Cyber Security Analyst - Philippines

COMPANY OVERVIEW

Our client is a cybersecurity company built to help organizations reduce exploitable risk--fast, measurably, and defensibly. They combine a disciplined operating model for risk reduction with a platform-led approach that turns exposures and detections into prioritized remediation plans, validated outcomes, and executive-ready reporting.

Their methodology centers on Exposure-Driven Security Operations, wherein they identify what is truly exploitable, drive decisions on what matters most, and orchestrate the work required to reduce risk quarter over quarter. Our client operationalizes this through a repeatable cadence--weekly, monthly, quarterly, and annual--using EOS-style execution rhythms to ensure risk reduction is not a one-time project, but an ongoing program.

Our client's services are delivered as Managed Preemptive Detection & Response (MPDR) and structured risk reduction programs that connect security operations to the business outcomes leaders care about. Outcome is fewer critical exposures, faster decision cycles, and clear accountability. They partner directly with customer IT and security teams to plan remediation, guide execution without being the change implementer, and validate results so every quarter shows tangible progress, not noise.

They operate as a distributed company with teams in the United States, Mexico, and the Philippines, enabling always-on delivery and scalable operations. Their reporting and governance model is designed for executive stakeholders supporting CIO and CISO decision-making, and producing board-, lender-, and investor-grade narratives tied to measurable reduction in exposure and risk.

POSITION SUMMARY

They are seeking an enthusiastic and motivated individual to provide Managed Cyber Security Services to their valued customers. As a key member of the Optimization Engineering & Analytics team, you will be part of an integral group that is dedicated to protecting system resources from cyber-attacks and other online threats that could have devastating consequences for millions of end users.

Successful candidates will demonstrate foundational Network Security and System Administration with an advanced understanding across Endpoint Protection, Threat and Vulnerability Management, Security Automation, and Security Analysis.

KEY RESPONSIBILITIES

• Provide client-facing support of their 24x7 managed security services, including adherence and development of processes and operational frameworks.
• Ability to work assigned shift, covering alternate shifts as needed.
• Analyze, escalate, and assist in the remediation of critical information security incidents.
• Assist with the integration, deployment, on-boarding and management of endpoint defense and attack surface managed customers.
• Perform real-time alert monitoring and analyze security event data from network and endpoint environments, peer analysts, customer platforms, and other data sources.
• Provide Incident Response (IR) support and assist customers remediation guidance.
• Review procedures relating to Cyber threat intelligence, monitoring, incident response, attack surface reduction, and design automated actions to accelerate the triage, validation, eradication, and remediation of security incidents.
• Leverage expertise in leading security operations tools and industry standard scripting languages to effectively write playbooks in security orchestration, automation, and response.
• Collaborate with team members to create, maintain, and manage a library of automated playbooks for common information security threats and customize these plans for client specific environments.
• Actively identify areas of improvement within the processes of the Security Operations Center and Cyber Incident Response with the goal of decreasing response times, increasing effectiveness, eliminating waste, and streamlining security operations.
• Integrate new security platform functionality with existing systems and automated processes as threats and controls evolve.
• Create well documented and clearly articulated code/ scripts, process, and service documentation.
• Perform health checks and optimization activities on client security technologies or systems.
• Determine information security risk and facilitate remediation actions of identified vulnerabilities and security risk across the enterprise.
• Other, as needed.

MINIMUM QUALIFICATIONS

• 4+ years of IT experience.
• 3+ years of Cyber Security experience.
• Advanced operating systems experience, in 2 or more of the following: Microsoft, MacOS, Linux.
• General network security and troubleshooting knowledge.
• Foundational scripting knowledge preferred in any of the following: PowerShell, Python, Bash.
• In-depth knowledge of TCP/IP, UDP, DNS, FTP, SSH, SSL/TLS, and HTTP Protocols, network analysis, and network/security applications.
• Good knowledge of common malware threats and attack methodologies.
• Passionate about emerging threats and security tools/technologies.
• Malware and Threat analysis.
• Incident Management.
• Able to work under general to minimal supervision.

PREFERRED QUALIFICATIONS

• 3+ years of experience with endpoint security tools (Trellix ePO, Trellix ENS, Trellix EDR, Trellix HX, CrowdStrike, Microsoft Defender, Microsoft ATP, SentinelOne).
• 3+ years managing security endpoints.
• 3+ years of experience with SIEM management and tuning in one or more of the following: LogScale formerly Humio, Splunk, Trellix Helix, Trellix ESM, Azure Sentinel, Elastic SIEM, Chronical, or Devo.
• Experience with Windows patch management tools (Automox, SCCM, SolarWinds, GFI Languard, etc.) a plus.
• Experience creating detection rules in a one ore more SIEM technologies
• Certifications a plus: CEH, CRISC, CISA, CGEIT, CISSP, CIPP, GMON, GHIA, GCIH.
• Bachelor’s Degree (Math, CS, and Engineering), preferred.
• Excellent knowledge of security methodologies, processes (i.e., Cyber Kill Chain/Diamond Models, and the MITRE ATT&CK framework).