211 System Security jobs in the Philippines

• Azure Infrastructure & Security: NSGs, Routing, Peering, Private Endpoints, Firewalls, WAFs, Sentinel
• Networking: Cisco, FortiGate, VPN, Hybrid Connectivity, Network Security
• IAM & PAM: Azure AD, Conditional Access, RBAC, Azure PIM, CyberArk, BeyondTrust
• Automation & Scripting: PowerShell, Infrastructure as Code (IaC)
• Virtualisation: VMware, Hyper-V
• Security Standards & Compliance: Essential 8, NIST, SOCI
• SIEM & Log Management: Azure Sentinel, Security log ingestion

Let's be #BrilliantTogether

Overview
The role's primary focus is protecting the Firm's information security interests, leveraging advanced security tools and applications. As part of the Information Security Office (ISO), this role will work closely with technology functions to identify areas of improvement and supporting initiatives to promote information security within the organization.

Responsibilities

• Planning, implementing, managing, monitoring, and upgrading security measures for the protection of the organization's data, systems, and networks.
• Troubleshooting Security and network related problems.
• Responding to all system and/or network security issues.
• Ensuring the organization's data and infrastructure are protected by enabling the appropriate security controls.
• Participating in the change management process.
• Testing and identifying network and/or system security vulnerabilities.
• Evaluating the organization's security requirements and establishing best practices and standard accordingly.
• Daily administrative tasks, reporting, and communication with the relevant stakeholders in the organization.

Required Qualifications- Bachelor's degree in information technology or a related IT course.
- At least 4–6 years of experience in Security Engineering, including establishing and monitoring information security controls.
- Minimum of 4 years of hands-on experience with at least 1 or more of the following security tools and technologies:

• Zscaler Cloud Security
• Microsoft Sentinel
• Microsoft Defender Suites (Identity, Endpoint, Security, Cloud, etc.)
• CyberArk Privileged Access Management (PAM)
• Tenable Vulnerability Management
• Physical Security
• Excellent verbal and written communication skills, with the ability to coordinate effectively with vendors and global teams. Proven and strong technical writing capability – candidates should be prepared to provide and/or discuss writing samples.
• Strong administrative capabilities in task development, time management, and resource allocation to meet target deadlines.
• Demonstrated troubleshooting, follow-through, and critical-thinking skills.
• High level of risk intelligence and security awareness.
• Relevant vendor and/or vendor neutral certification(s) such as Microsoft Security Operations Analyst (SC-200), Microsoft Cybersecurity Architect (SC-100), CyberArk Trustee / CyberArk Defender / CyberArk Sentry / CyberArk Guardian, Zscaler Digital Transformation Administrator (ZDTA) / Zscaler Digital Transformation Engineer (ZDTE), CASP+, ISC2 SSCP.

Work Shift and Arrangement

• Embrace a dynamic work environment to work on a mid-shift (2:00PM-11:00PM PHT) or graveyard shift (11:00PM-8:00AM PHT).
• On-call rotation participation.
• Amenable to go on a hybrid working arrangement (at least 3 days work onsite per week) and work in Makati City.

What You Can Expect From Us
At ISS STOXX, our people are our driving force. We are committed to building a culture that values diverse skills, perspectives, and experiences. We hire the best talent in our industry and empower them with the resources, support, and opportunities to grow—professionally and personally.

Together, we foster an environment that fuels creativity, drives innovation, and shapes our future success.

Let's empower, collaborate, and inspire.

Let's be #BrilliantTogether.

About ISS STOXX
ISS STOXX GmbH is a leading provider of research and technology solutions for the financial market. Established in 1985, we offer top-notch benchmark and custom indices globally, helping clients identify investment opportunities and manage portfolio risks. Our services cover corporate governance, sustainability, cyber risk, and fund intelligence. Majority-owned by Deutsche Börse Group, ISS STOXX has over 3,400 professionals in 33 locations worldwide, serving around 6,400 clients, including institutional investors and companies focused on ESG, cyber, and governance risk. Clients trust our expertise to make informed decisions for their stakeholders' benefit.

Visit our website:

View additional open roles:

Institutional Shareholder Services ("ISS") is committed to fostering, cultivating, and preserving a culture of diversity and inclusion. It is our policy to prohibit discrimination or harassment against any applicant or employee on the basis of race, color, ethnicity, creed, religion, sex, age, height, weight, citizenship status, national origin, social origin, sexual orientation, gender identity or gender expression, pregnancy status, marital status, familial status, mental or physical disability, veteran status, military service or status, genetic information, or any other characteristic protected by law (referred to as "protected status"). All activities including, but not limited to, recruiting and hiring, recruitment advertising, promotions, performance appraisals, training, job assignments, compensation, demotions, transfers, terminations (including layoffs), benefits, and other terms, conditions, and privileges of employment, are and will be administered on a non-discriminatory basis, consistent with all applicable federal, state, and local requirements.

Job description:

About the Role

We are looking for a skilled Web & API Security Engineer with strong offensive security expertise. In this hands-on role, you will test modern web applications and APIs to find vulnerabilities, simulate real-world attacks, and work with engineering teams to improve our platform's security.

What You'll Do

• Perform manual security testing on web applications and APIs (REST, GraphQL, gRPC).
• Identify vulnerabilities such as logic flaws, authentication bypasses, and chained exploits.
• Simulate real-world attacks and design potential attack paths.
• Test and analyze security controls like WAFs, rate limits, and authentication systems.
• Document findings clearly to help engineers fix issues quickly.
• Explore edge cases and scenarios often missed by automated tools.

What We're Looking For

• Proven experience in penetration testing of web apps and APIs.
• Strong knowledge of HTTP, cookies, sessions, JWTs, CORS, and authentication flows.
• Expertise in AuthN/AuthZ vulnerabilities (OAuth, IDOR, BOLA, SSO bypass).
• Familiarity with API attack methods (replay attacks, schema issues, parameter pollution).
• Proficiency with tools like Burp Suite Pro, Postman, sqlmap, jwt_tool, and scripting (Python/Bash).
• Ability to think like an attacker and uncover hidden risks.

About the Role

We are looking for a skilled Web & API Security Engineer with strong offensive security expertise. In this hands-on role, you will test modern web applications and APIs to find vulnerabilities, simulate real-world attacks, and work with engineering teams to improve our platform's security.

What You'll Do

• Perform manual security testing on web applications and APIs (REST, GraphQL, gRPC).
• Identify vulnerabilities such as logic flaws, authentication bypasses, and chained exploits.
• Simulate real-world attacks and design potential attack paths.
• Test and analyze security controls like WAFs, rate limits, and authentication systems.
• Document findings clearly to help engineers fix issues quickly.
• Explore edge cases and scenarios often missed by automated tools.

What We're Looking For

• Proven experience in penetration testing of web apps and APIs.
• Strong knowledge of HTTP, cookies, sessions, JWTs, CORS, and authentication flows.
• Expertise in AuthN/AuthZ vulnerabilities (OAuth, IDOR, BOLA, SSO bypass).
• Familiarity with API attack methods (replay attacks, schema issues, parameter pollution).
• Proficiency with tools like Burp Suite Pro, Postman, sqlmap, jwt_tool, and scripting (Python/Bash).
• Ability to think like an attacker and uncover hidden risks.

Join us and enjoy benefits designed to help you thrive:

• Flexible hybrid work setup (1-2 days/month onsite reporting)
• IT Equipment provided
• HMO coverage starting from Day 1 for you and FOUR FREE dependents
• Attractive retirement package with company matching
• Life and Accident Insurance starting Day 1
• 24 Annual PTOs, additional 6 once you reach your 5th year with us
• Competitive benefits with annual merit increase and incentives
• Continuous improvement for our employees (workshops, certification programs, learning sessions, etc.)

The Security Engineer I will perform tasks centered on network environments and will be part of SOC team, building experience while leveraging the team's expertise to accelerate learning and understanding of the SOC and Information Security. The role will protect IT infrastructure from a range of cyber threats. Monitor networks and systems, detect security threats ('events'), analyze and assess alarms, and report on threats, intrusion attempts and false alarms, either resolving them or escalating them, depending on the severity.

• Monitor and respond to security alerts generated by technologies such as SIEM, IDS, EDR or security reports sent directly to the information security mailboxes within a given SLA
• Performing triage, in-depth analysis and investigation as guided by processes and playbooks
• Assist with incident response and post incident reviews
• Respond to security related service requests
• Conduct security investigations using historical data
• Conduct investigations with a wide range of data sets across multiple customer environments
• Develop and maintain a strong relationship with the client, IT and Information Security teams.

Requirements

• Bachelor's Degree holder
• Excellent communication skills
• Ability to work on a shift rotation, including working regular weekends and nightshifts
• a passion for cyber security and a keen interest in IT
• an understanding of the cyber security risks associated with various technologies and ways to manage them
• a good working knowledge of various security technologies such as network and application firewalls, host intrusion prevention and anti-virus
• analytical and problem-solving skills to identify and assess risks, threats, patterns and trends
• verbal communication skills, including presentation skills, with an ability to communicate with a range of technical and non-technical team members and other relevant individuals
• written communication skills, for example to write technical reports
• excellent attention to detail

A leading financial institution is seeking a Security Engineer (SIEM) to join their expert cybersecurity team in Taguig.

This is an exceptional opportunity for you to play a pivotal role in safeguarding digital assets, ensuring robust threat detection, and supporting the continuous evolution of security monitoring capabilities. The organisation offers a collaborative environment where your technical expertise will be valued, and your contributions will directly impact the safety and resilience of critical systems. You will benefit from flexible working opportunities, access to ongoing training, and the chance to work alongside knowledgeable professionals who are committed to nurturing talent and fostering professional growth. If you are passionate about defending against cyber threats and eager to make a meaningful difference within a supportive network, this position provides the perfect platform for your next career move.

• Join a highly skilled cybersecurity team dedicated to protecting vital digital infrastructure and responding proactively to emerging threats across the organisation.
• Enjoy flexible working opportunities, comprehensive training programmes, and the support of experienced colleagues who value knowledge sharing and professional development.
• Contribute directly to the enhancement of security operations by leveraging advanced SIEM technologies, collaborating with cross-functional teams, and participating in continuous improvement initiatives.

What You'll Do
As a Security Engineer Security (SIEM), you will immerse yourself in hands-on cybersecurity operations that are essential for real-time threat detection and rapid incident response. Your day-to-day responsibilities will involve administering sophisticated SIEM solutions, optimising detection rules, conducting forensic investigations when necessary, and integrating up-to-date threat intelligence into monitoring workflows. You will collaborate with cross-functional teams to ensure that incident handling is seamlessly embedded throughout the organisation's operations. In addition to supporting both defensive strategies—such as managing firewalls or endpoint protections—and offensive measures like penetration testing simulations, you will also contribute significantly to developing standardised playbooks for incident response. By continuously refining these procedures based on lessons learned from actual events, you will help drive improvements in overall security posture. Your ability to communicate findings clearly with stakeholders ensures that everyone remains informed about current threats while aligning security efforts with broader organisational objectives.

• Detect, escalate, and remediate cybersecurity incidents efficiently while ensuring minimal disruption to business operations through effective incident management processes.
• Conduct thorough investigations into security events, perform root cause analyses, and participate in post-incident reviews to strengthen organisational defences.
• Collaborate closely with various internal teams to ensure seamless integration of incident handling procedures across all operational areas.
• Perform forensic analysis and malware investigations as required to uncover the source and impact of security breaches.
• Engage in proactive threat hunting activities to identify anomalies, suspicious behaviours, and potential breaches before they escalate into significant incidents.
• Analyse new threats, vulnerabilities, and attack vectors in order to anticipate risks and adapt security measures accordingly.
• Integrate actionable threat intelligence into SIEM rulesets and workflows within the Security Operations Centre (SOC) environment.
• Support both defensive measures such as firewall rule management, endpoint protection strategies, patching protocols as well as offensive techniques like penetration testing and simulation exercises.
• Operate, maintain, and optimise SIEM platforms along with other SOC technologies to ensure high availability, accuracy, and effectiveness of security monitoring tools.
• Develop and refine incident response playbooks for various attack scenarios while maintaining clear documentation of SOC activities, incidents, and processes.

What You Bring
To excel as a Security Engineer (SIEM), you will bring substantial hands-on experience from previous roles focused on security operations centres or similar environments. Your academic background should include at least a bachelor's degree in computer science or related fields complemented by industry-recognised certifications that demonstrate your commitment to professional excellence. You have developed deep familiarity with SIEM technologies alongside other core security tools such as IDS/IPS systems firewalls antivirus solutions enabling you to monitor detect analyse respond swiftly to evolving threats. Your approach combines rigorous analytical thinking with strong interpersonal skills allowing you to work collaboratively across departments while communicating complex technical issues clearly. Experience conducting forensic investigations root cause analyses post-incident reviews further enhances your ability to protect organisational assets proactively. If you have previously supported or mentored less experienced colleagues your nurturing attitude will be welcomed within this inclusive team environment.

• Bachelor's or master's degree in computer science, information technology, cybersecurity or a related discipline is required for this role.
• At least one recognised professional certification such as Security+, ECIH, GCIH, CySA+, CSA, CFR, CISM or CISSP is mandatory; additional certifications are highly desirable.
• A minimum of five years' proven experience working within a security operations role or similar capacity is essential for success in this position.
• Demonstrated expertise in incident response management including escalation procedures and remediation strategies is expected.
• Hands-on experience with key security tools such as firewalls, intrusion detection/prevention systems (IDS/IPS), antivirus software suites and especially SIEM platforms is crucial.
• Comprehensive understanding of cybersecurity principles including best practices for threat detection monitoring vulnerability assessment risk mitigation compliance requirements etc.
• Proficiency in conducting forensic analysis malware investigations root cause assessments post-incident reviews is highly valued.
• Strong analytical skills combined with excellent problem-solving abilities enable you to respond effectively under pressure during complex incidents.
• Outstanding communication skills facilitate collaboration with internal teams stakeholders external partners ensuring alignment on security objectives policies procedures etc.
• Experience mentoring junior analysts or providing guidance within a SOC environment would be considered an advantage though not strictly required.

What Sets This Company Apart
This organisation stands out for its unwavering commitment to building a secure digital future through teamwork knowledge sharing and continuous learning. Employees benefit from flexible working arrangements designed to promote work-life balance alongside generous training opportunities that encourage ongoing professional development. The company fosters an inclusive culture where every voice is heard contributions are valued equally regardless of background or level of experience. With access to cutting-edge technologies supportive leadership structures and a dependable network of peers you can expect both personal satisfaction and career advancement as part of this respected institution's cybersecurity function. Their dedication extends beyond technical excellence—they prioritise empathy collaboration kindness loyalty among team members creating an environment where everyone feels empowered supported motivated by shared goals. If you seek more than just another job but rather a place where your expertise makes a tangible difference while being surrounded by considerate colleagues this is the ideal setting for your next chapter.

What's Next
If you are ready to take on an impactful role where your skills truly matter we invite you to explore this exciting opportunity further

Apply today by clicking on the link provided—your journey towards making a real difference in cybersecurity starts here.

Due to the high volume of applications we are experiencing, our team will only be in touch with you if your application is shortlisted.

The position will play a critical role in our IT security team, focusing on the safeguarding of our computer networks and systems. This role involves assessing our security measures, identifying vulnerabilities, implementing security solutions, and responding to security breaches. The ideal candidate will have a strong foundation in information security principles, be detail-oriented, and possess excellent problem-solving skills.

Key Responsibilities

• Monitor our network for security breaches and investigate a violation when one occurs.
• Install and use software, such as firewalls and data encryption programs, to protect sensitive information.
• Perform vulnerability testing, risk analyses, and security assessments.
• Plan, implement, and upgrade security measures and controls.
• Develop and document security policies and procedures.
• Conduct internal and external security audits.
• Manage network, intrusion detection, and prevention systems.
• Analyze security breaches to identify the root cause.
• Coordinate with different departments to improve security.
• Stay updated on the latest intelligence, including hackers' methodologies, to anticipate security breaches.
• Provide technical advice to colleagues on how to securely develop and maintain computer systems.

Minimum Qualifications

• Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent work experience.
• Preferrably with Professional Certification as Google Cloud Security Engineer.
• Proven work experience as a Senior Security Engineer or similar role.
• Familiarity with various operating systems and databases.
• Experience in using security tools and technologies.
• Knowledge of patch management, firewalls, and intrusion detection/prevention systems.
• Understanding of secure coding practices, ethical hacking, and threat modeling.
• Excellent problem-solving and communication skills.