17 Security Monitoring jobs in the Philippines

**Qualifications**:

- Graduate of bachelor’s degree in Computer Science or in relevant field
- Has 2 years’ experience in Cyber Incident Response or Cyber Security
- Beginner, learning stage experience, exposure and doing the computer forensics, investigations of computer
- Strong hardware, software, OS experience
- Thinks out of the box and goes beyond the guidelines/playbook to resolve an issue or escalation
- Good to have experience in the following:

- Reverse malware, advanced security operations, advanced tech support
- Digital forensic investigator
- 3 years vulnerability assessment and penetration testing
- Willing to work in Mandaluyong

Triage and assess reported security events to determine if an information security incident has occurred, appropriate crisis, escalation level and key communication required.

Execute documented processes within all activities of the CIRT playbook and security incident response lifecycle.
Collect, preserve and process volatile information and evidences needed to conduct highly-confidential forensic investigations. Investigation of digital evidences

**Job Types**: Full-time, Permanent

**Benefits**:

- Company Christmas gift
- Company events
- Health insurance
- Life insurance
- Opportunities for promotion

Schedule:

- 8 hour shift

Supplemental pay types:

- 13th month salary
- Bonus pay

**Education**:

- Bachelor's (preferred)

**Experience**:

- Cyber Incident Response or Cyber Security: 2 years (required)
- vulnerability assessment and penetration testing: 3 years (preferred)
- o Digital forensic investigator: 1 year (preferred)

Description:
We believe technology should help you achieve more. And we help businesses do exactly that almost daily — co-creating innovative connected products, rapidly and securely deploying apps in the cloud, managing employee-owned devices on a global scale, and deflecting sophisticated hacker attacks. In support of our world leading position in Cyber Security, we have recently launched a new service, the Computer Security Incident Response Team ( CSIRT ) br>
Our newly offered service will include a designated CSIRT Consultant full time or as a shared resource, who will work as a contact and communications point between our security services team and customers’ security and IT staff as well as users and other important partners. You will also be responsible for operating the incident management process in accordance with the procedures designed in cooperation with customers. < r>
On a day to day basis, you will assist with, identify and respond to incidents as well as proactively propose improvements for how to reduce risk and potential future incidents.

Receiving and monitoring incident information from our managed security services and other sources.

Reviewing the collected incident data and confirming or rejecting incidents based on the analysis.

Classifying and prioritizing incidents based on established criteria.

Facilitating communication between stakeholders of the incident status.

Coordinating the containment effort based on the available information and established processes.

Performing vulnerability management using the Qualys tool.

Making containment decisions and facilitating decision making by other parties using established escalation processes.

Communicating with affected users and partners to organize the containment effort.

Verifying the effectiveness of containment actions taken.

Identifying the attack vector used by incident and taking actions to confirm that similar incidents are prevented in the future.

Validating the effectiveness of the eradication actions.

Coordinating forensics and law enforcement activities with officials as necessary.

Analyzing the incident response effort, with feedback from the customer and third parties.

Conducting proactive management of the Monitoring and Analytics solution.

You'll need to have:

Bachelor's degree or 3 or more years of work experience.

3 or more years of relevant work experience in Security

Knowledge of Network and Web Application vulnerability assessments.

Even better if you have one or more of the following:

2 or more years of work experience in Security incident detection or Security incident management.

Demonstrated strong communication skills and the capability to engage with customers at both technical and executive levels.

Strong problem-solving and security analytics skills and the ability to identify gaps in processes and recommend improvements for mitigation.

Four or more years of experience in security operations, risk management, operational management, and/or consultant management.

CSIRT experience.

Experience structuring and operating an efficient Incident Response process.

Knowledge of common types of malware, their infection vectors, how to identify them using network and host based tools, and how to eradicate them and verify the success of eradication efforts.

Knowledge of current security threats and vulnerabilities and how to detect and mitigate them, and the ability to understand their possible consequences on the customer’s environment. < r>
Understanding of modern technologies used to detect malware and vulnerabilities and protect assets.

SIEM (SPLUNK) and log analytics skills.

SANS or other Security certifications, such as GCIA, GCIH, GREM, GPEN, CEH.

CISSP certification and/or CISM certification.

ITIL Foundations training/certification.

Knowledge of ISO 27001 requirements.

Security Operations Analyst

**Responsibilities**:
Use SIEM technologies and other native tools to perform the monitoring of security events on a 24x7 basis.

Use the SIEM to monitor the network and perform analysis, while integrating the results and information needed to proactively protect the enterprise. This includes developing customized signatures, enterprise content filtering, or firewall ACL change recommendations.

Provide security events analysis and support to include identifying potential threat, anomalies, and infections, documenting findings, providing recommendations within the incident management system, performing triage of incoming security events, performing preliminary and secondary analysis of those events, and validating the events

Provide cybersecurity root-cause analysis in support of any tickets for which it fails to meet the Acceptable Quality Levels (AQLs) specified in the PRS. This root-cause analysis will include documenting recommendations for corrective action.
Minimum of 2 years of experience in Cyber Security.

Bachelor of Science (Masters preferred) in Computer Science, Systems Engineering, Cybersecurity, Information Technology or related area.

Working level knowledge of policies, procedures, and protocols of a government Security Operations Center.

**Preferred Certifications**: Comptia Security+ Certified Ethical Hacker (CEH)

Strong analytical and planning skills;
Good communication and presentation skills;
Excellent problem-solving skills;

_**Qualifications**_
- Bachelor’s degree in Information Technology, Computer Science or any related course
- With a minimum of 1 year related experience
- With Information Security-related trainings, preferably on Data Privacy Act of 2012 (RA 10173)
- Strong analytical, composition, and prioritizing skills
- Detail-oriented and with good organization and coordination skills
- Ability to maintain confidentiality
- Good written and oral communication skills
- **Duties and Responsibilities**_
- Implements security policy/measures and recommends improvements, as necessary
- Coordinates with all departments to ensure conformity to the PSMBFI Data Privacy Manual
- Aids in the conduct of routine review and inspection of security system infrastructure
- Coordinates with the IT department for the analysis of suspected information security breaches, and escalates such to the Head, Information Security Office, as necessary
- Provides administrative assistance in the conduct of periodic data privacy and information security awareness programs such as orientation and information campaigns to employees of the Company
- Assists in the preparation of various communications memoranda and departmental reports
- Receives and records incoming and outgoing communications of the department
- Maintains neat and orderly files of the department and ensures completeness, proper documentation and confidentiality
- Manages office and computer supplies as well as office equipment to ensure availability of resources for use by the department
- Performs tasks as provided for in the updated and approved PSMBFI Operations Manual
- Performs other related functions as directed by superior

**Job Types**: Full-time, Permanent

**Salary**: Php17,000.00 - Php20,000.00 per month

Schedule:

- 8 hour shift
- Monday to Friday

Supplemental Pay:

- 13th month salary
- Overtime pay

MedSpecialized, Inc. is looking for a **Security Analyst**!

**General Description**:We are building a Security Operations Center (SOC). Are you good at identifying & responding to security incidents, driving engineering efforts to minimize risk, and skilled at threat hunting? If yes, then come and join us!

As an SOC Analyst, you will work as part of our Security Operations Center to be the first line of defense. You will use various defense tools to conduct analysis, identify security incidents and violations, help strengthen security controls and work with cross-functional teams with a customer-oriented approach to ensure that a secure workspace is provided to the workforce.

**Work Schedule and Arrangement**: Night shift, Office-based

**Office Location**: 8th floor Skyrise 4B Building, IT Park, Lahug, Cebu City, Cebu

**Responsibilities**:

- Engineer, implement and monitor security measures for the protection of computer systems, networks and information
- Identify and define system security requirements
- Identify and fix detected vulnerabilities to maintain a high-security standard
- Investigate security breaches and other cybersecurity incidents
- Prepare and document standard operating procedures and protocols
- Stay up-to-date on information technology trends and security standards

**Requirements**:

- 1 to 1.5 years relevant work experience
- 10 and 12th - 70 % to 80%
- Current SIEM experience/certifications would be a distinct advantage
- Knowledge of current security trends
- Basic knowledge of Windows server and Unix/Linux operating systems
- Strong experience in SIEM platform implementations
- Should have technical problem-solving skills in terms of logging, integration approach and project handling
- Should have hands-on incorporating logs or events or flows from cloud into SIEM tools
- Superior written and verbal communication skills, with a keen creative eye for details
- Good working knowledge in MS-Office
- Stable internet connection and a conducive work environment at home
- Physically fit to work in a BPO setting
- Willing to work in our Cebu IT Park office at least once a week
- Willing to work during holidays and weekends

**Salary and monetary benefits (in PHP)**:

- Monthly salary of 30,000 or more
- New hire bonus of 5,000

**Perks and other benefits**:

- Paid Training Period
- All national Philippines and USA holidays are observed
- Paid time off—public holidays, vacation, and personal time off
- Robust and effective Government Benefits Administration
- Lactation breaks (for breastfeeding moms)
- Discounted optical services with our partner clinic
- Free lunch/dinner and unlimited coffee and ice cream daily (for on site employees)
- Free Health insurance with one (1) free dependent
- Free Life insurance
- Free Accident insurance
- Relocation allowance for new hires (from Outside Cebu)
- Company-sponsored outings
- Interest-based employee clubs (DOTA, Basketball, Dance, Music, Photography, Yoga)
- International travel opportunities (India and US office)

**Our Recruitment Process**:
2. General Assessment
3. Initial Interview (Virtual)
4. Final Interview (Virtual)
5. Job Offer
6. Training

**Disclaimer for salary ranges**:Salary ranges may not be applicable to all. Depending on the level of experience, educational background and potential for growth seen during interviews, offers may go higher or lower.

**PRO TIP**:prepare for that interview and impress the hiring managers!

**Salary**: Php25,000.00 - Php40,000.00 per month

**Benefits**:

- Company events
- Health insurance
- Life insurance
- Opportunities for promotion
- Paid training
- Staff meals provided

Schedule:

- 8 hour shift

Supplemental pay types:

- 13th month salary
- Overtime pay

**Experience**:

- SIEM: 1 year (required)

Shift availability:

- Night Shift (required)

Risk Assessment

Facilitate annual NIST Cyber Security Framework security assessment with third-party
Conduct risk assessment on various products and services within the organisation and provide recommendations on mitigations.
Respond to customers third party risk assessment and comply with the TPRM specially for APRA regulated customers.
Review security procedures, policies in compliance with NIST CSF or ISO 27001 security frameworks, and that they are up to date, maintained and complied with.
Conduct assessment and respond to vulnerabilities when they surface, the likelihood, impact, and risk to the organisation.
Monitoring & Alerting

Work as a member of the Cyber Security Squad ensuring the security risks is managed appropriately, whilst conducting real-time monitoring, assessing, and triaging alerts.
Contribute to the development of response procedures and promote compliance to policies and standards relating to Cyber Security and reporting
Identify current and emerging technology issues including security trends, vulnerabilities, and threats.
Analysis, Recommendations & Reporting

Provide updates, task status and reporting on a regular basis on security related activities.
Support the effectiveness of the organisations ISMS, recommend, and provide solutions, updates and maintain its status as ISO 27001 certified.

You will be working alongside the talented, diverse team in multiple offices in Manila, UK, and Australia. You will also act to ensure that Sandstone Technology's critical assets are protected from threats both known and unknown.

**Security Architect**

In a world of disruption and increasingly complex business challenges, our professionals bring truth into focus with the Kroll Lens. Our sharp analytical skills, paired with the latest technology, allow us to give our clients clarity—not just answers—in all areas of business. We value the diverse backgrounds and perspectives that enable us to think globally. As part of One team, One Kroll, you’ll contribute to a supportive and collaborative work environment that empowers you to excel.

Kroll is the premier global valuation and corporate finance advisor with expertise in complex valuation, disputes and investigations, M&A, restructuring, and compliance and regulatory consulting. Our professionals balance analytical skills, deep market insight and independence to help our clients make sound decisions. As an organization, we think globally—and encourage our people to do the same.

**Responsibilities**:

- Develop and maintain security policies and procedures
- Review existing and new technology architecture for data privacy and protection compliance
- Review existing and new technology to ensure it adheres to corporate information security standards
- Work with information security engineering to ensure all security tools are deployed
- Conduct routine security meetings
- Educate and promote secure software development lifecycle
- Assess current technology architecture for vulnerabilities, weaknesses and for possible upgrades or improvement
- Travel as needed in support of the Information Security program.

**Requirements**:

- CISSP certification preferred but not required
- Minimum 5-7 years of experience in Information Security related positions
- Minimum 3-5 years of experience in security architecture
- Bachelor's degree in a related field from an accredited college or university
- Good English written and verbal communication skills
- Strong research skills
- Strong project management skills
- Ability to plan and complete tasks with mínimal oversight
- Ability to multi-task and prioritize tasks across a range of projects, adjusting to shifting priorities
- Excellent time management and organization skills
- Strong personal integrity
- Demonstrate commitment to obtaining outstanding results

Kroll is committed to equal opportunity and diversity, and recruits people based on merit.

LI-MF2
efin
LI-Hybrid

Job Scope:
To manage all RX security assessments and play a key part in ensuring RX's security compliance optimization. Monitor assessments while ensuring that Reed Exhibitions internal systems are compliant with RELX and industry standards. Proactively manage the third-party risk assessments, compliance evidence gathering of their IT services, infrastructure, applications and relevant services against their Security policies and related frameworks. Training and development will be provided in all areas of the role as required.
Key Responsibilities:
Security Assessment Management
+ Serve as an advanced technical advisor for third-party assessments, providing detailed security insights and solutions.
+ Perform in-depth security reviews and risk assessments for new and existing third-party vendors, ensuring compliance with organizational and regulatory requirements.
+ Demonstrate advanced knowledge in RELX security compliance policies and procedures.
+ Stay current with updates and developments in security standards such as OWASP Top 10, ISO27001, and SOC 2, and ensure their proper implementation across the organization.
+ Develop and deliver training and awareness on security policies and standards to business units.
+ Gain in-depth knowledge of the organization's major infrastructure security controls, ensuring they align with RELX Policies and Standards, industry best practices, and regulatory requirements.
+ Coordinate with technology/service owners and business owners to conduct annual security audits, vulnerability assessments, and penetration tests where applicable.
+ Work collaboratively within all business areas and key stakeholders to ensure the review and approach of all security governance, risk, and compliance scope is appropriate and proactive.
+ Ensure continuous monitoring and reporting of compliance and risk status against NIST2.0, RELX Framework, ISO27001, SOC2, PCI DSS, regional and global regulations, and all other relevant standards.
+ Support internal and external audits by providing detailed documentation and evidence of security controls and practices.
+ Perform RX Business Unit and Third-Party security audits according to the CISO office strategic plan and produce detailed documentation and evidence against security controls and practices tested.
+ Act as a point of escalation for security-related incidents, providing advanced security support and guidance to Level I Analysts and other team members.
+ Provide regular updates and at least monthly metric reports to senior management on security compliance and risk posture.
+ Escalation of high impact security issues to Security Compliance Manager.
Ideal candidate profile:
Technical Skills:
+ Bachelor's Degree holder.
+ Background in IT, compliance, and/or information security.
+ Ability to work across all levels of seniority within business teams to drive a working partnership.
+ Strong analytical and critical thinking skills.
+ Understanding of industry standards for IT security (e.g., ISO27001/2, SOC 2, PCI DSS).
+ Basic understanding of IT security applications (e.g., firewalls, intrusion detection, virus protection).
+ Understanding of IT security testing and vulnerability management, and Threat Modeling.
+ Understanding in Cloud Environment (e.g., AWS, Azure or GCP)
+ Understanding of Service Level Management.
+ Desired understanding of OneTrust portal or Similar.
+ With CompTIA Security+ or Similar or Higher.
Personal Skills:
+ Ability to work across all levels of seniority within the organization and suppliers to drive a working partnership.
+ Good communication skills at all levels, both oral and written.
+ Good interpersonal skills.
+ Ability to produce effective influence and persuasive arguments in support of security assessment process goals.
+ Highly driven and self-motivated individuals.
+ Skilled in project management and able to work independently in a fast-paced environment.
We are committed to providing a fair and accessible hiring process. If you have a disability or other need that requires accommodation or adjustment, please let us know by completing our Applicant Request Support Form or please contact 1- .
Criminals may pose as recruiters asking for money or personal information. We never request money or banking details from job applicants. Learn more about spotting and avoiding scams here .
Please read our Candidate Privacy Policy .
We are an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law.
USA Job Seekers:
EEO Know Your Rights .
RELX is a global provider of information-based analytics and decision tools for professional and business customers, enabling them to make better decisions, get better results and be more productive.
Our purpose is to benefit society by developing products that help researchers advance scientific knowledge; doctors and nurses improve the lives of patients; lawyers promote the rule of law and achieve justice and fair results for their clients; businesses and governments prevent fraud; consumers access financial services and get fair prices on insurance; and customers learn about markets and complete transactions.
Our purpose guides our actions beyond the products that we develop. It defines us as a company. Every day across RELX our employees are inspired to undertake initiatives that make unique contributions to society and the communities in which we operate.

About the role: As a Cyber Security Analyst – Tier 1 in the Security Operations Center (SOC), you will be the first responder for business-impacting cyber security incidents that arise in our customers' environments. Fast, effective, and courteous service is the lifeblood of our organization, and this position requires nothing less. Your technical acumen will be challenged daily. Quick thinkers who can make decisions on their feet will be successful in this job.
br>What You’ll Do: < r>- Monitor cyber security tools to identify, triage, and report security incidents to customers.
- Leverage available cyber security capabilities to contain security incidents to prevent the lateral spread of malware or lateral movement of attackers.
- Conduct cyber security investigations to identify and rule out false positive security incidents.
- Provide additional cyber security investigatory support to customers as needed.
- Work with a team of like-minded professionals to monitor customer ticket queues and triage tickets that need immediate attention. We service customers as small as 10 users, up to multi-national enterprises.
- Follow pre-defined playbooks and runbooks and collaborate with other technical resources, where appropriate.
- Monitor and process event tickets on a prioritized basis as to the customer impact and urgency of these events.
- Remain cognizant of customer service-level agreements, and strive to meet or exceed them on a regular basis.
- Participate in Incident Management by providing situational reports (sitreps) via ticket updates and/or customer-facing communications.
- Provide first level technical resolution for cyber security incidents.
- Collaborate with our Network Operations Center (NOC) as needed, to document incidents, maintenance, and problems.
- Utilize various systems management tools to monitor availability, reliability, and performance of customer environments.
- Demonstrate problem solving skills that contribute towards the resolution of any issues that arise.
- Quickly assess an issue and form an understanding of the likely root cause in unfamiliar technical environments and technologies.
- Investigate, resolve, and/or escalate matters of significance pertaining to customer alerts and events.
- Document solutions, processes, procedures and present them in writing, verbally on the phone or in-person.
- Commit to professional growth and development by maintaining and/or obtaining new industry specific certifications.

What Skills & Experience You’ll Need: < r>- Experience with monitoring and using a SIEM
Azure Sentinel preferred (Splunk, Elastic, QRadar are nice to have)
- Experience supporting and administering the following is highly desired:
> Crowdstrike (or a similar nextgen endpoint solution)
> Azure or AWS cloud environments, including compute, storage, networking basics, and backups.
> Microsoft O365
> Windows Server OS: Windows 2012 through Windows 2019, including ADDS, DNS, DHCP, DFS, file/print services, PowerShell basics.
- Networking Basics (CompTIA Network+ equivalent).
- At least one of the following industry certifications highly desired: Security+, Network+, CEH, GCIH.
- A curious disposition.
- Strong documentation, reporting, analytical and problem-solving skills.
- The ability to effectively engage in customer-facing communications.

Preferred Qualifications:
- Experience with any of the following tools: Kaseya VSA, Auvik.
- Experience working in IT enterprises that use industry frameworks such as ITIL, COBIT, or MOF.