17 Threat Analyst jobs in the Philippines

COMPANY PROFILE: A well-established BPO company that is well-committed in providing business outsourcing needs to its clients
br>Position: Cyber Threat Analyst
Company Industry: IT Company
Work Location: Pasay City
Work Schedule: Monday-Friday
Salary: Php 45,000-60,000
Work Set Up: Hybrid Setup

JOB REQUIREMENTS:
Bachelor's degree in Computer Science, Information Technology, or Cyber Intelligence.
6 months to 1 year of experience in Technical Writing, Threat Analysis, and Threat Landscape.
Strong understanding of cyber threats and the evolving threat landscape.
Familiarity with cybersecurity terminology and industry trends.
Knowledge of the MITRE ATT&CK framework.

JOB RESPONSIBILITIES:
Prepare daily intelligence reports.
Analyze client-specific data to assess potential infrastructure threats.
Collect and evaluate cyber threat incident information to enhance client security.
Monitor and stay up to date on emerging cyber threats and industry trends.
Identify and report on significant cyber threat events for the Weekly Threat Landscape while tracking ongoing research areas that require further exploration.

RECRUITMENT PROCESS: (ONLINE)

We're Hiring: Threat Intelligent Analyst
MOA, Pasay | Hybrid (1-2x a month) | Night Shift br>
QUALIFICATIONS:
- College graduate
- At least 1 year experience in Technical Writing and Research (Technical Writers)
- Must have general knowledge or familiarity (even if not direct experience) with Threat Analysis and Threat Landscape, MITRE ATT&CK framework, OSINT research (Open-Source Intelligence)
- Familiar with using JIRA
- Scripting Knowledge

Interested applicants may send their CV/resume

We are hiring!
br>Position: THREAT INTELLIGENCE ANALYST

Work Address: MOA, Pasay
Work Set-up: Hybrid (2-4x a month onsite)
Work Schedule: Night Shift
Work Type: Full time

DUTIES and RESPONSIBILITIES:

Research & Analysis
• Conduct in-depth research on cyber threat events, using OSINT sources and the < r>Recorded Future Intelligence Cloud.
• Identify and assess trending cyberattacks, including ransomware, phishing, software < r>vulnerability exploitation, and other emerging threats.
• Map identified threats to frameworks such as MITRE ATT&CK and the diamond model of < r>intrusion analysis.

Reporting & Writing
• Produce analyst notes referencing both open-source and internal intelligence, adhering to < r>a clear, technical writing style.
• Ensure reports are concise, informative, and appropriately tailored for defenders, technical < r>teams, and non-technical stakeholders.
• Publish analyst notes to the Recorded Future Intelligence Cloud, including all relevant < r>entities (e.g., threat actors, malware, TTPs, MITRE IDs).

Collaboration & Communication
• Work closely with global Threat Intelligence Analyst teams (Philippines, Australia, UK, US) < r>to refine and validate findings.
• Engage in team meetings to share updates, discuss guidance changes, and participate in < r>ongoing training.
• Provide ad-hoc support or additional coverage as needed by the business. < r>
Process & Best Practices
• Accurately document and interpret raw data, mapping it to recognized threat intelligence < r>frameworks.
• Maintain up-to-date knowledge of the cyber threat landscape and emerging trends. < r>• Contribute to process improvements and share learnings/best practices within the team < r>
QUALIFICATIONS:

• At least one (1) year of professional experience in cybersecurity, cyber threat intelligence, < r>or a closely related field, OR least two (2) years of professional experience in technical
writing, due diligence, risk assessments, physical threat intelligence, fraud intelligence, or
any role requiring substantial report writing.
• Solid understanding of basic cyber threats (e.g., malware, phishing, trojans, botnets). < r>• Familiarity with OSINT research techniques and sources. < r>• Ability to accurately interpret raw data and translate it into clear, coherent reports. < r>• Excellent English-language grammar and reading comprehension. < r>• Strong verbal communication skills in English. < r>• Demonstrable ability to produce structured, concise, and accurate written analysis tailored < r>to different audiences.
• Preferred: Working proficiency (reading and writing) in Spanish or Portuguese < r>• Strong attention to detail and accuracy. < r>• Curiosity-driven approach to research and problem-solving. < r>• Ability to thrive in a collaborative, fast-paced environment. < r>• Strong organizational skills to handle multiple projects and deadlines < r>
NICE-TO-HAVE QUALIFICATIONS:

• Prior hands-on experience with threat intelligence platforms or feeds. < r>• Familiarity with applying frameworks such as MITRE ATT&CK, the diamond model, CVE < r>standards, and/or the cyber kill chain.
• Up-to-date awareness of current trends and ongoing developments in cybersecurity and < r>the broader threat landscape.
• Ability to propose actionable mitigations or defensive strategies based on threat < r>intelligence findings.
• Special interest and demonstrated understanding of cybersecurity issues throughout Latin < r>America
• In-depth knowledge of popular news sources, including technical publications, throughout < r>Latin America.
• Relevant cybersecurity or threat intelligence certifications (e.g., Security+, CySA+, GCTI, < r>GCIA, CISSP, etc.).

BENEFITS OFFERED:

• VL/SL credits < r>• Certified Great Place to Work < r>• Hybrid Work Set-up < r>• Equipment is provided (Laptop/Desktop) < r>• HMO coverage (2 dependents) < r>• Work-life Balance < r>• Telecommunication Allowance for Team Leaders and Up < r>• Competitive Salary Package < r>• Performance-based Bonuses (Quarterly)

We're Hiring: Vulnerability Analyst
MOA, Pasay | Hybrid (1 - 2x a month RTO) | Midshift br>
Requirements:
- B.S. equivalent in Computer Science, Information Systems, or Cyber Intelligence.
- 1-2 years of minimum professional experience in cybersecurity, with a focus on threat detection, penetration testing, or vulnerability assessment.
- possess a solid grasp of fundamental cybersecurity principles, attack trajectories, and techniques for vulnerability analysis.
- practical experience using common threat intelligence analysis models such as MITRE ATT&CK, D3FEND, the Diamond Model, and the Cyber Kill Chain.
- familiarity with and use of common cyber threat intelligence tools such as Domain Tools, VirusTotal, Shodan, etc.

Preffered Qualifications:
- Experience creating Nuclei templates.
- Practical experience with network and web application penetration testing tools, such as Burp Suite, Nmap, Fiddler, ZAP, Metasploit, and Wireshark.
- Familiarity with scripting and programming languages such as YAML, Python, Golang, JavaScript, C, etc.
- Prior experience within a quick reaction or incident response team environment.
- Familiarity with malware detections, including YARA, Sigma, and Snort.

Interested applicants may send their application. Please indicate your contact number and email address. Thank you!

COMPANY PROFILE: A well-established BPO company that is well-committed in providing business outsourcing needs to its clients
br>Position: Vulnerability Analyst
Company Industry: IT Company
Work Location: Pasay City
Work Schedule: Monday-Friday
Salary: Php 60,000 - Php 70,000 gross
Work Set Up: Hybrid Setup

JOB REQUIREMENTS:
Bachelor’s degree in Computer Science, Information Security, or related field < r>Experience with vulnerability assessment tools
Knowledge of security frameworks, compliance standards, and best practices
Strong analytical and problem-solving skills
Good communication and reporting skills

Recruitment Process: Online Process until Job Offer

This is Direct Hiring!

COMPANY PROFILE: A well-established BPO company that is well-committed in providing business outsourcing needs to its clients
Position: Vulnerability Assessment Analyst br>Company Industry: BPO Company
Work Location: MOA Pasay
Work Schedule: Mid Shift (4:00 PM or 5:00 PM)
Salary: Php 60,000 – Php 70,000 < r>Work Set Up: Hybrid (1–2 times a month Return-to-Office) < r>
JOB REQUIREMENTS:
• Bachelor’s degree in Computer Science, Information Systems, Cyber Intelligence, or related field
• E perience creating Nuclei templates < r>• P actical experience with network and web application penetration testing tools such as: Burp Suite, Nmap, Fiddler, OWASP ZAP, Metasploit or Wireshark. < r>
JOB RESPONSIBILITIES:
• C nduct regular vulnerability assessments and support mitigation strategies < r>• I entify, analyze, and report on potential security threats < r>• C llaborate with internal teams to improve overall system security < r>• M intain and update security tools and scripts used for threat detection < r>• A sist in incident response and remediation activities < r>
RECRUITMENT PROCESS: (ONLINE)
HR Interview
Technical Assessment
Hiring Manager Interview
Job Offer

Job Scope:
To manage all RX security assessments and play a key part in ensuring RX's security compliance optimization. Monitor assessments while ensuring that Reed Exhibitions internal systems are compliant with RELX and industry standards. Proactively manage the third-party risk assessments, compliance evidence gathering of their IT services, infrastructure, applications and relevant services against their Security policies and related frameworks. Training and development will be provided in all areas of the role as required.
Key Responsibilities:
Security Assessment Management
+ Serve as an advanced technical advisor for third-party assessments, providing detailed security insights and solutions.
+ Perform in-depth security reviews and risk assessments for new and existing third-party vendors, ensuring compliance with organizational and regulatory requirements.
+ Demonstrate advanced knowledge in RELX security compliance policies and procedures.
+ Stay current with updates and developments in security standards such as OWASP Top 10, ISO27001, and SOC 2, and ensure their proper implementation across the organization.
+ Develop and deliver training and awareness on security policies and standards to business units.
+ Gain in-depth knowledge of the organization's major infrastructure security controls, ensuring they align with RELX Policies and Standards, industry best practices, and regulatory requirements.
+ Coordinate with technology/service owners and business owners to conduct annual security audits, vulnerability assessments, and penetration tests where applicable.
+ Work collaboratively within all business areas and key stakeholders to ensure the review and approach of all security governance, risk, and compliance scope is appropriate and proactive.
+ Ensure continuous monitoring and reporting of compliance and risk status against NIST2.0, RELX Framework, ISO27001, SOC2, PCI DSS, regional and global regulations, and all other relevant standards.
+ Support internal and external audits by providing detailed documentation and evidence of security controls and practices.
+ Perform RX Business Unit and Third-Party security audits according to the CISO office strategic plan and produce detailed documentation and evidence against security controls and practices tested.
+ Act as a point of escalation for security-related incidents, providing advanced security support and guidance to Level I Analysts and other team members.
+ Provide regular updates and at least monthly metric reports to senior management on security compliance and risk posture.
+ Escalation of high impact security issues to Security Compliance Manager.
Ideal candidate profile:
Technical Skills:
+ Bachelor's Degree holder.
+ Background in IT, compliance, and/or information security.
+ Ability to work across all levels of seniority within business teams to drive a working partnership.
+ Strong analytical and critical thinking skills.
+ Understanding of industry standards for IT security (e.g., ISO27001/2, SOC 2, PCI DSS).
+ Basic understanding of IT security applications (e.g., firewalls, intrusion detection, virus protection).
+ Understanding of IT security testing and vulnerability management, and Threat Modeling.
+ Understanding in Cloud Environment (e.g., AWS, Azure or GCP)
+ Understanding of Service Level Management.
+ Desired understanding of OneTrust portal or Similar.
+ With CompTIA Security+ or Similar or Higher.
Personal Skills:
+ Ability to work across all levels of seniority within the organization and suppliers to drive a working partnership.
+ Good communication skills at all levels, both oral and written.
+ Good interpersonal skills.
+ Ability to produce effective influence and persuasive arguments in support of security assessment process goals.
+ Highly driven and self-motivated individuals.
+ Skilled in project management and able to work independently in a fast-paced environment.
We are committed to providing a fair and accessible hiring process. If you have a disability or other need that requires accommodation or adjustment, please let us know by completing our Applicant Request Support Form or please contact 1- .
Criminals may pose as recruiters asking for money or personal information. We never request money or banking details from job applicants. Learn more about spotting and avoiding scams here .
Please read our Candidate Privacy Policy .
We are an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law.
USA Job Seekers:
EEO Know Your Rights .
RELX is a global provider of information-based analytics and decision tools for professional and business customers, enabling them to make better decisions, get better results and be more productive.
Our purpose is to benefit society by developing products that help researchers advance scientific knowledge; doctors and nurses improve the lives of patients; lawyers promote the rule of law and achieve justice and fair results for their clients; businesses and governments prevent fraud; consumers access financial services and get fair prices on insurance; and customers learn about markets and complete transactions.
Our purpose guides our actions beyond the products that we develop. It defines us as a company. Every day across RELX our employees are inspired to undertake initiatives that make unique contributions to society and the communities in which we operate.

**Company Description**
**Work with Us. Change the World.**
At AECOM, we're delivering a better world. Whether improving your commute, keeping the lights on, providing access to clean water, or transforming skylines, our work helps people and communities thrive. We are the world's trusted infrastructure consulting firm, partnering with clients to solve the world's most complex challenges and build legacies for future generations.
There has never been a better time to be at AECOM. With accelerating infrastructure investment worldwide, our services are in great demand. We invite you to bring your bold ideas and big dreams and become part of a global team of over 50,000 planners, designers, engineers, scientists, digital innovators, program and construction managers and other professionals delivering projects that create a positive and tangible impact around the world.
We're one global team driven by our common purpose to deliver a better world. Join us.
**Job Description**
**Job Brief**
The primary function is to perform advisory and assurance projects of Audit Services Group (ASG) focused on IT, information security and data privacy risks. ASG is responsible for evaluating the adequacy and effectiveness of the company's systems of internal controls that guide company activities toward accomplishing key business objectives.
**Duties and Responsibilities**
+ Participate in planning, scoping and execution of risk-based IT, information security, and data privacy assurance and advisory projects in accordance with the Institute of Internal Auditors (IIA) and ASG standards
+ Perform test of design and operating effectiveness of controls
+ Effectively communicate audit results to management
+ Work with stakeholders to develop actions plans that address root cause of findings
+ Anticipate the impact of new technologies and strategic initiatives of the Company on its information security and privacy risk profile
+ Demonstrate up-to-date knowledge in information security and privacy and apply this to the development, execution and improvement of audit programs and recommendations
+ Develop and maintain productive working relationships with stakeholders, while maintaining independence and objectivity.
+ Contribute to various department initiatives to streamline processes, improve stakeholder experience, and increase productivity.
+ Contribute specialized expertise to different assigned projects and may provide key updates to Project Lead and Manager.
**Qualifications**
**Minimum Requirements**
+ Bachelor's degree in management information systems, computer science, accounting, finance, or other IT related fields is required
+ 2-4 years of IT auditing, technology, information security, privacy or other relevant work experience is required
+ Must have strong verbal and written communication skills; fluency in English is required
+ Knowledge of auditing cloud services, encryption technology, mobile technology, application security, software development methodologies, and common security frameworks preferred
+ Ability to travel up to 30% including international travel (valid passport required)
+ Professional certifications (e.g., CIA, CISA, CISSP) are preferred
**Additional Information**
Shift schedule: Morning shift (9AM to 6PM)
**About AECOM**
AECOM is proud to offer comprehensive benefits to meet the diverse needs of our employees. Depending on your employment status, AECOM benefits may include medical, dental, vision, life, AD&D, disability benefits, paid time off, leaves of absences, voluntary benefits, perks, flexible work options, well-being resources, employee assistance program, business travel insurance, service recognition awards, retirement savings plan, and employee stock purchase plan.
AECOM is the global infrastructure leader, committed to delivering a better world. As a trusted professional services firm powered by deep technical abilities, we solve our clients' complex challenges in water, environment, energy, transportation and buildings. Our teams partner with public- and private-sector clients to create innovative, sustainable and resilient solutions throughout the project lifecycle - from advisory, planning, design and engineering to program and construction management. AECOM is a Fortune 500 firm that had revenue of $16.1 billion in fiscal year 2024. Learn more at aecom.com.
**What makes AECOM a great place to work**
You will be part of a global team that champions your growth and career ambitions. Work on groundbreaking projects - both in your local community and on a global scale - that are transforming our industry and shaping the future. With cutting-edge technology and a network of experts, you'll have the resources to make a real impact. Our award-winning training and development programs are designed to expand your technical expertise and leadership skills, helping you build the career you've always envisioned. Here, you'll find a welcoming workplace built on respect, collaboration and community - where you have the freedom to grow in a world of opportunity.
As an Equal Opportunity Employer, we believe in your potential and are here to help you achieve it. All your information will be kept confidential according to EEO guidelines.
**ReqID:** J10134928
**Business Line:** Geography OH
**Business Group:** DCS
**Strategic Business Unit:** GBS
**Career Area:** Finance
**Work Location Model:** Hybrid
**Legal Entity:** AECOM Global Business Services - Philippines ROHQ

Position Overview:
As a Security Architect, you will engage across various domains within information security, focusing on: br>Evaluating and auditing existing security controls and solutions.
Designing and implementing new security measures.
Providing expert counsel within the department and beyond.
Assisting in the design and optimization of our SIEM/MDR solutions.
Conducting risk assessments for infrastructure, applications, and vendors.

Qualifications:
Bachelor's degree in any field; degrees in Information Security, Computer Science, or Software Engineering preferred but not mandatory.
Certifications such as Azure Architect, Azure Security, OSCP, OSEP, CISSP, Security+, ISO 27001, CISM, or CRISC are advantageous but not required.
Excellent English communication skills.
Knowledge in areas such as:
Risk Management
Third-Party Risk Management
Control Management
Security Frameworks (ISO 27001/27002/27005, NIST 800-53, NIST CSF)
Policy and Procedure Development
Infrastructure and Cloud Security (Azure)
MDR/SIEM/Log Analytics
Incident Response
Vulnerability and Penetration Testing
Identity and Access Management (IAM)
Technical Security and Risk Assessments
Disaster Recovery Planning
Willingness to engage with the CISO on professional matters.