58 Threat Intelligence jobs in the Philippines

Position:
Threat Intelligence Engineer

Location:
REMOTE in Philippines

Interview Process:
2 round interview process

Rate: $8-10hr

Must-haves:

• 2+ years of experience within an analytical role- background in cybersecurity preferred
• Experience with threat data collection and analysis, threat intelligence mapping and reporting
• Familiarity with common cybersecurity tools and platforms such as siems, threat intelligence platforms, and network monitoring

Day-to-day:

As a Threat Intelligence Engineer, you will support our cybersecurity team by analyzing, collecting, and sharing actionable threat intelligence to protect our organization's digital assets. You will collaborate across teams to identify emerging threats and assist in investigations and mitigation efforts. This role offers opportunities to work with cutting-edge cybersecurity technologies in a dynamic environment. This person will be responsible for Threat Data Collection, mapping and monitoring, research and investigation. This role requires the ability to conduct cross-team collaboration.

Role: Threat Intelligence Analyst

Location : Mall of Asia, Pasay City

Work Type: Hybrid (1-2x a month)

Work Shift: Night Shift

Job Description:

Requirements Threat Intelligence Analyst

Must have - College Graduate

- At least 1 year experience in Technical Writing and Research (Technical Writers)

- General knowledge or familiarity (even if not direct experience) with Threat Analysis and Threat Landscape, MITRE ATT&CK framework, OSINT research (Open-Source Intelligence) is a must

Nice to have - Preferred, not a priority - familiar with using JIRA

- Scripting knowledge

Note :

Interested candidates feel free to share your updated resume to

Job Description

Project Role : Threat Intelligence Analyst

Location : Pasay city

Requirements :

Must have - College Graduate

• At least 1 year experience in Technical Writing and Research (Technical Writers)

• General knowledge or familiarity (even if not direct experience) with Threat Analysis and Threat Landscape, MITRE ATT&CK framework, OSINT research (Open-Source Intelligence) is a must

Nice to have - Preferred, not a priority - familiar with using JIRA

• Scripting knowledge

Note: Interested candidate can directly reach out

Job Title: Threat Intelligence Analyst

Position Summary

As a Threat Intelligence Analyst, you will research and analyze emerging cyber threats, produce concise analyst notes, and communicate findings to both technical and non-technical audiences. You will use open-source intelligence (OSINT) and internal tools such as the Recorded Future Intelligence Cloud to inform clients and internal stakeholders of the latest cyber threat activities, ensuring timely and actionable insights.

Key Responsibilities

• Research & Analysis

• Conduct in-depth research on cyber threat events, using OSINT sources and the Recorded Future Intelligence Cloud.

• Identify and assess trending cyberattacks, including ransomware, phishing, software vulnerability exploitation, and other emerging threats.

• Map identified threats to frameworks such as MITRE ATT&CK and the diamond model of intrusion analysis.

• Reporting & Writing

• Produce analyst notes referencing both open-source and internal intelligence, adhering to a clear, technical writing style.

• Ensure reports are concise, informative, and appropriately tailored for defenders, technical teams, and non-technical stakeholders.

• Publish analyst notes to the Recorded Future Intelligence Cloud, including all relevant entities (e.g., threat actors, malware, TTPs, MITRE IDs).

• Collaboration & Communication

• Work closely with global Threat Intelligence Analyst teams (Philippines, Australia, UK, US) to refine and validate findings.

• Engage in team meetings to share updates, discuss guidance changes, and participate in ongoing training.

• Provide ad-hoc support or additional coverage as needed by the business.

• Process & Best Practices

• Accurately document and interpret raw data, mapping it to recognized threat intelligence frameworks.

• Maintain up-to-date knowledge of the cyber threat landscape and emerging trends.
• Contribute to process improvements and share learnings/best practices within the team.

Must Have Qualifications- Experience

• At least one (1) year of professional experience in cybersecurity, cyber threat intelligence, or a closely related field, OR

• At least two (2) years of professional experience in technical writing, due diligence, risk assessments, physical threat intelligence, fraud intelligence, or any role requiring substantial report writing.

• Technical & Analytical Skills

• Solid understanding of basic cyber threats (e.g., malware, phishing, trojans, botnets).

• Familiarity with OSINT research techniques and sources.

• Ability to accurately interpret raw data and translate it into clear, coherent reports.

• Communication & Writing Skills

• Excellent English-language grammar and reading comprehension.

• Strong verbal communication skills in English.
• Demonstrable ability to produce structured, concise, and accurate written analysis tailored to different audiences.
• Preferred: Working proficiency (reading and writing) in Spanish or Portuguese

• Soft Skills & Work Ethic

• Strong attention to detail and accuracy.

• Curiosity-driven approach to research and problem-solving.
• Ability to thrive in a collaborative, fast-paced environment.
• Flexibility to work different shifts, including possible night shifts, as required by the business.
• Strong organizational skills to handle multiple projects and deadlines.

Desirable (Nice to Have)

• Technical Proficiency

• Prior hands-on experience with threat intelligence platforms or feeds.

• Familiarity with applying frameworks such as MITRE ATT&CK, the diamond model, CVE standards, and/or the cyber kill chain.

• Industry Knowledge

• Up-to-date awareness of current trends and ongoing developments in cybersecurity and the broader threat landscape.

• Ability to propose actionable mitigations or defensive strategies based on threat intelligence findings.
• Special interest and demonstrated understanding of cybersecurity issues throughout Latin America

• In-depth knowledge of popular news sources, including technical publications, throughout Latin America.

• Certifications

• Relevant cybersecurity or threat intelligence certifications (e.g., Security+, CySA+, GCTI, GCIA, CISSP, etc.).

Join the Pioneer Crypto Brand in the Philippines

Coins is the most established crypto brand in The Philippines and has gained the trust of more than 18 million users. Through the easy-to-use mobile app, users can buy and sell a variety of different cryptocurrencies and access a wide range of financial services.

Coins is fully regulated by the Bangko Sentral ng Pilipinas (BSP) and is the first ever crypto-based company in Asia to hold both Virtual Currency and Electronic Money Issuer licenses from a central bank.

We are seeking a skilled and motivated Cyber Threat Intelligence Analyst to strengthen our Security Operations team.

In this role, you will play a critical part in identifying, analyzing, and mitigating emerging cyber threats targeting the crypto and blockchain ecosystem.

The ideal candidate will combine technical expertise with strong analytical skills to transform intelligence data into actionable insights, directly enhancing the security posture of our exchange platform.

• Continuously monitor and assess emerging cyber threats, vulnerabilities, and exploitation techniques that may impact company systems and services.
• Conduct research on adversary tactics, techniques, and procedures (TTPs) to improve threat detection and strengthen defense strategies.
• Develop automation and data enrichment scripts (Python/Golang preferred) to process threat intelligence feeds and indicators.
• Collaborate with security engineers, incident responders, and other stakeholders to integrate intelligence into detection and response workflows.
• Build and maintain intelligence use cases, reports, and dashboards; provide clear and concise threat briefings to technical and executive audiences.
• Perform investigations into potential threats leveraging open-source, proprietary, and deep/dark web intelligence sources.
• Analyze and track crypto-related threats, including phishing campaigns targeting exchange users, wallet-based attacks, and fraud-related activities.

• At least 3 years of hands-on experience in cyber threat intelligence, security analysis, or related fields.
• Strong understanding of incident response processes, APT activity, insider threats, and related attack scenarios.
• Proven experience with threat intelligence platforms and producing actionable threat reports.
• Solid knowledge of networking fundamentals (TCP/IP, OSI layers), malware behavior, and the global threat landscape (e.g., nation-state actors, cybercrime groups).
• Familiarity with security technologies such as IDS/IPS, firewalls, SIEM, EDR, WAF, etc.

• Understanding of blockchain technology, crypto exchanges, and Web3 ecosystems.
• Prior threat intelligence experience specific to blockchain/Web3, including monitoring crypto-focused threat actors and attack vectors.

Join the Coins Team Now

Meaningful Collaborations - The successful candidate will work cross-functionally with other relevant teams to carry out implementations that will improve and create an impact on customer experience.

Scalable Growth - Be part of a fast-growing organization with the vision to expand its territories outside APAC which will provide opportunities for career advancement.

A Space For Bright Ideas - Let your bright ideas be converted into meaningful changes Coins culture welcomes new ideas backed up by data to create an impact.

The role of the candidate is to be a part of GIS Cybersecurity team to function as a Senior Manager in the Cyber Threat Intelligence Team.

The role requires to proactively investigate security events to identify artifacts of a cyber-attack detect advanced threats that evade traditional security solutions, threat actor-based investigations, creating new detection methodology, support incident investigations and monitoring functions. Threat hunting includes using both manual and machine-assisted capabilities, that aims to find the Tactics, Techniques and Procedures (TTPs) of advanced adversaries.

The candidate must have a curious investigative mindset, experienced in information security, and the ability to communicate complex ideas to varied stakeholders.

Roles and Responsibilities:

• Develop, document, and maintain cyber threat hunting framework
• Hunt and identify for threat actor groups, techniques, tools and procedures (TTPs)
• Perform threat hunting through analysis of anomalous log data to detect and mitigate cyber threat activities
• Actively develop threat hunting hypothesis, translating hunt activities into an iterative process, and automating the process of hunting for cyber threats.
• Review alerts generated by security monitoring tools and provide recommendation to enhance alerts for more efficient monitoring.
• Provide forensic analysis of network packet captures, DNS, proxies, malware, host-based security, and application logs, as well as logs from various data sources
• Provide expert investigative support during large scale and complex security incidents
• Analysis of security incidents to enhance security monitoring and alert catalogue
• Investigate and validate suspicious events by using open-source and proprietary intelligence sources.
• Document and communicate findings to an array of audiences which includes both technical and executive teams.
• Continuously improving processes and use cases on security monitoring tools
• Keep up to date with information security news, adversary techniques and threat landscape
• Support day-to-day operations, ensuring efficient delivery of Cyber Threat Intel services.
• Candidate may be asked to be involved in additional supporting role for strategical work and security related projects.

Minimum Job Requirements:

• Must have a minimum 6-8 years of experience in a technical security role in one of the following areas: Cyber Threat Intelligence, Cyber Threat Hunting, Cyber Incident Response, Malware Analysis, Purple Teaming
• Acquired relevant certifications: GCTI, CCIP, CIA
• Experience with researching and incorporating Cyber Threat Intelligence findings into threat hunting workflow
• Knowledge and experience working with MITRE ATTACK framework, Cyber Kill Chain Model or Diamond Model
• Proficiency in using threat intelligence platforms and OSINT tools.
• Knowledge of malware and threat actor's behavior, and how common protocol and applications work at network level.
• Experience with incident response process, including detecting advanced adversaries, log analysis and malware triage
• Good understanding in network protocols and system vulnerabilities.
• Knowledge and experience in developing detection signatures (YARA, SNORT)
• Highly capable in producing Threat Advisories and Intelligence Reports for Senior Management in a timely manner.

JOIN US NOW Be part of the Industry's certified GREAT PLACE TO WORK for and enjoy these comprehensive benefit package upon hire and upon regularization;

HMO with free 4 dependents (upon hire for Principal and upon regularization for the eligible dependents)

15 days VL and 15 days SL (Pro-rated for mid-year hire)

Guaranteed 14th-month pay

Annual Targeted Incentive (Performance Bonus)

Group Life Insurance

Protection benefits and a lot more w/c will be discussed during the job offer stage

#EmpowerYourCareer #EqualOpportunities

Why Join Us?

Check Point Infinity External Risk Management, otherwise known as Cyberint, continuously reduces external cyber risk by managing and mitigating an array of external cyber security threats with one unified solution.

We are looking for a
Cyber Threat Intelligence Analyst
to be an integral part of our Intelligence teams, combining both cutting-edge technology and advanced threat intelligence analysis methodologies to deliver high-impact briefings to our customers

Key Responsibilities

• Learning the customer needs and PIRs, configuring their tailored environments in the ERM intelligence platform and supporting the customers with tuning/training throughout engagement
• Monitoring and analyzing threats targeting customers, or issues in their digital exposure, in order to produce actionable intelligence alerts and reports.
• Investigating intelligence sources, threat actors, attack tools and techniques
• Identifying and developing ERM data sources to collect the most relevant intelligence (darknet, forums, social media, marketplaces, etc.) as well as creating and maintaining avatars on these.
• Developing the proprietary intelligence platform by surfacing new modules, capabilities and features
• Joining meetings with prospects and clients to present deliverables.
• Drive cooperation & feedback loops with other ERM teams

Qualifications

• 3-5 years experience with intelligence analysis processes (army included), including Open-Source Intelligence (OSINT) and Web Intelligence (WEBINT) gathering, link analysis, and threat actor profiling
• Inherent passion for Infosec and service excellence, understanding of cybersecurity
• Investigative and analytical problem-solving skills
• Knowledge of analytical tools, including excel
• Fluent English
• Infosec certifications an advantage
• Customer facing background an advantage

Join the Pioneer Crypto Brand in the Philippines
Coins is the most established crypto brand in The Philippines and has gained the trust of more than 18 million users. Through the easy-to-use mobile app, users can buy and sell a variety of different cryptocurrencies and access a wide range of financial services.

Coins is fully regulated by the Bangko Sentral ng Pilipinas (BSP) and is the first ever crypto-based company in Asia to hold both Virtual Currency and Electronic Money Issuer licenses from a central bank.

We are seeking a skilled and motivated
Cyber
Threat Intelligence Analyst to strengthen our Security Operations team.

In this role, you will play a critical part in identifying, analyzing, and mitigating emerging cyber threats targeting the crypto and blockchain ecosystem.

The ideal candidate will combine technical expertise with strong analytical skills to transform intelligence data into actionable insights, directly enhancing the security posture of our exchange platform.

Responsibilities:

• Continuously monitor and assess emerging cyber threats, vulnerabilities, and exploitation techniques that may impact company systems and services
• Conduct research on adversary tactics, techniques, and procedures (TTPs) to improve threat detection and strengthen defense strategies
• Develop automation and data enrichment scripts (Python/Golang preferred) to process threat intelligence feeds and indicators
• Collaborate with security engineers, incident responders, and other stakeholders to integrate intelligence into detection and response workflows
• Build and maintain intelligence use cases, reports, and dashboards; provide clear and concise threat briefings to technical and executive audiences
• Perform investigations into potential threats leveraging open-source, proprietary, and deep/dark web intelligence sources
• Analyze and track crypto-related threats, including phishing campaigns targeting exchange users, wallet-based attacks, and fraud-related activities

Qualifications:

• At least 3 years of hands-on experience in cyber threat intelligence, security analysis, or related fields
• Strong understanding of incident response processes, APT activity, insider threats, and related attack scenarios
• Proven experience with threat intelligence platforms and producing actionable threat reports
• Solid knowledge of networking fundamentals (TCP/IP, OSI layers), malware behavior, and the global threat landscape (e.g., nation-state actors, cybercrime groups)
• Familiarity with security technologies such as IDS/IPS, firewalls, SIEM, EDR, WAF, etc

Plus Points:

• Understanding of blockchain technology, crypto exchanges, and Web3 ecosystems
• Prior threat intelligence experience specific to blockchain/Web3, including monitoring crypto-focused threat actors and attack vectors

Join the Coins Team Now
Meaningful Collaborations - The successful candidate will work cross-functionally with other relevant teams to carry out implementations that will improve and create an impact on customer experience.

Scalable Growth - Be part of a fast-growing organization with the vision to expand its territories outside APAC which will provide opportunities for career advancement.

A Space For Bright Ideas - Let your bright ideas be converted into meaningful changes Coins culture welcomes new ideas backed up by data to create an impact.

Lexmark is now a proud part of Xerox, bringing together two trusted names and decades of expertise into a bold and shared vision.

When you join us, you step into a technology ecosystem where your ideas, skills, and ambition can shape what comes next. Whether you're just starting out or leading at the highest levels, this is a place to grow, stretch, and make real impact—across industries, countries, and careers.

From engineering and product to digital services and customer experience, you'll help connect data, devices, and people in smarter, faster ways. This is meaningful, connected work—on a global stage, with the backing of a company built for the future, and a robust benefits package designed to support your growth, well-being, and life beyond work.

JOB SUMMARY:

We are seeking a highly analytical and proactive Cyber Threat Intelligence Analyst (CTI Analyst) to join our cybersecurity team. This role is critical in helping the organization stay ahead of cyber threats by gathering, analyzing, and translating threat data into actionable intelligence. The ideal candidate will have a deep understanding of adversary tactics, techniques, and procedures (TTPs), and will be skilled at turning complex data into clear insights that inform security strategy and operations.

KEY ROLES AND RESPONSIBILITIES:

• Monitor and Analyze Threat Landscape: Track emerging threats, malware campaigns, and threat actor activity across various sectors and geographies.
• Gather Intelligence: Collect data from open-source intelligence (OSINT), dark web forums, internal telemetry, and commercial threat feeds.
• Threat Attribution: Analyze and correlate data to identify threat actors and understand their motivations, infrastructure, and attack patterns.
• Produce Intelligence Reports: Create strategic, tactical, operational, and technical threat intelligence reports tailored to different stakeholders.
• Collaborate Across Teams: Work closely with SOC, incident response, and vulnerability management teams to integrate threat intelligence into detection and response workflows.
• Identify IOCs and Vulnerabilities: Document indicators of compromise (IOCs) and emerging vulnerabilities to support proactive defense.
• Maintain Intelligence Tools: Configure and manage threat intelligence platforms and automation tools to streamline analysis and reporting.
• Track APTs and Cybercriminal Groups: Monitor the activities of Advanced Persistent Threats (APTs) and cybercriminal organizations relevant to the business.

COMPETENCIES, SKILLS, KNOWLEDGE AND ABILITIES:

• Strong understanding of cyber threat intelligence concepts and frameworks (e.g., MITRE ATT&CK, Diamond Model).
• Experience with threat intelligence platforms (TIPs), SIEMs, and malware analysis tools.
• Excellent written and verbal communication skills, especially in translating technical data for non-technical audiences.
• Ability to work independently and collaboratively in a fast-paced environment.
• Must be highly motivated with the ability to self-start, prioritize, multi-task and work in a team setting with global peers.
• Possess a good technical understanding, takes initiative to remain up to date with cyber security skills, and fosters an attitude of continual learning/adapting.
• Knowledge of threat intelligence platform capabilities for operationalizing and delivering actionable intelligence to key groups and stakeholders to manage remediation.
• Strong communication skills, including clear verbal and written communication, collaboration, technical presentations, adaptability, and interpersonal skills.

EXPERIENCE, EDUCATION AND CERTIFICATION BASIC REQUIREMENTS:

• Bachelor's Degree (Cybersecurity, Computer Science, Information Systems, or related field)
• Professional Certifications: Preferred
• Certified Threat Intelligence Analyst (C|TIA) – EC-Council
• GIAC Cyber Threat Intelligence (GCTI) – GIAC
• Certified Information Security Manager (CISM) – ISACA
• Certified Ethical Hacker (CEH) – EC-Council

Job Types: Full-time, Permanent

Benefits:

• Company events
• Employee discount
• Flexible schedule
• Flextime
• Free parking
• Health insurance
• Life insurance
• On-site parking
• Opportunities for promotion
• Work from home

Work Location: In person