policies, and procedures.
• Identify and provide recommendations for security assessments to identify potential risks and vulnerabilities in projects, change requests, and ad-hoc engagements.

We are seeking an experienced and visionary
Enterprise Security Architect
to join our team at
Executive Operations
. In this strategic role, you will be responsible for designing, implementing, and maintaining the enterprise-wide security architecture that safeguards our critical systems, applications, and data. You will collaborate closely with executives, IT, and security teams to align security strategies with business objectives while ensuring compliance with industry standards and regulatory requirements. The ideal candidate will possess deep expertise in security frameworks, cloud and enterprise architecture, and advanced threat mitigation.

Security Architecture & Design

• Develop and maintain the enterprise security architecture, ensuring alignment with business goals and IT strategy.
• Design secure solutions for applications, infrastructure, cloud platforms (AWS, Azure, GCP), and hybrid environments.
• Establish and enforce architectural standards, reference models, and best practices across the enterprise.

Risk & Compliance

• Conduct threat modeling and risk assessments to identify potential vulnerabilities and define mitigation strategies.
• Ensure security programs comply with frameworks and regulations such as NIST, ISO 27001, GDPR, HIPAA, and SOC 2.
• Collaborate with compliance teams to prepare for audits and certification efforts.

Technology Leadership

• Evaluate, recommend, and implement advanced security technologies (e.g., IAM, PAM, SIEM, EDR, DLP, CASB).
• Lead the integration of security controls into enterprise systems, networks, and cloud services.
• Guide the adoption of Zero Trust architecture principles and security-by-design methodologies.

Collaboration & Governance

• Work with IT, DevOps, and business stakeholders to embed security into enterprise initiatives and digital transformation projects.
• Provide architectural oversight for security incident response and disaster recovery planning.
• Chair security architecture review boards and ensure governance processes are followed.

Mentorship & Innovation

• Mentor security engineers and architects, fostering professional growth and knowledge sharing.
• Stay ahead of emerging threats, attack vectors, and evolving technologies to continuously improve the security posture.

Requirements

Essential Qualifications:

• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field (Master's preferred).
• 7+ years of experience in information security, with at least 3 years in a security architect or equivalent role.
• Strong knowledge of enterprise architecture frameworks (e.g., TOGAF, SABSA) and security models.
• Proven expertise in designing secure architectures for cloud (AWS, Azure, GCP), on-premise, and hybrid environments.
• Deep understanding of network security, identity and access management, encryption, and application security.
• Experience with SIEM, SOAR, IDS/IPS, endpoint protection, and vulnerability management tools.
• Familiarity with DevSecOps practices, CI/CD security integration, and container security (Docker, Kubernetes).
• Certifications such as CISSP, CISM, SABSA, TOGAF, or AWS Certified Security Specialty are strongly preferred.
• Excellent leadership, communication, and stakeholder management skills.
• Ability to balance strategic vision with hands-on execution.

Location:
BGC, Taguig City

Shift:
APAC

Setup:
Hybrid

Employment Type:
Full-time | Permanent | Direct Hire

As the
Security Architect for Network and Cloud
, you'll drive the design and implementation of the company's cloud network security framework. You will manage and optimize key cloud security tools, including CNAPP and CASB technologies, to ensure robust protection across all environments.

Key Responsibilities

• Design and implement secure, scalable cloud architectures and CASB strategies.
• Establish and maintain cloud security policies, standards, and best practices.
• Conduct security assessments and audits of cloud infrastructure and applications.
• Maintain documentation and ensure operational excellence of cloud network security tools.

What You Bring:

• Bachelor's degree in Computer Science or equivalent experience.
• Strong background in enterprise cloud security architecture and implementation.
• Hands-on experience with
  Microsoft Defender for Cloud Apps
  and
  Microsoft Defender for Cloud/Wiz, Orca, Cyscale, Ermetic.
• Proven experience deploying CASB and CNAPP solutions.
• Expertise in network security configuration (security groups, ACLs, load balancers).
• Solid understanding of
  Microsoft Entra ID
  and IAM solutions.
• Strong analytical, problem-solving, and communication skills.
• Knowledge of security frameworks and compliance standards.