252 Security Operations Center Soc Analyst jobs in the Philippines

Security Operations Center and Incident Response Manager

Makati City, National Capital Region ₱90000 - ₱120000 Y PwC Singapore

Posted 1 day ago

Job Viewed

Tap Again To Close

Job Description

Line of Service
Assurance

Industry/Sector
Not Applicable

Specialism
Cybersecurity & Privacy

Management Level
Manager

Job Description & Summary
A career in our Risk and Compliance Management practice, within Cybersecurity and Privacy services, will provide you with the opportunity to help our clients implement an effective cybersecurity programme that protects against threats, propels transformation, and drives growth. As companies pivot toward a digital business model, exponentially more data is generated and shared among organisations, partners and customers. You'll play an integral role in helping our clients ensure they are protected by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and increase their cybersecurity investment, and detect, respond, and remediate threats.

Our team helps organisations transform their governance, risk, and compliance activities into a tool that is able to anticipate and mitigate risk to drive business performance. In joining, you'll develop risk management solutions, compliance and ethics controls, business continuity planning, internal audit procedures, and a compliance framework.

To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be a purpose-led and values-driven leader at every level. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.

As a Manager, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:

  • Develop new skills outside of comfort zone.
  • Act to resolve issues which prevent the team working effectively.
  • Coach others, recognise their strengths, and encourage them to take ownership of their personal development.
  • Analyse complex ideas or proposals and build a range of meaningful recommendations.
  • Use multiple sources of information including broader stakeholder views to develop solutions and recommendations.
  • Address sub-standard work or work that does not meet firm's/client's expectations.
  • Use data and insights to inform conclusions and support decision-making.
  • Develop a point of view on key global trends, and how they impact clients.
  • Manage a variety of viewpoints to build consensus and create positive outcomes for all parties.
  • Simplify complex messages, highlighting and summarising key points.
  • Uphold the firm's code of ethics and business conduct.

*Roles & Responsibilities *

  • Lead and manage Organisation's Security Operations Center (SOC).
  • Responsible for incident identification, assessment, quantification, reporting, communication, mitigation and monitoring
  • Responsible for compliance to SLA, process adherence and process optimization to achieve the SOC's operational objectives
  • Responsible for team & vendor management, overall use of resources and initiation of corrective action where required for Security Operations Center
  • Perform threat management, threat modelling, identify threat vectors and develop use cases for security monitoring
  • Responsible for integration of standard and non-standard logs into SIEM
  • Creation of reports, dashboards, metrics for SOC operations and presentation to Executive Management and Cyber and Information security or Risk Management committees
  • Develop and maintain an incident response program/plan consistent with incident response management processes and standards.
  • Implement monitoring tools in the cloud
  • Work with other SOC analysts to create security-related rules to provide alerts on any suspicious activities
  • Conduct periodic threat simulation activities to evaluate the adequacy of deployed detective controls
  • Establish and maintain a database of detected and reported information security incidents
  • Provide support for forensic investigations related to Information security incidents and develop and share security event logging requirements with infrastructure and applications teams
  • Liaise with stakeholders for timely isolation, containment and remediation of Indicators of Compromise (IOCs) related to validated threat intelligence information

Requirements

  • A minimum of a degree in Computer Science / Engineering, Information
  • Technology, Electrical Engineering or a related field of study from a recognised Professional Certification such as CISSP, CISM, CEH or GCIH will be an added advantage
  • A Second degree is an added advantage

Minimum of Five (5) years of relevant IT work experience which may include Information Security, IT Infrastructure Management, IT Vendor Assessment and over two (2) years in a managerial role.
Education
(if blank, degree and/or field of study not specified)
Degrees/Field of Study required:

Degrees/Field of Study preferred:

Certifications
(if blank, certifications not specified)
Required Skills
Optional Skills
Desired Languages
(If blank, desired languages not specified)
Travel Requirements
Available for Work Visa Sponsorship?
Government Clearance Required?
Job Posting End Date

This advertiser has chosen not to accept applicants from your region.

Incident Response Analyst

Taguig, National Capital Region ₱900000 - ₱1200000 Y Baker McKenzie

Posted 1 day ago

Job Viewed

Tap Again To Close

Job Description

The Incident Response Analyst will provide detection, containment, and analysis of security events to protect the confidentiality, integrity, and availability of information systems in accordance with the firm's business objectives, regulatory requirements, and strategic goals.

Responsibilities

  • Provide Tier 2 incident response services to the global organization on behalf of the Information Security Team
  • Receive, process, and resolve tickets per defined SLA's
  • Analyze information garnered from monitoring systems, operational incidents, and other sources to determine the scope and impact of potential security incidents, and process accordingly
  • Critically assess current practices and provide feedback to management on improvement opportunities
  • Assist with the design and implementation of threat detection and prevention solutions identified as necessary for the protection of Firm assets
  • Effectively utilize common IR toolsets, platforms, and processes, such as SIEM, log management, packet capture, and breach detection systems
  • Assist with forensic examinations and chain-of-custody procedures as directed by the Security Incident Response Engineers
  • Provide input into standards and procedures
  • Report compliance failures to management for immediate remediation
  • Maintain assigned systems to ensure availability, reliability, and integrity, including the oversight of current and projected capacity, performance, and licensing
  • Provide status reports and relevant metrics to the Security Operations Manager
  • Contribute to the Firm's security-related information repositories and other marketing/awareness endeavors
  • Participate in special projects as needed

Skills and Experience

Education

  • Possess a Computer Science Bachelor's Degree or substantial equivalent experience

Special Requirements, Licenses, and Certifications (desirable but not required):

  • GSEC, GCIH, GCFE, GREM
  • CISSP or SSCP

Experience

  • Some professional experience in information security with a focus on incident response and forensics
  • Foundational knowledge of IR concepts and best practices, including forensics and chain-of-custody
  • Experience with common IR tools such as SIEM, log management, IDS, breach detection systems (APT/BDS/EDR), and packet capture.
  • Broad understanding of TCP/IP, DNS, common network services, and other foundational topics
  • Working knowledge of malware detection, analysis, and evasion techniques
  • Able to conduct static and dynamic analysis of malware to extract indicators of compromise, profile malware behavior, and provide recommendations for mitigating and detecting malware;
  • Able to analyze suspicious websites, script-based and malware code
  • Experience with vulnerability management tools such as Qualys, Nessus, or other vulnerability scanning discovery tools
  • Broad familiarity with the threat landscape and the ability to adapt practices to evolving circumstances
  • Identify, analyze, and report threats within the enterprise by using information collected from a variety of sources (IDS/IPS, SIEM, AV), to protect data and networks. Implement techniques to hunt for known and unknown threats based on available threat intelligence reports and knowledge of the attacker's TTPs
  • Able to gather and analyze facts, draw conclusions, define problems, and suggest solutions
  • Maintain critical thinking and composure under pressure
  • Strong written and oral communication skills. Ability to convey complex concepts to non-technical constituents. Proficiency in oral and written English
  • Capable of assisting with the preparation of internal training materials and documentation
  • Able to be productive and maintain focus without direct supervision
  • Passionate in the practice and pursuit of IR excellence
  • Can exhibit a disciplined and rigorous approach to incident handling
  • Willing to accommodate shift-based work for a global organization
  • Provide exemplary customer service by striving for first-call resolution and demonstrating empathy, respect, professionalism, and expertise
  • Experience with digital forensics on host or network and identification of anomalous behavior on the network or endpoint devices. Familiar with host and network-based forensic tools such as EnCase, FTK, Sleuth Kit, X Ways, etc.
This advertiser has chosen not to accept applicants from your region.

Incident Response Analyst

Taguig, National Capital Region ₱900000 - ₱1200000 Y B & M Global Services Manila, Inc.

Posted 1 day ago

Job Viewed

Tap Again To Close

Job Description

The Incident Response Analyst will provide detection, containment, and analysis of security events to protect the confidentiality, integrity, and availability of information systems in accordance with the firm's business objectives, regulatory requirements, and strategic goals.

Responsibilities

  • Provide Tier 2 incident response services to the global organization on behalf of the Information Security Team
  • Receive, process, and resolve tickets per defined SLA's
  • Analyze information garnered from monitoring systems, operational incidents, and other sources to determine the scope and impact of potential security incidents, and process accordingly
  • Critically assess current practices and provide feedback to management on improvement opportunities
  • Assist with the design and implementation of threat detection and prevention solutions identified as necessary for the protection of Firm assets
  • Effectively utilize common IR toolsets, platforms, and processes, such as SIEM, log management, packet capture, and breach detection systems
  • Assist with forensic examinations and chain-of-custody procedures as directed by the Security Incident Response Engineers
  • Provide input into standards and procedures
  • Report compliance failures to management for immediate remediation
  • Maintain assigned systems to ensure availability, reliability, and integrity, including the oversight of current and projected capacity, performance, and licensing
  • Provide status reports and relevant metrics to the Security Operations Manager
  • Contribute to the Firm's security-related information repositories and other marketing/awareness endeavors
  • Participate in special projects as needed

Skills and Experience

Education

  • Possess a Computer Science Bachelor's Degree or substantial equivalent experience

Special Requirements, Licenses, and Certifications (desirable but not required):

  • GSEC, GCIH, GCFE, GREM
  • CISSP or SSCP

Experience

  • Some professional experience in information security with a focus on incident response and forensics
  • Foundational knowledge of IR concepts and best practices, including forensics and chain-of-custody
  • Experience with common IR tools such as SIEM, log management, IDS, breach detection systems (APT/BDS/EDR), and packet capture.
  • Broad understanding of TCP/IP, DNS, common network services, and other foundational topics
  • Working knowledge of malware detection, analysis, and evasion techniques
  • Able to conduct static and dynamic analysis of malware to extract indicators of compromise, profile malware behavior, and provide recommendations for mitigating and detecting malware;  Able to analyze suspicious websites, script-based and malware code
  • Experience with vulnerability management tools such as Qualys, Nessus, or other vulnerability scanning discovery tools
  • Broad familiarity with the threat landscape and the ability to adapt practices to evolving circumstances
  • Identify, analyze, and report threats within the enterprise by using information collected from a variety of sources (IDS/IPS, SIEM, AV), to protect data and networks.  Implement techniques to hunt for known and unknown threats based on available threat intelligence reports and knowledge of the attacker's TTPs
  • Able to gather and analyze facts, draw conclusions, define problems, and suggest solutions
  • Maintain critical thinking and composure under pressure
  • Strong written and oral communication skills.  Ability to convey complex concepts to non-technical constituents.
  • Proficiency in oral and written English
  • Capable of assisting with the preparation of internal training materials and documentation
  • Able to be productive and maintain focus without direct supervision
  • Passionate in the practice and pursuit of IR excellence
  • Can exhibit a disciplined and rigorous approach to incident handling
  • Willing to accommodate shift-based work for a global organization
  • Provide exemplary customer service by striving for first-call resolution and demonstrating empathy, respect, professionalism, and expertise
  • Experience with digital forensics on host or network and identification of anomalous behavior on the network or endpoint devices.  Familiar with host and network-based forensic tools such as EnCase, FTK, Sleuth Kit, X Ways, etc.
This advertiser has chosen not to accept applicants from your region.

Incident Response Specialist

Taguig, National Capital Region ₱104000 - ₱130878 Y ESOL IT SERVICES INC.

Posted 1 day ago

Job Viewed

Tap Again To Close

Job Description

We are looking for a skilled Incident Response Specialist to lead the investigation and resolution of high-priority and escalated security incidents. In this role, you will work closely with internal teams to improve the bank's cybersecurity defenses and ensure timely response to threats.

What You'll Do

Incident Handling & Investigation

  • Lead investigations of complex or escalated security incidents.
  • Perform deep-dive forensic analysis, including root cause and post-incident reviews.
  • Act as an escalation point for other analysts during critical security events.
  • Analyze incidents to assess impact, risk, and potential data compromise.

Threat Containment & Response

  • Lead threat containment, eradication, and recovery efforts.
  • Identify malware behavior, compromised systems, and data infiltration attempts.
  • Provide guidance to teams on remediation and recovery strategies.
  • Communicate response plans clearly to asset owners and other stakeholders.

Threat Intelligence & Analysis

  • Use threat intelligence to assess scope and impact of attacks.
  • Analyze network traffic, malware, and suspicious behaviors to support investigations.
  • Support Threat Hunting and SOC Tool teams with new detection methods.

Documentation & Playbooks

  • Document incidents thoroughly from detection to resolution.
  • Develop, update, and test incident response procedures and playbooks.
  • Participate in simulations and response drills to ensure readiness.

Collaboration & Support

  • Work with Infrastructure & Operations teams to resolve incidents.
  • Collaborate with the SOC Manager and Incident Response Lead to improve processes.
  • Review system metrics and monitoring data to identify trends and anomalies.

Tool Management & Continuous Improvement

  • Evaluate, recommend, and troubleshoot security tools and technologies.
  • Contribute to improving SOC policies, procedures, and overall maturity.
  • Stay informed about new threats, vulnerabilities, and compliance requirements.

Additional Responsibilities

  • Perform other tasks as assigned by the CTMD Head.
What We're Looking For
  • Education: Bachelor's degree in Computer Science, Cybersecurity, or a related field.
  • Experience: Proven experience in incident response, malware analysis, and threat detection.
  • Technical Skills:

  • Strong understanding of network, system, and application security.

  • Hands-on experience with SOC tools, threat intelligence platforms, and forensic tools.
  • Soft Skills:

  • Clear communication with both technical and non-technical stakeholders.

  • Strong analytical, problem-solving, and decision-making abilities.
  • Ability to perform under pressure and manage escalated incidents.
  • Knowledge: Familiarity with regulatory requirements and cybersecurity frameworks (e.g., ISO, NIST, etc.).
This advertiser has chosen not to accept applicants from your region.

Incident Response Analyst

Makati City, National Capital Region ₱900000 - ₱1200000 Y ePLDT, Inc.

Posted today

Job Viewed

Tap Again To Close

Job Description

Job Description:

Security Alert Triage

  • Continuously monitoring security alerts generated by various security tools via SecOps and messaging apps (firewalls, intrusion detection systems, etc.)
  • Analyzing alerts to determine their severity, legitimacy (potential false positives), and potential organizational impact.
  • Prioritizing alerts based on a predefined risk assessment framework.

Initial Investigation

  • Conducting basic investigations on prioritized alerts to gather additional context and evidence.
  • Utilizing security tools and threat intelligence feeds to enrich their understanding of the incident.

Incident Classification and Reporting

  • Classifying incidents based on predefined categories (e.g., phishing, malware, unauthorized access attempt).
  • Documenting the incident details, including timeline, potential impact, and initial investigation findings.
  • Reporting the incident to relevant internal stakeholders (security team leads, IT management).

Initial Containment

  • Implementing basic containment actions based on the incident type (e.g., isolating compromised systems, disabling user accounts).
  • This may involve following established playbooks or procedures for specific threats.

Job Qualifications:

Education: Bachelor's degree in computer science, Computer Engineering, Information Technology, Electronic and Communications Engineering, course with specialization in Cybersecurity, and another related course

Relevant Experience: Fundamental knowledge of Cybersecurity Concepts and Frameworks

Knowledge/Training: Service Management Framework, MITRE Framework, SIEM, SOAR, Network and Endpoint Security Tools

Certification/License: CompTIA Security+, Certified Blue Team, or any other Security Operations Related Certification is an advantage

Work Condition: Able to work onsite in Makati. The role will be part of a 24/7 shifting schedule.

This advertiser has chosen not to accept applicants from your region.

Incident Response Analyst

Taguig, National Capital Region ₱720000 - ₱1440000 Y Ben edictio

Posted today

Job Viewed

Tap Again To Close

Job Description

Hiring for Incident Response Analyst

  • Full-time

  • Location: Taguig City

  • Set-up: Hybrid (8x RTO per month)

  • Schedule: Shifting every 2 months (Day, Mid, Night)

___

JOB SUMMARY:

To provide detection, containment, and analysis of security events to protect the confidentiality, integrity, and availability of information systems per the firm's business objectives, regulatory requirements, and strategic goals.

___

JOB RESPONSIBILITIES:

  • At least 4 years of relevant experience
  • 1-2 years forensic analysis

Job Types: Full-time, Permanent

Pay: Up to Php120,000.00 per month

Application Question(s):

  • Are you amenable to work on hybrid set-up in Taguig?

Experience:

  • Incident response: 4 years (Preferred)
  • Forensic analysis: 2 years (Preferred)

Work Location: In person

This advertiser has chosen not to accept applicants from your region.

Incident Response Analyst

₱1200000 - ₱2400000 Y Thrive

Posted today

Job Viewed

Tap Again To Close

Job Description

About Us
Thrive is a rapidly growing technology solutions provider focusing upon Cloud, Cyber Security, Networking, Disaster Recovery and Managed Services. Our corporate culture, engineering talent, customer-centric approach, and focus upon "next generation" services help us stand out amongst our peers. Thrive is on the look-out for individuals who don't view their weekdays spent at "a job", but rather look to develop valuable skills that ignite their passion and lead to a CAREER. If you're attracted to a "work hard, play hard" environment, seeking the guidance, training, and experience necessary to build a lucrative career, then welcome to THRIVE

Position Overview

With a growing client base, Thrive is continuing to build out its security team. We are looking to hire an Incident Response Analyst to take a role within our Security Operation Center. The analyst will assist with continuously monitoring and improving our customers' security posture, while preventing, detecting, analyzing, and responding to cybersecurity incidents utilizing technology and well-defined processes and procedures. The ideal candidate will have a passion for information security and will value what a professionally managed Security monitoring solution can bring to our client needs.

Primary Responsibilities

  • Process investigation requests from SOC Analysts who perform security event monitoring using Security Information and Event Management (SIEM) from multiple sources, including but not limited to, events from network and host-based intrusion detection/prevention systems, network infrastructure logs, systems logs, applications, and databases.
  • Investigate intrusion attempts, differentiate false positives from true intrusion attempts, and perform in-depth analysis of exploits
  • Lead incident response and threat hunting efforts for confirmed High Priority security incidents and follow through until resolution
  • Utilize threat intelligence to identify and investigate potential security threats
  • Develop playbooks for incident response and incident management processes, including threat triage, incident investigation, and incident resolution
  • Conduct regular reviews of playbooks to ensure they are current and effective
  • Work with cross-functional teams to ensure that playbooks are aligned with the overall security strategy and goals
  • Participate in tabletop exercises and drills to test and validate playbooks
  • Monitor and evaluate security incidents to identify opportunities for improving playbooks
  • Keep up to date with current security threats and trends to ensure that playbooks are relevant and effective
  • Actively investigate the latest security vulnerabilities, advisories, incidents, and TTPs (tactics, techniques, and procedures) and work with the Security Engineering team to recommend use cases
  • Proactive monitoring, threat hunting, and response of known and/or emerging threats
  • Carry out Thrive's information security strategy both internally and externally for 400+ clients
  • Analyze data from our SOC, SIEM and EDR platforms and determine if further analysis is needed
  • Work within Thrive's security standards and best practices and recommend future enhancements
  • Stay abreast of security events and techniques to keep our clients protected

Qualifications

  • Demonstrates comprehension of best security practices
  • Has advanced knowledge of the following systems and technologies:
  • SIEM (Security Information and Event Management)
  • TCP/IP, computer networking, routing, and switching
  • IDS/IPS, penetration and vulnerability testing
  • Firewall and intrusion detection/prevention protocols
  • Windows, UNIX, and Linux operating systems
  • Network protocols and packet analysis tools
  • EDR, Anti-virus, and anti-malware
  • Content filtering
  • Email and web gateway.
  • Malware, Network, or System Analysis
  • Professional experience in an Incident Response Role
  • Ability to collaborate and communicate security issues to clients, peers, and management
  • Strong analytical and problem-solving skills
  • Adaptability and resilience in rapidly evolving situations
  • Ability to be a part of an on-call rotation, occasionally working nights, and weekends to support High Priority Security Incidents

Required Skills:

  • Technical proficiency in networking, operating systems, and security technologies
  • Familiarity with security tools like SIEM, IDS/IPS, EDR, and forensic analysis tools
  • Understanding of incident response procedures and methodologies
  • Understanding of frameworks such as MITRE ATT&CK and the Cyber Kill chain,
  • Familiarity with TCP/IP network protocols, application layer protocols (e.g., HTTP, SMTP, DNS, etc.)
  • Experience in responding to and investigating cloud, system, or network intrusions
  • Excellent Written and Verbal Communication Skills
  • Expertise in forensics, malware analysis, and network intrusion response

Preferred Skills

  • Knowledge of common Windows and Linux/Unix system calls and APIs
  • Knowledge of programming languages
  • Knowledge of internal file structures for file formats commonly associated with malware
  • Knowledge or experience in Detection Engineering
This advertiser has chosen not to accept applicants from your region.
Be The First To Know

About the latest Security operations center soc analyst Jobs in Philippines !

Senior Security Incident Response Analyst

₱900000 - ₱1200000 Y Five9

Posted 1 day ago

Job Viewed

Tap Again To Close

Job Description

Join us in bringing joy to customer experience. Five9 is a leading provider of cloud contact center software, bringing the power of cloud innovation to customers worldwide.

Living our values everyday results in our team-first culture and enables us to innovate, grow, and thrive while enjoying the journey together. We celebrate diversity and foster an inclusive environment, empowering our employees to be their authentic selves.

Job Title:
Sr. Security Incident Response Analyst

Location:
Manila

Work Schedule:
Day-Shift Manila Time (8am to 5pm)

Company Overview:
Five9 provides businesses with reliable, scalable, and secure cloud contact center software designed to create exceptional customer experiences, increase agent productivity, and deliver tangible business results.

We are driven by a passion to transform contact centers into customer engagement centers of excellence. Since 2001, Five9 has led the cloud revolution in contact centers, helping organizations transition from legacy premise-based solutions to the cloud. The Sr Security Incident Response Analyst will ensure a swift and effective response to security incidents. This role requires a deep understanding of incident management best practices and a proven ability to navigate high-pressure situations.

We are looking for an experienced Sr Security Incident Response Analyst to join our Cyber Command Center team. This role includes hands-on involvement in incident response, detection engineering, and security automation. We value a candidate who is autonomous, responsible, and motivated. The right candidate will be comfortable pointing out weak points in our operation and implementing innovative changes that continuously improve our security posture.

Responsibilities:

  • Participate in and lead incident response efforts, from triage to remediation
  • Develop and maintain detection rules, ensuring alerts are high-quality and actionable
  • Perform detection tuning based on threat intelligence, use cases, and incident learnings
  • Build and maintain SOAR playbooks to streamline and automate key workflows
  • Contribute to continuous improvement of SOC processes, tooling, and documentation

Required Qualifications:

  • 3–5 years specifically in incident response and security operations (SOC)
  • Strong analytical and problem-solving skills
  • Excellent communication and reporting abilities (especially during incident escalation)
  • Ability to work under pressure and lead incident investigations
  • Bachelor's degree in Computer Science, Information Security, Cybersecurity, or a related field
  • Hands-on experience with modern SIEMs
  • Experience working with SOAR platforms (e.g., writing and maintaining automation playbooks)
  • Background in security investigations
  • Strong understanding of log sources, detection logic, and correlation techniques
  • Familiarity with scripting or automation (e.g., Python, Bash)

Preferred Qualifications:

  • Exposure to threat hunting and behavioral detection techniques
  • Experience with cloud environments (GCP, AWS, or Azure)
  • Familiarity with EDR solutions and host-level investigation techniques
  • Experience with hot/cold forensics techniques
  • Experience with reverse engineering
  • Background in enterprise-driven SaaS or customer experience is a plus

What We Offer:

  • A role with real impact in improving and maturing our globally distributed security operations
  • A collaborative environment that encourages autonomy, ownership, and new ideas
  • Opportunities to work on a variety of tasks across detection, response, and automation
  • Support for professional development and growth within the security field

Company Benefits

  • Company stocks
  • Annual merit increase based on performance
  • 15% night shift differential pay
  • Paid Leave with Cash Conversion
  • HMO with free dependents
  • Retirement Plan
  • Life Insurance
  • While on work from home setup: Internet and meal allowance are provided
  • Employee Assistance Program for mental and social well-being
  • Government-mandated Benefits (SSS, PhilHealth, PagIBIG, 13th month pay, Solo parent leave, Special leave for women)

Five9 embraces diversity and is committed to building a team that represents a variety of backgrounds, perspectives, and skills.  The more inclusive we are, the better we are.  Five9 is an equal opportunity employer.

View our privacy policy, including our privacy notice to California residents here:

Note: Five9 will never request that an applicant send money as a prerequisite for commencing employment with Five9.

This advertiser has chosen not to accept applicants from your region.

Senior Security Incident Response Analyst

₱1200000 - ₱2400000 Y Five9

Posted today

Job Viewed

Tap Again To Close

Job Description

Join us in bringing joy to customer experience. Five9 is a leading provider of cloud contact center software, bringing the power of cloud innovation to customers worldwide.

Living our values everyday results in our team-first culture and enables us to innovate, grow, and thrive while enjoying the journey together. We celebrate diversity and foster an inclusive environment, empowering our employees to be their authentic selves.

Job Title: Sr. Security Incident Response Analyst

Location: Manila

Work Schedule: Day-Shift Manila Time (8am to 5pm)

Company Overview: Five9 provides businesses with reliable, scalable, and secure cloud contact center software designed to create exceptional customer experiences, increase agent productivity, and deliver tangible business results.

We are driven by a passion to transform contact centers into customer engagement centers of excellence. Since 2001, Five9 has led the cloud revolution in contact centers, helping organizations transition from legacy premise-based solutions to the cloud. The Sr Security Incident Response Analyst will ensure a swift and effective response to security incidents. This role requires a deep understanding of incident management best practices and a proven ability to navigate high-pressure situations.

We are looking for an experienced Sr Security Incident Response Analyst to join our Cyber Command Center team. This role includes hands-on involvement in incident response, detection engineering, and security automation. We value a candidate who is autonomous, responsible, and motivated. The right candidate will be comfortable pointing out weak points in our operation and implementing innovative changes that continuously improve our security posture.

Responsibilities:

  • Participate in and lead incident response efforts, from triage to remediation
  • Develop and maintain detection rules, ensuring alerts are high-quality and actionable
  • Perform detection tuning based on threat intelligence, use cases, and incident learnings
  • Build and maintain SOAR playbooks to streamline and automate key workflows
  • Contribute to continuous improvement of SOC processes, tooling, and documentation

Required Qualifications:

  • 3–5 years specifically in incident response and security operations (SOC)
  • Strong analytical and problem-solving skills
  • Excellent communication and reporting abilities (especially during incident escalation)
  • Ability to work under pressure and lead incident investigations
  • Bachelor's degree in Computer Science, Information Security, Cybersecurity, or a related field
  • Hands-on experience with modern SIEMs
  • Experience working with SOAR platforms (e.g., writing and maintaining automation playbooks)
  • Background in security investigations
  • Strong understanding of log sources, detection logic, and correlation techniques
  • Familiarity with scripting or automation (e.g., Python, Bash)

Preferred Qualifications:

  • Exposure to threat hunting and behavioral detection techniques
  • Experience with cloud environments (GCP, AWS, or Azure)
  • Familiarity with EDR solutions and host-level investigation techniques
  • Experience with hot/cold forensics techniques
  • Experience with reverse engineering
  • Background in enterprise-driven SaaS or customer experience is a plus

What We Offer:

  • A role with real impact in improving and maturing our globally distributed security operations
  • A collaborative environment that encourages autonomy, ownership, and new ideas
  • Opportunities to work on a variety of tasks across detection, response, and automation
  • Support for professional development and growth within the security field

Company Benefits

  • Company stocks
  • Annual merit increase based on performance
  • 15% night shift differential pay
  • Paid Leave with Cash Conversion
  • HMO with free dependents
  • Retirement Plan
  • Life Insurance
  • While on work from home setup: Internet and meal allowance are provided
  • Employee Assistance Program for mental and social well-being
  • Government-mandated Benefits (SSS, PhilHealth, PagIBIG, 13th month pay, Solo parent leave, Special leave for women)

Five9 embraces diversity and is committed to building a team that represents a variety of backgrounds, perspectives, and skills. The more inclusive we are, the better we are. Five9 is an equal opportunity employer.

View our privacy policy, including our privacy notice to California residents here:

Note: Five9 will never request that an applicant send money as a prerequisite for commencing employment with Five9.

This advertiser has chosen not to accept applicants from your region.

Incident Response Senior Associate

₱1200000 - ₱2400000 Y The Depository Trust & Clearing Corporation (DTCC)

Posted 1 day ago

Job Viewed

Tap Again To Close

Job Description

Are you ready to make an impact at DTCC?

Do you want to work on innovative projects, collaborate with a dynamic and supportive team, and receive investment in your professional development? At DTCC, we are at the forefront of innovation in the financial markets. We're committed to helping our employees grow and succeed. We believe that you have the skills and drive to make a real impact. We foster a thriving internal community and are committed to creating a workplace that looks like the world that we serve.

Pay And Benefits

  • Competitive compensation, including base pay and annual incentive.
  • Comprehensive health and life insurance and well-being benefits, based on location.
  • Pension / Retirement benefits
  • Paid Time Off and Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
  • DTCC offers a flexible/hybrid model of 3 days onsite and 2 days remote (onsite Tuesdays, Wednesdays and a third day unique to each team or employee).

The Impact You Will Have In This Role
Being a member of the Cyber Monitoring & Incident Response Team at DTCC, you directly contribute to the security and stability of the global financial system. The mission of the CMIRT is to protect the organization from external cyber threats and to respond to and manage cyber incidents. Through multiple teams located in different geographic locations, the team performs round-the-clock monitoring and leads cyber incident response, digital forensics, and eDiscovery functions. As a critical component of the risk organization, the team's performance and initiatives are scrutinized directly by the Executive Committee, Board of Directors, and numerous industry regulators. As a result of our critical mission, our team must maintain the highest standards of performance and ethical behavior.

Principles That Apply To Every Member Of The CMIRT

  • Have Integrity - Tell the truth, protect the secrets that we are trusted with, and honor your commitments.
  • Be Present – Commit to the team by showing up on time and being prepared.
  • Communicate – Communicate regularly and be proactive.
  • Take Ownership – Regardless of title or position, own the outcome of the mission.
  • Always Be Learning – Cyber security is not static, and neither is the CMIRT.
  • Make Honest Mistakes – Mistakes will be made. Own them and learn from them.

Your Primary Responsibilities
Reporting to the CMIRT Regional Manager and working with technical leads and other associates, you are responsible for detecting, investigating, and responding to cyber security events in the organization as well as handling technical projects. You are a member of the Cyber Monitor Incident Response Team (CMIRT) and as a result may be tasked with responding to cyber incidents outside of normal work hours.

Expectations For The Incident Response Senior Associate

  • Monitor, Detect, Analyze, research, and respond to cyber security events including Network events, OS Log events and forensic information.
  • Demonstrate strong grasp of forensic interpretation of data.
  • Perform eDiscovery and other technical tasks.
  • Independently lead investigations and small projects.
  • Act as Incident Commander on minor (P3-P4) incidents.
  • Train and mentor junior staff members.
  • Collaborate with stakeholders from other business units to conduct investigations, review plans and procedures, and respond to cyber incidents.
  • Participate in training, exercises, and process improvement program.
  • Occasionally travel to conferences, training, and other DTCC offices (up to 10%).
  • Participate in on-call rotation and occasional after-hours work.

**NOTE: The Primary Responsibilities of this role are not limited to the details above. **

Qualifications

  • At least four (4) years previous experience as a SOC analyst or similar role.
  • Bachelor's degree preferred or equivalent experience.

Talents Needed For Success

  • Demonstrate the ability to research and mentor team members on interpreting on OS log files, network logs, flow data, packets and other security data.
  • Knowledge on end to end Incident response process.
  • Demonstrate the ability to produce written reports including detailed analysis and recommendations.
  • Demonstrate the ability to convey complex technical concepts to both technical and non-technical audiences.
  • Knowledge on at-least one scripting language is advantageous.
  • Be a subject matter expert in a particular technology or security domain as well as have hands-on experience and knowledge of security tools such as SIEM, EDR, IDS, NDR.
  • Knowledge in DFIR best practices and Cloud security.
  • Intermediate to advanced level of Malware analysis skills in both sandbox and manual methods.
  • Demonstrate the ability to take minimal high-level requirements and independently produce and execute an action plan to accomplish tasks.
  • Demonstrate the ability to independently prioritize and manage multiple tasks.
  • Demonstrate a strong desire to achieve and contribute to a high-performing team.
This advertiser has chosen not to accept applicants from your region.
 

Nearby Locations

Other Jobs Near Me

Industry

  1. request_quote Accounting
  2. work Administrative
  3. eco Agriculture Forestry
  4. smart_toy AI & Emerging Technologies
  5. school Apprenticeships & Trainee
  6. apartment Architecture
  7. palette Arts & Entertainment
  8. directions_car Automotive
  9. flight_takeoff Aviation
  10. account_balance Banking & Finance
  11. local_florist Beauty & Wellness
  12. restaurant Catering
  13. volunteer_activism Charity & Voluntary
  14. science Chemical Engineering
  15. child_friendly Childcare
  16. foundation Civil Engineering
  17. clean_hands Cleaning & Sanitation
  18. diversity_3 Community & Social Care
  19. construction Construction
  20. brush Creative & Digital
  21. currency_bitcoin Crypto & Blockchain
  22. support_agent Customer Service & Helpdesk
  23. medical_services Dental
  24. medical_services Driving & Transport
  25. medical_services E Commerce & Social Media
  26. school Education & Teaching
  27. electrical_services Electrical Engineering
  28. bolt Energy
  29. local_mall Fmcg
  30. gavel Government & Non Profit
  31. emoji_events Graduate
  32. health_and_safety Healthcare
  33. beach_access Hospitality & Tourism
  34. groups Human Resources
  35. precision_manufacturing Industrial Engineering
  36. security Information Security
  37. handyman Installation & Maintenance
  38. policy Insurance
  39. code IT & Software
  40. gavel Legal
  41. sports_soccer Leisure & Sports
  42. inventory_2 Logistics & Warehousing
  43. supervisor_account Management
  44. supervisor_account Management Consultancy
  45. supervisor_account Manufacturing & Production
  46. campaign Marketing
  47. build Mechanical Engineering
  48. perm_media Media & PR
  49. local_hospital Medical
  50. local_hospital Military & Public Safety
  51. local_hospital Mining
  52. medical_services Nursing
  53. local_gas_station Oil & Gas
  54. biotech Pharmaceutical
  55. checklist_rtl Project Management
  56. shopping_bag Purchasing
  57. home_work Real Estate
  58. person_search Recruitment Consultancy
  59. store Retail
  60. point_of_sale Sales
  61. science Scientific Research & Development
  62. wifi Telecoms
  63. psychology Therapy
  64. pets Veterinary
View All Security Operations Center Soc Analyst Jobs