485 Security Engineer jobs in the Philippines

Experience Level: 5+ years

We are seeking a highly skilled Information Security Engineer to lead the development and implementation of robust security controls across our cloud, application, and enterprise environments. This individual will drive secure SDLC practices, lead threat modeling, manage detection and response capabilities, and strengthen security for cloud and Microsoft 365 platforms. The ideal candidate is a hands-on security expert with a broad technical background, deep problem-solving abilities, and a proactive mindset.

Key Responsibilities

1. Application & Cloud Security

• Implement secure SDLC initiatives by integrating security into design, development, and deployment workflows.

• Conduct threat modeling for both applications and infrastructure to identify and mitigate risks early in the lifecycle.

• Secure cloud platforms, including identity controls, configuration hardening, and policy enforcement.

• Assess and secure financial web applications hosted in AWS through code reviews, penetration testing coordination, and architecture reviews.

2. Security Platform Operations

• Operate and monitor key security platforms such as:

• EDR/XDR solutions

• DLP solutions across endpoints, cloud, and email

• Email Security Solutions

• Ensure proper tuning, coverage, and integration of security tools with enterprise IT systems and logging pipelines.

3. Security Monitoring & Response

• Participate in day-to-day security monitoring using SIEM, EDR/XDR, and other detection platforms to augment the SOC team when required.

• Assist in configuring and tuning monitoring tools for optimal detection coverage.

• Collaborate with different teams to investigate security alerts and incidents.

• Support incident response activities, including triage, containment, and remediation efforts.

• Contribute to post-incident reviews and continuous improvement of detection and response processes.

4. Threat & Vulnerability Management

• Implement and coordinate the identification, triage, and remediation of vulnerabilities across cloud, endpoints, and infrastructure.

• Support ongoing patch management strategy, vulnerability scanning, and threat intelligence correlation.

5. Endpoint & Infrastructure Hardening

• Implement and enforce hardened configurations for endpoints (Windows/Linux), servers, and network appliances.

• Align baseline configurations with CIS benchmarks and industry best practices.

6. Detection Engineering

• Understand, implement, and tune detection rules and logic in SIEM/XDR platforms for proactive threat identification.

• Collaborate with different colleagues to improve alert fidelity, reduce false positives, and create meaningful security detections.

7. Business Continuity & Risk

• Contribute to BCP/DR planning and implementation with a security-first approach.

• Collaborate with stakeholders to ensure critical business processes remain secure and resilient.

Qualifications

• 5+ years of progressive experience in information security roles, preferably with exposure across application, cloud, and infrastructure domains.
• Bachelor's Degree in Computer Science, Information Technology, Software Engineering, Computer Engineering, Electronics Engineering, or related field.
• Experience in managing and securing cloud platforms.
• Hands-on experience with security tools including EDR, DLP, email security, vulnerability scanners, and SIEM.
• Working knowledge of secure SDLC practices, application security testing, and DevSecOps integration.
• Experience with identity and access management (IAM), conditional access, and zero trust architecture.
• Intermediate background in detection engineering, incident response, and threat modeling methodologies (STRIDE, MITRE ATT&CK, etc.).
• Familiarity with regulatory and compliance standards (e.g., NIST, ISO 27001, GDPR, SOC 2, PCI-DSS).
• Excellent communication and collaboration skills; ability to work across technical and non-technical teams.

By applying to this job, you are permitting our organization to use your personal data solely for recruitment purposes. This data may be shared with third-party services to streamline the processing of your application and with our parent company, ETS London, for recruitment assessment and interview purposes.

We are committed to protecting and respecting your privacy. For more information on how we collect, use, store, and protect your personal data, please read our Privacy Notice or contact our

Data Protection Officer

Job Summary:

The Information Security Engineer is responsible for protecting the organization's enterprise information systems, business applications, data assets and people by identifying and mitigating security risks. This role involves conducting comprehensive risk assessments, coordinates with SBU POC leads regarding incident response and remediation eAorts, administering security tools, monitoring networks for security breaches, and ensuring compliance with regulations such as DPA of 2012 and ALI Group company policies. Roles maintains functional accountability to ALI Group Information Security OAicer while maintaining an administrative reporting line to the ALH IT Director.

Duties & Responsibilities:

Security Monitoring and Incident Response

• Monitor the organization's data, IT infrastructure, and systems for security breaches and investigate any violations

• Lead the incident response to potential security incidents by providing detailed analysis, collaborating with various cybersecurity incident response teams, and recommending remediation actions

• Conduct root cause analysis and prepare comprehensive incident reports.

Vulnerability Management

• Perform regular vulnerability assessments and penetration testing to identify security gaps.

• Collaborate with IT teams to remediate identified vulnerabilities.

• Track and report on the status of vulnerabilities and remediation eAorts. Security Policies and Procedures

• Work with the ALI Group Information Security OAicer and CIO on the implementation of security policies, procedures, and guidelines.

• Ensure the implementation of policies and procedures are aligned with business objectives. Ensure compliance with relevant standards and regulatory requirements. Conduct regular reviews and updates of security policies for relevance to ALH business.

Security Awareness and Training

• Develop and deliver security awareness training programs for employees.

• Promote a culture of security awareness within the organization.

• Provide guidance and training on security best practices.

Compliance and Risk Management

• Ensure compliance with relevant laws, regulations, and industry standards (e.g., DPA 2012, GDPR, PCI-DSS).

• Conduct risk assessments and provide recommendations to mitigate identified risks.

• Maintain documentation for compliance audits and assessments.

Collaboration and Communication

• Work closely with IT and other business units to ensure security measures are integrated into all aspects of the organization's operations.

• Communicate security issues and recommendations to senior management and stakeholders.

Security Management and Implementation

• Plan, implement, manage, monitor, and upgrade security measures for the protection of the organization's data, systems, and networks.

• Ensuring that the organization's data and infrastructure are protected by enabling the appropriate security controls.

Qualifications:

• Bachelor's degree in computer science, Information Technology, Engineering, Cybersecurity, or a related field.
• Relevant certifications (e.g., CompTIA Security+, CEH, CIS, ISACA certifications) are a plus.
• 5-7 years of experience in information security or a related field.
• Proficiency with security tools and technologies such as firewalls, IDS/IPS, SIEM, and antivirus software.
• Good understanding of risk management framework, methodologies and mitigation strategies.
• Good appreciation and knowledge of network security, application security, and data privacy & protection principles.  Strong analytical and problem-solving skills.
• Good appreciation and understanding of the security triad – CIA (Confidentiality, Integrity and Availability)
• Ability to learn quickly and adapt to new technologies and processes.
• Detail-oriented with a proactive approach to identifying and addressing security risks.
• Ability to coordinate with diAerent business units and stakeholders for incident response and remediation eAorts.
• Good communication skills
• Good project management skills

Information Security Engineer III

Experience Level:
 5+ years

About the Role

We're looking for a highly skilled 
Information Security Engineer
 to strengthen and scale security across our cloud, application, and enterprise environments. In this role, you'll:

• Lead secure SDLC practices and embed security into every stage of the development lifecycle.
• Drive threat modeling, vulnerability management, and detection engineering.
• Operate and optimize key security platforms (EDR, DLP, SIEM, Email Security).
• Strengthen cloud and Microsoft 365 security, while ensuring enterprise resilience.

Key Responsibilities

Application & Cloud Security

• Integrate security into design, development, and deployment workflows.
• Conduct threat modeling and architecture reviews.
• Secure cloud platforms (AWS, Azure, Microsoft 365) through identity controls, hardening, and policy enforcement.

Security Platform Operations

• Operate and monitor EDR/XDR, DLP, SIEM, and email security platforms.
• Ensure tools are tuned, integrated, and delivering actionable insights.

Security Monitoring & Response

• Support day-to-day monitoring and incident investigations.
• Lead triage, containment, and remediation of threats.
• Contribute to detection tuning, post-incident reviews, and process improvements.

Threat & Vulnerability Management

• Identify, assess, and remediate vulnerabilities across endpoints, infrastructure, and cloud.
• Support patching strategy, scanning, and threat intel correlation.

Endpoint & Infrastructure Hardening

• Implement secure configurations for Windows/Linux endpoints, servers, and network appliances.
• Align with CIS benchmarks and industry best practices.

Detection Engineering & Risk Management

• Build and tune detection logic in SIEM/XDR platforms.
• Collaborate across teams to reduce false positives and improve fidelity.
• Contribute to business continuity and disaster recovery planning.

Qualifications

• 5+ years of progressive experience in information security (application, cloud, infrastructure).
• Strong experience managing and securing 
  cloud platforms
   (AWS, Azure, Microsoft 365).
• Hands-on expertise with 
  security tools
  : EDR/XDR, DLP, SIEM, email security, vulnerability scanners.
• Knowledge of 
  secure SDLC, application security testing, DevSecOps
   practices.
• Familiar with 
  IAM, zero trust, and conditional access
   frameworks.
• Exposure to 
  threat modeling methodologies
   (STRIDE, MITRE ATT&CK).
• Understanding of 
  compliance standards
   (NIST, ISO 27001, GDPR, SOC 2, PCI-DSS).

Why Join Us?

• Work on 
  high-impact security initiatives
   that safeguard financial systems worldwide.
• Grow with us through 
  certifications, training, and clear career pathways
  .
• Collaborate with 
  smart, driven colleagues
   solving complex security challenges.
• Thrive in a 
  hybrid setup
   (2x per month onsite) with a focus on trust and flexibility.
• Be part of a 
  Great Place to Work-certified company
   that values people, not just output.

Note on Data Privacy

By applying, you consent to the use of your personal data for recruitment purposes. Data may be shared with third-party services and our parent company, ETS London, for recruitment and assessment. For questions, contact our 
DPO at 
.

• Azure Infrastructure & Security: NSGs, Routing, Peering, Private Endpoints, Firewalls, WAFs, Sentinel
• Networking: Cisco, FortiGate, VPN, Hybrid Connectivity, Network Security
• IAM & PAM: Azure AD, Conditional Access, RBAC, Azure PIM, CyberArk, BeyondTrust
• Automation & Scripting: PowerShell, Infrastructure as Code (IaC)
• Virtualisation: VMware, Hyper-V
• Security Standards & Compliance: Essential 8, NIST, SOCI
• SIEM & Log Management: Azure Sentinel, Security log ingestion

Let's be #BrilliantTogether

Overview
The role's primary focus is protecting the Firm's information security interests, leveraging advanced security tools and applications. As part of the Information Security Office (ISO), this role will work closely with technology functions to identify areas of improvement and supporting initiatives to promote information security within the organization.

Responsibilities

• Planning, implementing, managing, monitoring, and upgrading security measures for the protection of the organization's data, systems, and networks.
• Troubleshooting Security and network related problems.
• Responding to all system and/or network security issues.
• Ensuring the organization's data and infrastructure are protected by enabling the appropriate security controls.
• Participating in the change management process.
• Testing and identifying network and/or system security vulnerabilities.
• Evaluating the organization's security requirements and establishing best practices and standard accordingly.
• Daily administrative tasks, reporting, and communication with the relevant stakeholders in the organization.

Required Qualifications- Bachelor's degree in information technology or a related IT course.
- At least 4–6 years of experience in Security Engineering, including establishing and monitoring information security controls.
- Minimum of 4 years of hands-on experience with at least 1 or more of the following security tools and technologies:

• Zscaler Cloud Security
• Microsoft Sentinel
• Microsoft Defender Suites (Identity, Endpoint, Security, Cloud, etc.)
• CyberArk Privileged Access Management (PAM)
• Tenable Vulnerability Management
• Physical Security
• Excellent verbal and written communication skills, with the ability to coordinate effectively with vendors and global teams. Proven and strong technical writing capability – candidates should be prepared to provide and/or discuss writing samples.
• Strong administrative capabilities in task development, time management, and resource allocation to meet target deadlines.
• Demonstrated troubleshooting, follow-through, and critical-thinking skills.
• High level of risk intelligence and security awareness.
• Relevant vendor and/or vendor neutral certification(s) such as Microsoft Security Operations Analyst (SC-200), Microsoft Cybersecurity Architect (SC-100), CyberArk Trustee / CyberArk Defender / CyberArk Sentry / CyberArk Guardian, Zscaler Digital Transformation Administrator (ZDTA) / Zscaler Digital Transformation Engineer (ZDTE), CASP+, ISC2 SSCP.

Work Shift and Arrangement

• Embrace a dynamic work environment to work on a mid-shift (2:00PM-11:00PM PHT) or graveyard shift (11:00PM-8:00AM PHT).
• On-call rotation participation.
• Amenable to go on a hybrid working arrangement (at least 3 days work onsite per week) and work in Makati City.

What You Can Expect From Us
At ISS STOXX, our people are our driving force. We are committed to building a culture that values diverse skills, perspectives, and experiences. We hire the best talent in our industry and empower them with the resources, support, and opportunities to grow—professionally and personally.

Together, we foster an environment that fuels creativity, drives innovation, and shapes our future success.

Let's empower, collaborate, and inspire.

Let's be #BrilliantTogether.

About ISS STOXX
ISS STOXX GmbH is a leading provider of research and technology solutions for the financial market. Established in 1985, we offer top-notch benchmark and custom indices globally, helping clients identify investment opportunities and manage portfolio risks. Our services cover corporate governance, sustainability, cyber risk, and fund intelligence. Majority-owned by Deutsche Börse Group, ISS STOXX has over 3,400 professionals in 33 locations worldwide, serving around 6,400 clients, including institutional investors and companies focused on ESG, cyber, and governance risk. Clients trust our expertise to make informed decisions for their stakeholders' benefit.

Visit our website:

View additional open roles:

Institutional Shareholder Services ("ISS") is committed to fostering, cultivating, and preserving a culture of diversity and inclusion. It is our policy to prohibit discrimination or harassment against any applicant or employee on the basis of race, color, ethnicity, creed, religion, sex, age, height, weight, citizenship status, national origin, social origin, sexual orientation, gender identity or gender expression, pregnancy status, marital status, familial status, mental or physical disability, veteran status, military service or status, genetic information, or any other characteristic protected by law (referred to as "protected status"). All activities including, but not limited to, recruiting and hiring, recruitment advertising, promotions, performance appraisals, training, job assignments, compensation, demotions, transfers, terminations (including layoffs), benefits, and other terms, conditions, and privileges of employment, are and will be administered on a non-discriminatory basis, consistent with all applicable federal, state, and local requirements.

Job description:

About the Role

We are looking for a skilled Web & API Security Engineer with strong offensive security expertise. In this hands-on role, you will test modern web applications and APIs to find vulnerabilities, simulate real-world attacks, and work with engineering teams to improve our platform's security.

What You'll Do

• Perform manual security testing on web applications and APIs (REST, GraphQL, gRPC).
• Identify vulnerabilities such as logic flaws, authentication bypasses, and chained exploits.
• Simulate real-world attacks and design potential attack paths.
• Test and analyze security controls like WAFs, rate limits, and authentication systems.
• Document findings clearly to help engineers fix issues quickly.
• Explore edge cases and scenarios often missed by automated tools.

What We're Looking For

• Proven experience in penetration testing of web apps and APIs.
• Strong knowledge of HTTP, cookies, sessions, JWTs, CORS, and authentication flows.
• Expertise in AuthN/AuthZ vulnerabilities (OAuth, IDOR, BOLA, SSO bypass).
• Familiarity with API attack methods (replay attacks, schema issues, parameter pollution).
• Proficiency with tools like Burp Suite Pro, Postman, sqlmap, jwt_tool, and scripting (Python/Bash).
• Ability to think like an attacker and uncover hidden risks.

About the Role

We are looking for a skilled Web & API Security Engineer with strong offensive security expertise. In this hands-on role, you will test modern web applications and APIs to find vulnerabilities, simulate real-world attacks, and work with engineering teams to improve our platform's security.

What You'll Do

• Perform manual security testing on web applications and APIs (REST, GraphQL, gRPC).
• Identify vulnerabilities such as logic flaws, authentication bypasses, and chained exploits.
• Simulate real-world attacks and design potential attack paths.
• Test and analyze security controls like WAFs, rate limits, and authentication systems.
• Document findings clearly to help engineers fix issues quickly.
• Explore edge cases and scenarios often missed by automated tools.

What We're Looking For

• Proven experience in penetration testing of web apps and APIs.
• Strong knowledge of HTTP, cookies, sessions, JWTs, CORS, and authentication flows.
• Expertise in AuthN/AuthZ vulnerabilities (OAuth, IDOR, BOLA, SSO bypass).
• Familiarity with API attack methods (replay attacks, schema issues, parameter pollution).
• Proficiency with tools like Burp Suite Pro, Postman, sqlmap, jwt_tool, and scripting (Python/Bash).
• Ability to think like an attacker and uncover hidden risks.

Join us and enjoy benefits designed to help you thrive:

• Flexible hybrid work setup (1-2 days/month onsite reporting)
• IT Equipment provided
• HMO coverage starting from Day 1 for you and FOUR FREE dependents
• Attractive retirement package with company matching
• Life and Accident Insurance starting Day 1
• 24 Annual PTOs, additional 6 once you reach your 5th year with us
• Competitive benefits with annual merit increase and incentives
• Continuous improvement for our employees (workshops, certification programs, learning sessions, etc.)

The Security Engineer I will perform tasks centered on network environments and will be part of SOC team, building experience while leveraging the team's expertise to accelerate learning and understanding of the SOC and Information Security. The role will protect IT infrastructure from a range of cyber threats. Monitor networks and systems, detect security threats ('events'), analyze and assess alarms, and report on threats, intrusion attempts and false alarms, either resolving them or escalating them, depending on the severity.

• Monitor and respond to security alerts generated by technologies such as SIEM, IDS, EDR or security reports sent directly to the information security mailboxes within a given SLA
• Performing triage, in-depth analysis and investigation as guided by processes and playbooks
• Assist with incident response and post incident reviews
• Respond to security related service requests
• Conduct security investigations using historical data
• Conduct investigations with a wide range of data sets across multiple customer environments
• Develop and maintain a strong relationship with the client, IT and Information Security teams.

Requirements

• Bachelor's Degree holder
• Excellent communication skills
• Ability to work on a shift rotation, including working regular weekends and nightshifts
• a passion for cyber security and a keen interest in IT
• an understanding of the cyber security risks associated with various technologies and ways to manage them
• a good working knowledge of various security technologies such as network and application firewalls, host intrusion prevention and anti-virus
• analytical and problem-solving skills to identify and assess risks, threats, patterns and trends
• verbal communication skills, including presentation skills, with an ability to communicate with a range of technical and non-technical team members and other relevant individuals
• written communication skills, for example to write technical reports
• excellent attention to detail

A leading financial institution is seeking a Security Engineer (SIEM) to join their expert cybersecurity team in Taguig.

This is an exceptional opportunity for you to play a pivotal role in safeguarding digital assets, ensuring robust threat detection, and supporting the continuous evolution of security monitoring capabilities. The organisation offers a collaborative environment where your technical expertise will be valued, and your contributions will directly impact the safety and resilience of critical systems. You will benefit from flexible working opportunities, access to ongoing training, and the chance to work alongside knowledgeable professionals who are committed to nurturing talent and fostering professional growth. If you are passionate about defending against cyber threats and eager to make a meaningful difference within a supportive network, this position provides the perfect platform for your next career move.

• Join a highly skilled cybersecurity team dedicated to protecting vital digital infrastructure and responding proactively to emerging threats across the organisation.
• Enjoy flexible working opportunities, comprehensive training programmes, and the support of experienced colleagues who value knowledge sharing and professional development.
• Contribute directly to the enhancement of security operations by leveraging advanced SIEM technologies, collaborating with cross-functional teams, and participating in continuous improvement initiatives.

What You'll Do
As a Security Engineer Security (SIEM), you will immerse yourself in hands-on cybersecurity operations that are essential for real-time threat detection and rapid incident response. Your day-to-day responsibilities will involve administering sophisticated SIEM solutions, optimising detection rules, conducting forensic investigations when necessary, and integrating up-to-date threat intelligence into monitoring workflows. You will collaborate with cross-functional teams to ensure that incident handling is seamlessly embedded throughout the organisation's operations. In addition to supporting both defensive strategies—such as managing firewalls or endpoint protections—and offensive measures like penetration testing simulations, you will also contribute significantly to developing standardised playbooks for incident response. By continuously refining these procedures based on lessons learned from actual events, you will help drive improvements in overall security posture. Your ability to communicate findings clearly with stakeholders ensures that everyone remains informed about current threats while aligning security efforts with broader organisational objectives.

• Detect, escalate, and remediate cybersecurity incidents efficiently while ensuring minimal disruption to business operations through effective incident management processes.
• Conduct thorough investigations into security events, perform root cause analyses, and participate in post-incident reviews to strengthen organisational defences.
• Collaborate closely with various internal teams to ensure seamless integration of incident handling procedures across all operational areas.
• Perform forensic analysis and malware investigations as required to uncover the source and impact of security breaches.
• Engage in proactive threat hunting activities to identify anomalies, suspicious behaviours, and potential breaches before they escalate into significant incidents.
• Analyse new threats, vulnerabilities, and attack vectors in order to anticipate risks and adapt security measures accordingly.
• Integrate actionable threat intelligence into SIEM rulesets and workflows within the Security Operations Centre (SOC) environment.
• Support both defensive measures such as firewall rule management, endpoint protection strategies, patching protocols as well as offensive techniques like penetration testing and simulation exercises.
• Operate, maintain, and optimise SIEM platforms along with other SOC technologies to ensure high availability, accuracy, and effectiveness of security monitoring tools.
• Develop and refine incident response playbooks for various attack scenarios while maintaining clear documentation of SOC activities, incidents, and processes.

What You Bring
To excel as a Security Engineer (SIEM), you will bring substantial hands-on experience from previous roles focused on security operations centres or similar environments. Your academic background should include at least a bachelor's degree in computer science or related fields complemented by industry-recognised certifications that demonstrate your commitment to professional excellence. You have developed deep familiarity with SIEM technologies alongside other core security tools such as IDS/IPS systems firewalls antivirus solutions enabling you to monitor detect analyse respond swiftly to evolving threats. Your approach combines rigorous analytical thinking with strong interpersonal skills allowing you to work collaboratively across departments while communicating complex technical issues clearly. Experience conducting forensic investigations root cause analyses post-incident reviews further enhances your ability to protect organisational assets proactively. If you have previously supported or mentored less experienced colleagues your nurturing attitude will be welcomed within this inclusive team environment.

• Bachelor's or master's degree in computer science, information technology, cybersecurity or a related discipline is required for this role.
• At least one recognised professional certification such as Security+, ECIH, GCIH, CySA+, CSA, CFR, CISM or CISSP is mandatory; additional certifications are highly desirable.
• A minimum of five years' proven experience working within a security operations role or similar capacity is essential for success in this position.
• Demonstrated expertise in incident response management including escalation procedures and remediation strategies is expected.
• Hands-on experience with key security tools such as firewalls, intrusion detection/prevention systems (IDS/IPS), antivirus software suites and especially SIEM platforms is crucial.
• Comprehensive understanding of cybersecurity principles including best practices for threat detection monitoring vulnerability assessment risk mitigation compliance requirements etc.
• Proficiency in conducting forensic analysis malware investigations root cause assessments post-incident reviews is highly valued.
• Strong analytical skills combined with excellent problem-solving abilities enable you to respond effectively under pressure during complex incidents.
• Outstanding communication skills facilitate collaboration with internal teams stakeholders external partners ensuring alignment on security objectives policies procedures etc.
• Experience mentoring junior analysts or providing guidance within a SOC environment would be considered an advantage though not strictly required.

What Sets This Company Apart
This organisation stands out for its unwavering commitment to building a secure digital future through teamwork knowledge sharing and continuous learning. Employees benefit from flexible working arrangements designed to promote work-life balance alongside generous training opportunities that encourage ongoing professional development. The company fosters an inclusive culture where every voice is heard contributions are valued equally regardless of background or level of experience. With access to cutting-edge technologies supportive leadership structures and a dependable network of peers you can expect both personal satisfaction and career advancement as part of this respected institution's cybersecurity function. Their dedication extends beyond technical excellence—they prioritise empathy collaboration kindness loyalty among team members creating an environment where everyone feels empowered supported motivated by shared goals. If you seek more than just another job but rather a place where your expertise makes a tangible difference while being surrounded by considerate colleagues this is the ideal setting for your next chapter.

What's Next
If you are ready to take on an impactful role where your skills truly matter we invite you to explore this exciting opportunity further

Apply today by clicking on the link provided—your journey towards making a real difference in cybersecurity starts here.

Due to the high volume of applications we are experiencing, our team will only be in touch with you if your application is shortlisted.