237 Threat Analyst jobs in the Philippines

The Cyber Threat Analyst is responsible for detecting, analyzing, and mitigating cyber threats to safeguard the bank's digital assets. The role operates on a 24x7 shift rotation and involves monitoring, investigating, and responding to security events using SOC tools such as SIEM, IDS/IPS, and antivirus systems.

Key Responsibilities:

• Monitor, analyze, and respond to security alerts and incidents.
• Assess and manage exception requests and threat intelligence reports.
• Track compliance, hardening, and agent installation across bank assets.
• Conduct threat research, malware analysis, and forensic investigations.
• Support incident response and update security policies as needed.
• Promote information security awareness and best practices.

Qualifications:

• Graduate of any BS Information Technology and related course
  (fresh graduates are welcome to apply)
• Knowledge of SOC operations, SIEM tools, and cybersecurity frameworks.
• Strong analytical and problem-solving skills.
• Willing to work on a
  24x7 rotating schedule
  , including weekends and holidays.

Yngen Datacom Corp. is seeking for a diligent and technically proficient individual to join our team as a Cyber Threat Analyst. In this role, you will be responsible for monitoring, analyzing, and assessing potential threats across digital platforms and systems. Your expertise and attention to detail will play a vital role in identifying risks, strengthening our defenses, and ensuring the safety of our organization and its users.

If you have strong analytical skills, a passion for cybersecurity, and the drive to proactively address evolving threats, we'd love to have you on our team.

About the company:

Welcome to Yngen Datacom Corp. where outsourcing meets excellence and innovation. Our dedicated team of industry experts harnesses cutting-edge technology to deliver scalable solutions that drive business growth. Join us and experience the synergy of innovation and commitment, as we empower businesses worldwide to thrive.

Job Description:

We are seeking a diligent and technically proficient individual to join our team as a Malicious Content and Website Checker. In this role, you will be responsible for identifying and evaluating potentially harmful or malicious content across various digital platforms and websites. Your keen attention to detail and analytical skills will play a crucial role in safeguarding our organization and its users from cyber threats.

Responsibilities:

Content Analysis: Review and analyze digital content, including text, images, videos, and code, to identify malicious or harmful elements.

Website Evaluation: Assess websites and web applications for security vulnerabilities, phishing attempts, malware distribution, and other cyber threats.

Malware Detection: Utilize tools and techniques to detect and analyze malware, suspicious scripts, and unauthorized software.

Reporting: Document findings accurately and promptly, and provide detailed reports to stakeholders regarding identified threats and recommended actions.

Collaboration: Work closely with cybersecurity teams, content moderators, and IT personnel to address and mitigate identified risks.

Continuous Improvement: Stay updated on emerging threats, industry trends, and best practices related to cybersecurity and malicious content detection.

Requirements:

Experience: Knowledgeable in Cryptocurrency or Trading

Analytical Skills: Strong analytical and problem-solving abilities to effectively identify and assess security risks.

Attention to Detail: Meticulous approach to reviewing and analyzing content and websites for potential threats.

Communication Skills: Clear and concise verbal and written communication skills to report findings and collaborate effectively with team members

Location: Amenable to work in San Pedro Laguna

Job Description:

The Cyber Threat Analyst is responsible in performing hands-on investigations that require critical thinking and a broad understanding of multiple technologies and will support development of presentations and reports to document findings and will require good communication and interpersonal skills to convey findings in the technical proficiency level of the audience.

Job Qualifications:

• Candidate must possess at least a Bachelor's/College Degree, Computer Science/Information Technology, Engineering (Computer/Telecommunication) or equivalent.
• Must be willing to work in Makati, shifting schedule, and weekends/holidays.

Protect. Prevent. Empower. Be a Cybersecurity Governance, Risk, and Threat Analyst at Smartsourcing and keep businesses safe, compliant, and resilient.

Hi We're Smartsourcing and we're on the lookout for a full-time and onsite Cybersecurity Analyst. Here, we exist to protect what matters most—people, data, and trust. This role strengthens that mission by combining governance, risk management, and threat intelligence to keep businesses resilient.

Where? JEG Tower, Archbishop Reyes, Corner Acacia St., Barangay Kamputhaw, Cebu City, 6000 Cebu

The Cybersecurity Advocate, Risk & Threat Analyst strengthens the organization's security culture by combining awareness training, threat analysis, and compliance oversight. This role leads purple-team exercises, manages incidents, and drives security-first behavior to reduce risk and ensure regulatory alignment.

Maintenance of Governance Framework

• Develop, update, and assist in the enforcement cybersecurity policies, standards, and guidelines aligned with business objectives and regulatory frameworks.
• Management of cybersecurity process workflows.

Cybersecurity Awareness & Training

• Coordinate and deliver internal communication on cybersecurity awareness, updates, critical alerts and cybersecurity posture.
• Lead cybersecurity awareness training across departments, ensuring higher participation rates.
• Facilitate phishing simulations and training feedback loops.
• Ensure communication plans are tested and aligned with organizational policies.
• Ensure communication plans and cybersecurity training programs are tested and aligned with organizational policies and compliance requirements.

Threat and Risk Management

• Advise internal stakeholders on emerging risks and proactive mitigation strategies.
• Track and manage incidents ensuring incidents have updated documentation and reporting.
• Maintain compliance rates for Keeper usage, breach watch alerts and engagement across teams.
• Provide policy enforcement and support to all Departments
• Champion secure behavior, working closely with functional team leads to embed controls in day-to-day operations.
• Supports risk identification, assessment, and mitigation tracking.
• Perform and assist internal departments in business assessments to analyse risks and opportunities through appropriate tools.

Compliance, Audit & Reporting

• Champion compliance efforts across the business
• Lead compliance checks and audit preparation aligned with ISO 27001 and other regulatory standards.
• Produce structured reports for audits, team metrics, training KPIs, and incident summaries.
• Support documentation updates related to ISMS and audit tracking.

• Knowledge of threat detection and purple teaming concepts
• Experience in coordinating or delivering cybersecurity awareness training
• Familiarity with password management and security alert systems (e.g. Keeper)
• Working knowledge of ISO 27001 and regulatory frameworks
• Knowledge of incident management and SLA-based resolution practices
• Strong report-writing and KPI tracking experience
• Strong technical communication skills
• Solid understanding of the NIST Cybersecurity Framework
• Solid knowledge of threat intelligence and frameworks such as MITRE ATT&CK

• Effective communicator, with strong written and verbal presentation skills
• Ability to lead cross-departmental training programs
• Strong understanding of threat remediation tools and techniques
• Organized, with strong attention to documentation and audit-readiness
• Comfortable leading purple-team simulations and collaboration
• Capable of interpreting metrics and adapting strategy based on findings
• Able to interact with stakeholders in cross-functional teams.
• Good team player interested in sharing knowledge and cross-training other team members and shows interest in learning new technologies and products.
• Ability to create documents of quality.

Step Into the Smartsourcing Experience

Smartsourcing was created with one mission: to change lives. We're here to ensure that businesses flourish and, just as importantly, that every member of the crew is inspired, supported, and set up to thrive. For the fourth year running, we've been recognized as one of HR Asia's Best Companies to Work For. This award isn't just a title—it's a testament to our commitment to making Smartsourcing an incredible place to build a career.Why You'll Love Working Here

At Smartsourcing, we believe the best work comes from people who feel seen, heard, and valued. That's why we're all about fostering an environment where you can be your true self. We take pride in being certified as a Great Place to Work, because we know that when you love where you work, extraordinary things happen. Here's just a glimpse of what we offer:

• Weekends are yours (we respect your time off)
• 5-day Christmas Leave (unwrap real time off)
• Healthcare from Day 1 for you and your family (because healthcare matters)
• Free lunch and barista-crafted coffee daily (we take our caffeine seriously)
• Night shift differential for evening schedules
• Subsidized gym membership and sports wellness clubs including hiking and free-diving
• Smartsourcing Exclusives (deals made just for you)
• Themed BFFs, monthly knockoffs, summer parties

• Community give-back programs and personal development workshops

• And so much more

We're not just another outsourcing company. We're building something that actually matters here – a place where good work meets good culture.

Secure your future while securing others. Apply now at Smartsourcing.

Role: Threat Intelligence Analyst

Location : Mall of Asia, Pasay City

Work Type: Hybrid (1-2x a month)

Work Shift: Night Shift

Job Description:

Requirements Threat Intelligence Analyst

Must have - College Graduate

- At least 1 year experience in Technical Writing and Research (Technical Writers)

- General knowledge or familiarity (even if not direct experience) with Threat Analysis and Threat Landscape, MITRE ATT&CK framework, OSINT research (Open-Source Intelligence) is a must

Nice to have - Preferred, not a priority - familiar with using JIRA

- Scripting knowledge

Note :

Interested candidates feel free to share your updated resume to

Job Description

Project Role : Threat Intelligence Analyst

Location : Pasay city

Requirements :

Must have - College Graduate

• At least 1 year experience in Technical Writing and Research (Technical Writers)

• General knowledge or familiarity (even if not direct experience) with Threat Analysis and Threat Landscape, MITRE ATT&CK framework, OSINT research (Open-Source Intelligence) is a must

Nice to have - Preferred, not a priority - familiar with using JIRA

• Scripting knowledge

Note: Interested candidate can directly reach out

Job Title: Threat Intelligence Analyst

Position Summary

As a Threat Intelligence Analyst, you will research and analyze emerging cyber threats, produce concise analyst notes, and communicate findings to both technical and non-technical audiences. You will use open-source intelligence (OSINT) and internal tools such as the Recorded Future Intelligence Cloud to inform clients and internal stakeholders of the latest cyber threat activities, ensuring timely and actionable insights.

Key Responsibilities

• Research & Analysis

• Conduct in-depth research on cyber threat events, using OSINT sources and the Recorded Future Intelligence Cloud.

• Identify and assess trending cyberattacks, including ransomware, phishing, software vulnerability exploitation, and other emerging threats.

• Map identified threats to frameworks such as MITRE ATT&CK and the diamond model of intrusion analysis.

• Reporting & Writing

• Produce analyst notes referencing both open-source and internal intelligence, adhering to a clear, technical writing style.

• Ensure reports are concise, informative, and appropriately tailored for defenders, technical teams, and non-technical stakeholders.

• Publish analyst notes to the Recorded Future Intelligence Cloud, including all relevant entities (e.g., threat actors, malware, TTPs, MITRE IDs).

• Collaboration & Communication

• Work closely with global Threat Intelligence Analyst teams (Philippines, Australia, UK, US) to refine and validate findings.

• Engage in team meetings to share updates, discuss guidance changes, and participate in ongoing training.

• Provide ad-hoc support or additional coverage as needed by the business.

• Process & Best Practices

• Accurately document and interpret raw data, mapping it to recognized threat intelligence frameworks.

• Maintain up-to-date knowledge of the cyber threat landscape and emerging trends.
• Contribute to process improvements and share learnings/best practices within the team.

Must Have Qualifications- Experience

• At least one (1) year of professional experience in cybersecurity, cyber threat intelligence, or a closely related field, OR

• At least two (2) years of professional experience in technical writing, due diligence, risk assessments, physical threat intelligence, fraud intelligence, or any role requiring substantial report writing.

• Technical & Analytical Skills

• Solid understanding of basic cyber threats (e.g., malware, phishing, trojans, botnets).

• Familiarity with OSINT research techniques and sources.

• Ability to accurately interpret raw data and translate it into clear, coherent reports.

• Communication & Writing Skills

• Excellent English-language grammar and reading comprehension.

• Strong verbal communication skills in English.
• Demonstrable ability to produce structured, concise, and accurate written analysis tailored to different audiences.
• Preferred: Working proficiency (reading and writing) in Spanish or Portuguese

• Soft Skills & Work Ethic

• Strong attention to detail and accuracy.

• Curiosity-driven approach to research and problem-solving.
• Ability to thrive in a collaborative, fast-paced environment.
• Flexibility to work different shifts, including possible night shifts, as required by the business.
• Strong organizational skills to handle multiple projects and deadlines.

Desirable (Nice to Have)

• Technical Proficiency

• Prior hands-on experience with threat intelligence platforms or feeds.

• Familiarity with applying frameworks such as MITRE ATT&CK, the diamond model, CVE standards, and/or the cyber kill chain.

• Industry Knowledge

• Up-to-date awareness of current trends and ongoing developments in cybersecurity and the broader threat landscape.

• Ability to propose actionable mitigations or defensive strategies based on threat intelligence findings.
• Special interest and demonstrated understanding of cybersecurity issues throughout Latin America

• In-depth knowledge of popular news sources, including technical publications, throughout Latin America.

• Certifications

• Relevant cybersecurity or threat intelligence certifications (e.g., Security+, CySA+, GCTI, GCIA, CISSP, etc.).

The Incident Response Analyst will provide detection, containment, and analysis of security events to protect the confidentiality, integrity, and availability of information systems in accordance with the firm's business objectives, regulatory requirements, and strategic goals.

Responsibilities

• Provide Tier 2 incident response services to the global organization on behalf of the Information Security Team
• Receive, process, and resolve tickets per defined SLA's
• Analyze information garnered from monitoring systems, operational incidents, and other sources to determine the scope and impact of potential security incidents, and process accordingly
• Critically assess current practices and provide feedback to management on improvement opportunities
• Assist with the design and implementation of threat detection and prevention solutions identified as necessary for the protection of Firm assets
• Effectively utilize common IR toolsets, platforms, and processes, such as SIEM, log management, packet capture, and breach detection systems
• Assist with forensic examinations and chain-of-custody procedures as directed by the Security Incident Response Engineers
• Provide input into standards and procedures
• Report compliance failures to management for immediate remediation
• Maintain assigned systems to ensure availability, reliability, and integrity, including the oversight of current and projected capacity, performance, and licensing
• Provide status reports and relevant metrics to the Security Operations Manager
• Contribute to the Firm's security-related information repositories and other marketing/awareness endeavors
• Participate in special projects as needed

Skills and Experience

Education

• Possess a Computer Science Bachelor's Degree or substantial equivalent experience

Special Requirements, Licenses, and Certifications (desirable but not required):

• GSEC, GCIH, GCFE, GREM
• CISSP or SSCP

Experience

• Some professional experience in information security with a focus on incident response and forensics
• Foundational knowledge of IR concepts and best practices, including forensics and chain-of-custody
• Experience with common IR tools such as SIEM, log management, IDS, breach detection systems (APT/BDS/EDR), and packet capture.
• Broad understanding of TCP/IP, DNS, common network services, and other foundational topics
• Working knowledge of malware detection, analysis, and evasion techniques
• Able to conduct static and dynamic analysis of malware to extract indicators of compromise, profile malware behavior, and provide recommendations for mitigating and detecting malware;  Able to analyze suspicious websites, script-based and malware code
• Experience with vulnerability management tools such as Qualys, Nessus, or other vulnerability scanning discovery tools
• Broad familiarity with the threat landscape and the ability to adapt practices to evolving circumstances
• Identify, analyze, and report threats within the enterprise by using information collected from a variety of sources (IDS/IPS, SIEM, AV), to protect data and networks.  Implement techniques to hunt for known and unknown threats based on available threat intelligence reports and knowledge of the attacker's TTPs
• Able to gather and analyze facts, draw conclusions, define problems, and suggest solutions
• Maintain critical thinking and composure under pressure
• Strong written and oral communication skills.  Ability to convey complex concepts to non-technical constituents.
• Proficiency in oral and written English
• Capable of assisting with the preparation of internal training materials and documentation
• Able to be productive and maintain focus without direct supervision
• Passionate in the practice and pursuit of IR excellence
• Can exhibit a disciplined and rigorous approach to incident handling
• Willing to accommodate shift-based work for a global organization
• Provide exemplary customer service by striving for first-call resolution and demonstrating empathy, respect, professionalism, and expertise
• Experience with digital forensics on host or network and identification of anomalous behavior on the network or endpoint devices.  Familiar with host and network-based forensic tools such as EnCase, FTK, Sleuth Kit, X Ways, etc.

We are looking for a skilled Incident Response Specialist to lead the investigation and resolution of high-priority and escalated security incidents. In this role, you will work closely with internal teams to improve the bank's cybersecurity defenses and ensure timely response to threats.

Incident Handling & Investigation

• Lead investigations of complex or escalated security incidents.
• Perform deep-dive forensic analysis, including root cause and post-incident reviews.
• Act as an escalation point for other analysts during critical security events.
• Analyze incidents to assess impact, risk, and potential data compromise.

Threat Containment & Response

• Lead threat containment, eradication, and recovery efforts.
• Identify malware behavior, compromised systems, and data infiltration attempts.
• Provide guidance to teams on remediation and recovery strategies.
• Communicate response plans clearly to asset owners and other stakeholders.

Threat Intelligence & Analysis

• Use threat intelligence to assess scope and impact of attacks.
• Analyze network traffic, malware, and suspicious behaviors to support investigations.
• Support Threat Hunting and SOC Tool teams with new detection methods.

Documentation & Playbooks

• Document incidents thoroughly from detection to resolution.
• Develop, update, and test incident response procedures and playbooks.
• Participate in simulations and response drills to ensure readiness.

Collaboration & Support

• Work with Infrastructure & Operations teams to resolve incidents.
• Collaborate with the SOC Manager and Incident Response Lead to improve processes.
• Review system metrics and monitoring data to identify trends and anomalies.

Tool Management & Continuous Improvement

• Evaluate, recommend, and troubleshoot security tools and technologies.
• Contribute to improving SOC policies, procedures, and overall maturity.
• Stay informed about new threats, vulnerabilities, and compliance requirements.

Additional Responsibilities

• Perform other tasks as assigned by the CTMD Head.

• Education: Bachelor's degree in Computer Science, Cybersecurity, or a related field.
• Experience: Proven experience in incident response, malware analysis, and threat detection.

• Technical Skills:

• Strong understanding of network, system, and application security.

• Hands-on experience with SOC tools, threat intelligence platforms, and forensic tools.

• Soft Skills:

• Clear communication with both technical and non-technical stakeholders.

• Strong analytical, problem-solving, and decision-making abilities.
• Ability to perform under pressure and manage escalated incidents.
• Knowledge: Familiarity with regulatory requirements and cybersecurity frameworks (e.g., ISO, NIST, etc.).