
Vulnerability Analyst
22 hours ago
Overview
Vulnerability Analysts aid in the identification, assessment, and communication of new and emergent threats in the cybersecurity landscape, specifically vulnerability intelligence and detections. As a Vulnerability Analyst, you will be expected to familiarize yourself with high-impact and critical vulnerabilities, proofs-of-concept, and reports of in-the-wild exploitation, producing and reviewing intelligence summaries accessible to Client's customers.
Specific Duties and Responsibilities- Vulnerability Lead Identification and Analysis: You will be tasked with the prompt identification, analysis, and comprehensive assessment of emerging cybersecurity threats, specifically recently disclosed or exploited vulnerabilities.
- Subject Matter: Your technical prowess will be crucial in ensuring our preparedness for potential risks and understanding the implications of prompt and thorough analysis of high-impact vulnerabilities.
- Key Detail Identification: During research, identify and take note of infection chains, host and network IoCs, malware samples, threat actors, exposed vulnerable instances, publicly available proofs-of-concept, and MITRE ATT&CK tactics and techniques
- Author Insikt Notes: Write TTP Instances detailing identified vulnerability leads. TTP Instances include a combination of information from open-source reporting and your own analysis (i.e. code review). Each TTP Instance should comprehensively address the nature of the threat, its potential impact, suggested mitigation strategies, and a succinct summary for quick referencing.
- Cadence and Quality: Write at least 2 TTP Instance notes daily with minimal grammatical or syntax errors. Plagiarism is not acceptable.
- Detection Engineering: Design and develop Nuclei templates for vulnerability scanning, ensuring these templates are tailored to detect new and emerging vulnerabilities efficiently. Cadence: Create at least 1 Nuclei template per month with assistance from our Senior Vulnerability Analyst. Delivery: Nuclei templates will be delivered alongside a TTP Instance.
- Information Security: Adhere to and implement quality and information security policies and carry out its processes and procedures accordingly.
- Protect client-supplied and generated-for-client information from unauthorized access, disclosure, modification, destruction, or interference.
- Carry out tasks as assigned and aligned with particular processes or activities related to information security.
- Report any potential or committed non-conformity, observation and/or security event or risks to your immediate superior.
- Strong written communication in English
- Demonstrable experience writing reports on technical subject matter (e.g. vulnerability exploits, malware infection chains, offensive security tools) in a clear, concise, and logical format
- Disciplined time management
- Self-starting, self-motivated, and thrive in a collaborative environment
- Ability to receive and apply constructive feedback from peers and leadership
- B.S. equivalent in computer science, information systems, or cyber intelligence
- 1 - 2 years of minimum professional experience in cybersecurity, with a focus on threat detection, penetration testing, or vulnerability assessment.
- A solid grasp of fundamental cybersecurity principles, attack trajectories, and techniques for vulnerability analysis.
- Demonstrable experience researching and analyzing new cyber threats.
- Practical experience using common threat intelligence analysis models such as MITRE ATT&CK, D3FEND, the Diamond Model, and the Cyber Kill Chain.
- Familiarity with and use of common cyber threat intelligence tools such as DomainTools, VirusTotal, Shodan, etc.
- Demonstrable experience in technical writing, showcasing an ability to translate complex technical concepts into engaging, reader-friendly content.
- Demonstrably strong writing ability, to be assessed via a writing sample
- A meticulous attention to detail, underscoring a commitment to accuracy and thoroughness in all aspects of work.
- Capable of functioning effectively within a team as well as independently.
- Experience creating Nuclei templates.
- Practical experience with network and web application penetration testing tools, such as Burp Suite, Nmap, Fiddler, ZAP, Metasploit, and Wireshark.
- Familiarity with scripting and programming languages such as YAML, Python, Golang, JavaScript, C, etc.
- Prior experience within a quick reaction or incident response team environment.
- Familiarity with malware detections, including YARA, Sigma, and Snort.
-
Vulnerability Analyst
18 hours ago
, Metro Manila, Philippines Buscojobs Full timeVulnerability Analyst Location: MOA, Pasay Work Setup: Hybrid (1–2x a month RTO) Schedule: Mid Shift (Login between 4–5 PM) Job Description Vulnerability Analysts aid in the identification, assessment, and communication of new and emergent threats in the cybersecurity landscape, specifically vulnerability intelligence and detections. You will be expected...
-
Threat and Vulnerability Management Analyst
4 weeks ago
Manila, National Capital Region, Philippines Apex Fintech Solutions LLC Full timeApex enables modern investing and wealth management tools through an ecosystem offrictionless platforms, APIs, and services.Threat and Vulnerability Management AnalystApex Fintech Solutions (AFS) powers innovation and the future of digital wealth management by processing millions of transactions daily, to simplify, automate, and facilitate access to...
-
Threat and Vulnerability Management Analyst
2 weeks ago
Manila, Philippines Apex Fintech Solutions LLC Full timeApex enables modern investing and wealth management tools through an ecosystem offrictionless platforms, APIs, and services. Threat and Vulnerability Management Analyst Apex Fintech Solutions (AFS) powers innovation and the future of digital wealth management by processing millions of transactions daily, to simplify, automate, and facilitate access to...
-
Threat and Vulnerability Management Analyst
21 hours ago
Manila, Philippines Peak6 Investments LLC Full timeWHO WE ARE Apex Fintech Solutions (AFS) powers innovation and the future of digital wealth management by processing millions of transactions daily, to simplify, automate, and facilitate access to financial markets for all. Our robust suite of fintech solutions enables us to support clients such as Stash, Betterment, SoFi, and Webull, and more than 20 million...
-
Jr. Cyber Threat Analyst
20 hours ago
Southern Manila District, Philippines HRTX Full timeYou will be reporting on technical subject matter such as malware developments, offensive security tools, vulnerability exploits, cloud security, and mobile security. Cyber Threat Analysts are expected to familiarize themselves with these topics continuously, identifying threat leads from a variety of sources. Cyber Threat Analysts are also expected to...
-
Vulnerability Analyst
2 weeks ago
Bonifacio Global, Metro Manila, Philippines Philtech Full time ₱900,000 - ₱1,200,000 per yearKey Responsibilities:Develop and publish policy and procedural guidance on patch management and vulnerability remediationEnsure all Infrastructure (OS, Database, Middleware, Network) & Application Owners are made aware of this patch management policy and procedures.Review vulnerabilities. Identify the appropriate classification and prioritization of the...
-
Threat and Vulnerability Management Analyst
4 days ago
Manila, National Capital Region, Philippines Apex Fintech Solutions Full time ₱900,000 - ₱1,200,000 per yearWho We AreApex Fintech Solutions (AFS) powers innovation and the future of digital wealth management by processing millions of transactions daily, to simplify, automate, and facilitate access to financial markets for all. Our robust suite of fintech solutions enables us to support clients such as Stash, Betterment, SoFi, and Webull, and more than 20 million...
-
Threat and Vulnerability Management Analyst
2 weeks ago
, Metro Manila, Philippines Apex Fintech Solutions Full timeThreat and Vulnerability Management Analyst Join to apply for the Threat and Vulnerability Management Analyst role at Apex Fintech Solutions Threat and Vulnerability Management Analyst 1 day ago Be among the first 25 applicants Join to apply for the Threat and Vulnerability Management Analyst role at Apex Fintech Solutions Who We AreApex Fintech...
-
Threat Intelligence Analyst
22 hours ago
Southern Manila District, Philippines HRTX Full timeOverview As a Threat Intelligence Analyst, you will research and analyze emerging cyber threats, produce concise analyst notes, and communicate findings to both technical and non-technical audiences. You will use open-source intelligence (OSINT) and internal tools such as the Recorded Future Intelligence Cloud to inform clients and internal stakeholders of...
-
Vulnerability Management Senior Manager
4 days ago
Manila, National Capital Region, Philippines GCash Full time ₱2,000,000 - ₱2,500,000 per yearDo you want to take the first step in making Filipinos' lives better everyday? Here in GCash we want to stay at the forefront of the FinTech industry by creating innovative, meaningful, and convenient financial solutions for the nation G ka ba? Join the G Nation todayWho You'll Be Working WithIf you have a strong background in IT, computer science, or...