198 Security Expert jobs in the Philippines

Job Responsibilities

• Proposes improvement projects and evaluates and reports on costs based on local business needs.

• Acts as a senior manager or first-level supervisor during the manager's absence, providing leadership and being the escalation point of contact for the department.

• Ensure that processes are properly deployed and used within the teams of network or IT system administrators.

• Contributes to the infrastructure strategy.

• Coaches and manages a team of network or IT system administrators

• Managerial responsibilities: no management or less than 3 people. (manage operator profiles)

Qualifications

• Graduate of any IT course
• With at least 5 to 10 years relevant work experience as IT Systems Administrator or Network Security
• With experience in Cisco ASA
• Must have experience in Vmware, Aruba, Windows server and Linux (UBUNTU)
• Must have experience coaches and manages a team of network or IT systems administrators
• Amenable to work onsite in Makati
• Can join ASAP

We are looking for a seasoned Application Security Expert to strengthen the funds and blockchain security of our global crypto exchange. This role focuses on securing exchange systems, wallets, big data platforms, and market-making infrastructure, while also leading smart contract auditing and blockchain threat governance.

• · Lead application security governance for core systems (trading, wallet, big data risk analysis, market-making).
• · Web service log and API analysis, preferabally with AI.
• · Build monitoring and defense mechanisms for funds security; define baselines, compliance strategies, and incident response plans.
• · Identify and mitigate risks across the transaction lifecycle; apply big data/ML.
• · Audit and automate detection of smart contract vulnerabilities.
• · Research blockchain attack vectors, develop detection rules, and deploy on-chain monitoring tools.

Requirements

• · Bachelor's degree or above in Computer Science, Information Security, Cryptography, or related field.
• · 5+ years of experience in application security, blockchain security, or financial risk control; exchange/fintech background preferred.
• · Strong knowledge of exchange funds flow logic and application security frameworks.
• · Hands-on experience with smart contract auditing tools (e.g., Slither, Mythril, Echidna, Foundry).
• · Skilled in big data analysis & risk modeling (Spark, Elasticsearch, Graph DB, ML-based anomaly detection).
• · Strong offensive/defensive security mindset, cross-team collaboration skills, and ability to drive governance into practice.
• · Proficient in English; able to follow cutting-edge blockchain security research.

The Position
You will be part of our Security Automation team that eliminates toil, accelerates incident response, and measurably reduces risk. You will be the hands-on expert designing, building, and operating automations across Microsoft Sentinel SOAR (playbooks/Logic Apps) and ServiceNow (Flow Designer, Orchestration, IntegrationHub). You'll also collaborate on BI/ETL automations (BIDS/SSIS or modern equivalents) to keep dashboards trustworthy and real-time.

Duties and Responsibilities:

• Design & build SOAR playbooks in Microsoft Sentinel to automate enrichment, triage, notifications, containment, and post-incident tasks (e.g., block indicators, disable accounts, isolate endpoints)
• Automate ServiceNow workflows across ITSM/IR (Security Incident, Incident, Problem, Change), including case creation, field population, approvals, tasking, escalations, and bi-directional sync with SOC tools
• Integrate ecosystems: EDR/XDR, firewalls, TI feeds, cloud platforms, identity stores (Entra ID), messaging (Teams/Slack), and evidence stores
• Own reliability: implement robust error handling, retries/idempotency, health checks, observability (logs/metrics), and secrets management (e.g., Key Vault)
• BI/ETL automation (BIDS/SSIS or equivalent): partner with SecOps and Data/BI to automate data pipelines for security KPIs and dashboards (e.g., incidents, SLA/OLA, MTTR)
• Improve detection-to-response flow: enrich alerts, reduce false positives, and streamline handoffs between SIEM, SOAR, and ServiceNow
• Governance & SDLC: version control (Git), code reviews, CI/CD, change control, documentation and runbooks
• Enable the SOC: create reusable automation building blocks, write playbook docs, and train analysts to safely run automations

Requirements:

• Bachelor's degree in computer science/engineering or equivalent hands-on experience
• Minimum 3 years working with ServiceNow and SOAR (Microsoft Sentinel preferred)
• 4+ years working with SOAR (preferably Microsoft Sentinel/Logic Apps) and/or 4+ years hands-on experience with ServiceNow automtions
• Strong ServiceNow skills: Flow Designer, IntegrationHub/Spokes, Orchestration/MID Server, REST/SOAP integrations; solid grasp of ITSM/IR data models and CMDB relationships
• Strong SOAR engineering: event parsing, enrichment patterns, containment actions, webhooks, OAuth/service principals, and API integrations
• Proficiency in scripting/automation: Python and/or PowerShell; comfortable with JSON, REST, and event-driven patterns
• Git-based SDLC and basic CI/CD familiarity; writing clean, tested, maintainable code
• Clear, concise communication with engineers, analysts, and stakeholders

Nice to have:

• KQL (Microsoft Sentinel analytics, hunting, watchlists, data connectors)
• Microsoft cloud automation: Azure Logic Apps, Functions, Automation Accounts, Key Vault, Managed Identities, RBAC
• Experience with BIDS/SSIS/SSDT or Azure Data Factory for BI/ETL; building data feeds that power Power BI or similar dashboards
• Knowledge of EDR/XDR (Microsoft Defender), TIPs, and common IR tools
• Experience with IntegrationHub spokes (e.g., Microsoft, Slack/Teams, Jira) or building custom spokes
• Familiarity with Infrastructure-as-Code (ARM/Bicep/Terraform), Zero Trust patterns
• Practical security ops mindset: incident lifecycle, SOC workflows, MITRE ATT&CK concepts, and measurable improvements to MTTR
• English – High-level proficiency (written and spoken)

• Desired certifications, courses and training :

• SC-100: Microsoft Cybersecurity Architect

• AZ-500: Azure Security Engineer
• AZ-400: DevOps Engineer Expert
• DP-203: Data Engineer (ETL/ADF/Synapse)
• CSA (Certified System Administrator) or CAD (Certified Application Developer)

Our Company

Why Boehringer Ingelheim?
With us, you can develop your own path in a company with a culture that knows our differences are our strengths - and break new ground in the drive to make millions of lives better.

Here, your development is our priority. Supporting you to build a career as part of a workplace that is independent, authentic and bold, while tackling challenging work in a respectful and friendly environment where everyone is valued and welcomed.

Alongside, you have access to programs and groups that ensure your health and wellbeing are looked after - as we make major investments to drive global accessibility to healthcare. By being part of a team that is constantly innovating, you'll be helping to transform lives for generations.

Want to learn more? Visit

You will be part of our Security Automation team that eliminates toil, accelerates incident response, and measurably reduces risk. You will be the hands-on expert designing, building, and operating automations across Microsoft Sentinel SOAR (playbooks/Logic Apps) and ServiceNow (Flow Designer, Orchestration, Integration Hub). You'll also collaborate on BI/ETL automations (BIDS/SSIS or modern equivalents) to keep dashboards trustworthy and real-time.

• Design & build SOAR playbooks in Microsoft Sentinel to automate enrichment, triage, notifications, containment, and post-incident tasks (e.g., block indicators, disable accounts, isolate endpoints).
• Automate ServiceNow workflows across ITSM/IR (Security Incident, Incident, Problem, Change), including case creation, field population, approvals, tasking, escalations, and bi-directional sync with SOC tools.
• Integrate ecosystems: EDR/XDR, firewalls, TI feeds, cloud platforms, identity stores (Entra ID), messaging (Teams/Slack), and evidence stores.
• Own reliability: implement robust error handling, retries/idempotency, health checks, observability (logs/metrics), and secrets management (e.g., Key Vault).
• BI/ETL automation (BIDS/SSIS or equivalent): partner with SecOps and Data/BI to automate data pipelines for security KPIs and dashboards (e.g., incidents, SLA/OLA, MTTR).
• Improve detection-to-response flow: enrich alerts, reduce false positives, and streamline handoffs between SIEM, SOAR, and ServiceNow.
• Governance & SDLC: version control (Git), code reviews, CI/CD, change control, documentation and runbooks.
• Enable the SOC: create reusable automation building blocks, write playbook docs, and train analysts to safely run automations.

• Bachelor's degree in computer science/engineering or equivalent hands-on experience.
• Minimum 3 years working with ServiceNow and SOAR (Microsoft Sentinel preferred).
• 4+ years working with SOAR (preferably Microsoft Sentinel/Logic Apps) and/or 4+ years hands-on experience with ServiceNow automtions.
• Strong ServiceNow skills: Flow Designer, IntegrationHub/Spokes, Orchestration/MID Server, REST/SOAP integrations; solid grasp of ITSM/IR data models and CMDB relationships.
• Strong SOAR engineering: event parsing, enrichment patterns, containment actions, webhooks, OAuth/service principals, and API integrations.
• Proficiency in scripting/automation: Python and/or PowerShell; comfortable with JSON, REST, and event-driven patterns.
• Git-based SDLC and basic CI/CD familiarity; writing clean, tested, maintainable code.
• Clear, concise communication with engineers, analysts, and stakeholders.

Nice to have:

• KQL (Microsoft Sentinel analytics, hunting, watchlists, data connectors).
• Microsoft cloud automation: Azure Logic Apps, Functions, Automation Accounts, Key Vault, Managed Identities, RBAC.
• Experience with BIDS/SSIS/SSDT or Azure Data Factory for BI/ETL; building data feeds that power Power BI or similar dashboards.
• Knowledge of EDR/XDR (Microsoft Defender), TIPs, and common IR tools.
• Experience with Integration Hub spokes (e.g., Microsoft, Slack/Teams, Jira) or building custom spokes.
• Familiarity with Infrastructure-as-Code (ARM/Bicep/Terraform), Zero Trust patterns.
• Practical security ops mindset: incident lifecycle, SOC workflows, MITRE ATT&CK concepts, and measurable improvements to MTTR.
• English – High-level proficiency (written and spoken)

• Desired certifications, courses and training :

• SC-100: Microsoft Cybersecurity Architect.

• AZ-500: Azure Security Engineer.
• AZ-400: DevOps Engineer Expert.
• DP-203: Data Engineer (ETL/ADF/Synapse)
• CSA (Certified System Administrator) or CAD (Certified Application Developer)

About Trustwave

Trustwave is a leading cybersecurity and managed security services provider focused on threat detection and response. We uncover threats that others can't and respond quicker than others can to protect against the devastating impacts of cyberattacks. We're a world-class team of cyber consultants, threat hunters and researchers serving clients in 96 countries. At Trustwave, you can learn alongside the best, make a personal impact on a global scale, and solve new challenges every day. Learn more about us at

.

The Security Consultant role offers an exciting opportunity to work within the world renowned and truly global SpiderLabs team. The team currently has security consultants throughout North America, Latin and Central America, Europe, Africa, Australia, and Asia. The role will be working from home one with some onsite requirements. A training and certification program is also in place for candidates and more information will be shared during the interview process.

Specific Responsibilities:

• Conducting penetration tests against a variety of network and application targets.
• Performing cloud configuration and build reviews, wireless testing and other bespoke assessments.
• Developing tools and processes to automate and simplify penetration testing.
• Being part of a global team of penetration testers, sharing knowledge and methodologies.
• The opportunity for more specialized engagements such as red teaming, OSINT, mobile application, and SCADA testing depending on skills and experience.

Candidates should be well versed in all aspects of penetration testing, with an emphasis on web applications, internal networks, and external networks. Code review and mobile application skills would be desirable but are not necessary. Consultants must be able to effectively balance workload and work effectively and closely with colleagues within the ever growing team of over 100 SpiderLabs team members world wide.

Qualifications:

• Defined professional experience performing security testing of application and network targets; preferably some of that experience will be in a consulting environment.
• Knowledge of security in both Linux and Windows environments as it pertains to web application, middleware, database, and identify management platforms.
• Knowledge of TCP/IP networking.
• Knowledge of modern web application technologies and architectures.
• Certifications such as OSCP, OSCE, CREST CRT and CREST CCT are desirable.
• Demonstrated experience with mobile application security testing an advantage.

Education:

• A high school diploma or equivalent is required; a college or university degree is a plus.

This is a remote opportunity open to anyone legally authorized to work in the Philippines. Guided by our flexible workplace philosophy,
Moments That Matter
, people gather in the office when in-person interaction is most impactful; full-time remote employees may be asked to travel occasionally based on the needs of the team and the business.

Trustwave is an Equal Opportunity Employer. We're committed to treating everyone with respect, one of our core TRUST Values, and strive to create a culture that empowers all Trustees to be their best, most authentic selves. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age, or any other federally protected class.

To All Agencies:

Please, no phone calls or emails to any employee of Trustwave outside of the Talent Acquisition team. Trustwave's policy is to only accept resumes from agencies via the Trustwave Agency Portal. Agencies must have a valid fee agreement in place and they must have been assigned the specific requisition to which they submit resumes, by the Talent Acquisition team. Any resume submitted outside of this process will be deemed the sole property of Trustwave and in the event a candidate is submitted outside of this policy is hired, no fee or payment of any kind will be paid.

The
Security Consultant role at NCC Group is focused on
offensive security
, identifying and demonstrating vulnerabilities in client systems before they can be exploited by malicious actors. By providing an attacker's perspective, the consultant helps clients proactively strengthen their defenses. This role involves delivering high-quality penetration testing engagements, simulating real-world attack scenarios, and advising on mitigation strategies. Based in Manila, the consultant also contributes to the growth of our global delivery capabilities through collaboration, knowledge sharing, and technical excellence.

At NCC Group, you'll have access to structured development opportunities, global mentorship, and support for professional certifications. You'll work on diverse, high-impact engagements that sharpen your skills and accelerate your career in offensive security.

As a Security Consultant, you will play a key role in delivering high-quality technical security assessments for prominent clients worldwide. Your responsibilities will include:

• Executing technical tasks
  across a variety of penetration testing and security assessment engagements.
• Delivering high-quality technical solutions and actionable risk mitigation advice
  , tailored to client environments and aligned with global best practices.
• Identifying, documenting, and assisting in the resolution of security vulnerabilities and incidents.
• Collaborating with global stakeholders and project teams
  to ensure alignment, engagement success, and client satisfaction.
• Managing client interactions professionally
  , supporting relationship development through clear communication and trust-building.
• Operating as both an individual contributor and a collaborative team member
  , adapting to the nature and scope of each engagement.
• Contributing to team knowledge-sharing and capability-building initiatives
  where relevant, with opportunities to support junior team members.

Required Skills

• Strong communication and soft skills
  with the ability to clearly convey technical findings to both technical and non-technical stakeholders in a global set up
• Excellent English language proficiency
  – listening, spoken, and written – suitable for global client interaction
• Experience working with international teams and stakeholders
  , particularly in a consultancy or delivery center context
• Hands-on experience with:
• Web Application and Web Services Security Assessments
• External Infrastructure Security Assessments
• Basic Linux command-line usage and system familiarity

Preferred / Nice to Have

• Familiarity with
  regulatory and compliance standards
  such as PCI DSS, HIPAA, etc.
• Experience in
  programming or scripting
• Code review
  skills for identifying vulnerabilities in application source code
• Exposure to
  internal infrastructure security testing
• Ability to conduct
  active
  firewall testing and configuration reviews
• Understanding of
  mobile application security
  (iOS/Android)
• Experience with
  cloud platform security
• Industry certifications such as
  OSCP, BSCP, CRT, CPSA

Why NCC Group?

At NCC Group, our mission is to create a more secure digital future. That mission underpins everything we do, from our work with our incredible clients to groundbreaking research shaping our industry. Our teams' partner with clients across a multitude of industries, delving into, securing new products, and emerging technologies, as well as solving complex security problems. As global leaders in cyber and escrow, NCC Group is a people-powered business seeking the next group of brilliant minds to join our ranks.

Our colleagues are our greatest asset, and NCC Group is committed to providing an inclusive and supportive work environment that fosters creativity, collaboration, authenticity, and accountability. We want colleagues to put down roots at NCC Group, and we offer a comprehensive benefits package, as well as opportunities for learning and development and career growth. We believe our people are at their brilliant best when they feel bolstered in all aspects of their well-being, and we offer wellness programs and flexible working arrangements to provide that vital support.

About your application

We review every application received and will get in touch if your skills and experience match what we're looking for. If you don't hear back from us within 10 days, please don't be too disappointed – we may keep your CV on our database for any future vacancies and we would encourage you to keep an eye on our career opportunities as there may be other suitable roles.

If you do not want us to retain your details, please email All personal data is held in accordance with the NCC Group Privacy Policy. We are committed to diversity and flexibility in the workplace. If you require any reasonable adjustments to support you during the application process, please tell us at any stage.

Please note that this role involves mandatory pre-employment background checks due to the nature of the work NCC Group does. To apply, you must be willing and able to undergo the vetting process.

About Trustwave

Trustwave is a leading cybersecurity and managed security services provider focused on threat detection and response. We uncover threats that others can't and respond quicker than others can to protect against the devastating impacts of cyberattacks. We're a world-class team of cyber consultants, threat hunters and researchers serving clients in 96 countries. At Trustwave, you can learn alongside the best, make a personal impact on a global scale, and solve new challenges every day. Learn more about us at

The Security Consultant role offers an exciting opportunity to work within the world renowned and truly global SpiderLabs team. The team currently has security consultants throughout North America, Latin and Central America, Europe, Africa, Australia, and Asia. The role will be working from home one with some onsite requirements. A training and certification program is also in place for candidates and more information will be shared during the interview process.

Specific Responsibilities:

• Conducting penetration tests against a variety of network and application targets.
• Performing cloud configuration and build reviews, wireless testing and other bespoke assessments.
• Developing tools and processes to automate and simplify penetration testing.
• Being part of a global team of penetration testers, sharing knowledge and methodologies.
• The opportunity for more specialized engagements such as red teaming, OSINT, mobile application, and SCADA testing depending on skills and experience.

Candidates should be well versed in all aspects of penetration testing, with an emphasis on web applications, internal networks, and external networks. Code review and mobile application skills would be desirable but are not necessary. Consultants must be able to effectively balance workload and work effectively and closely with colleagues within the ever growing team of over 100 SpiderLabs team members world wide.

Qualifications:

• Defined professional experience performing security testing of application and network targets; preferably some of that experience will be in a consulting environment.
• Knowledge of security in both Linux and Windows environments as it pertains to web application, middleware, database, and identify management platforms.
• Knowledge of TCP/IP networking.
• Knowledge of modern web application technologies and architectures.
• Certifications such as OSCP, OSCE, CREST CRT and CREST CCT are desirable.
• Demonstrated experience with mobile application security testing an advantage.

Education:

• A high school diploma or equivalent is required; a college or university degree is a plus.

This is a remote opportunity open to anyone legally authorized to work in the Philippines. Guided by our flexible workplace philosophy, Moments That Matter, people gather in the office when in-person interaction is most impactful; full-time remote employees may be asked to travel occasionally based on the needs of the team and the business.

Trustwave is an Equal Opportunity Employer. We're committed to treating everyone with respect, one of our core TRUST Values, and strive to create a culture that empowers all Trustees to be their best, most authentic selves. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age, or any other federally protected class.

To All Agencies:

Please, no phone calls or emails to any employee of Trustwave outside of the Talent Acquisition team. Trustwave's policy is to only accept resumes from agencies via the Trustwave Agency Portal. Agencies must have a valid fee agreement in place and they must have been assigned the specific requisition to which they submit resumes, by the Talent Acquisition team. Any resume submitted outside of this process will be deemed the sole property of Trustwave and in the event a candidate is submitted outside of this policy is hired, no fee or payment of any kind will be paid.

About Trustwave
Trustwave is a leading cybersecurity and managed security services provider focused on threat detection and response. We uncover threats that others can't and respond quicker than others can to protect against the devastating impacts of cyberattacks. We're a world-class team of cyber consultants, threat hunters and researchers serving clients in 96 countries. At Trustwave, you can learn alongside the best, make a personal impact on a global scale, and solve new challenges every day. Learn more about us at

.

The Security Consultant role offers an exciting opportunity to work within the world renowned and truly global SpiderLabs team. The team currently has security consultants throughout North America, Latin and Central America, Europe, Africa, Australia, and Asia. The role will be working from home one with some onsite requirements. A training and certification program is also in place for candidates and more information will be shared during the interview process.

Specific Responsibilities

• Conducting penetration tests against a variety of network and application targets.
• Performing cloud configuration and build reviews, wireless testing and other bespoke assessments.
• Developing tools and processes to automate and simplify penetration testing.
• Being part of a global team of penetration testers, sharing knowledge and methodologies.
• The opportunity for more specialized engagements such as red teaming, OSINT, mobile application, and SCADA testing depending on skills and experience.

Candidates should be well versed in all aspects of penetration testing, with an emphasis on web applications, internal networks, and external networks. Code review and mobile application skills would be desirable but are not necessary. Consultants must be able to effectively balance workload and work effectively and closely with colleagues within the ever growing team of over 100 SpiderLabs team members world wide.

Qualifications

• Defined professional experience performing security testing of application and network targets; preferably some of that experience will be in a consulting environment.
• Knowledge of security in both Linux and Windows environments as it pertains to web application, middleware, database, and identify management platforms.
• Knowledge of TCP/IP networking.
• Knowledge of modern web application technologies and architectures.
• Certifications such as OSCP, OSCE, CREST CRT and CREST CCT are desirable.
• Demonstrated experience with mobile application security testing an advantage.

Education

• A high school diploma or equivalent is required; a college or university degree is a plus.

This is a remote opportunity open to anyone legally authorized to work in the Philippines. Guided by our flexible workplace philosophy,
Moments That Matter
, people gather in the office when in-person interaction is most impactful; full-time remote employees may be asked to travel occasionally based on the needs of the team and the business.

Trustwave is an Equal Opportunity Employer. We're committed to treating everyone with respect, one of our core TRUST Values, and strive to create a culture that empowers all Trustees to be their best, most authentic selves. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age, or any other federally protected class.

To All Agencies
Please, no phone calls or emails to any employee of Trustwave outside of the Talent Acquisition team. Trustwave's policy is to only accept resumes from agencies via the Trustwave Agency Portal. Agencies must have a valid fee agreement in place and they must have been assigned the specific requisition to which they submit resumes, by the Talent Acquisition team. Any resume submitted outside of this process will be deemed the sole property of Trustwave and in the event a candidate is submitted outside of this policy is hired, no fee or payment of any kind will be paid.