Incident Response Engineer With Forensic Expertise

Incident Response Engineer With Forensic Expertise

To provide detection, containment, and analysis of security events to protect the confidentiality, integrity, and availability of information systems per the firm's business objectives, regulatory requirements, and strategic goals.

Must Haves:

• At least 4–5 years of relevant experience with a strong background in Forensics.
• Experience providing Level 2–3 Incident Response (IR) support, handling complex cases.
• Experience handling the end-to-end Incident Response (IR) lifecycle — including preparation, identification, containment, eradication/remediation, recovery, and lessons learned/follow-up
• Experience in endpoint detection and response (EDR) tools—such as CrowdStrike, Microsoft Defender, or SentinelOne
• Experience in analyzing logs from firewalls or proxies—such as Palo Alto, Fortinet, Zscaler, or Squid
• Permanent and Direct hire
• Shifting (APAC: 6am to 3pm, EMEA: 2pm to 11pm, WHEM: 10pm to 7am (next day) Sunday to Thursday, or Monday to Friday. Shift changes every 2 months
• 8 times RTO per month. Must be amenable to render overtime, work on weekends and/or PH holidays if needed
• BGC, Taguig office

This advertiser has chosen not to accept applicants from your region.

Department

IT Service Management and Governance

Job posted on: Sep 22, 2025

Employment type: Officer

Position Accountability Statement:

To help with the incident management process in providing resolution and restoring our company's provided IT operations swiftly. Also, to log and to categorize recurring incidents to improve incident management protocols.

Broad Responsibility Highlights:

• Assist in overseeing the incident management process and team members involved in resolving the incident.
• Responding to a reported service incident, identifying the cause, and initiating the incident management process.
• Prioritizing incidents according to their urgency and influence on the business.
• Producing documents that outline incident protocols such as how to handle cybersecurity threats or how to correct server failures.
• Collaborating with the incident management team to ensure that all protocols are diligently followed.
• Logging all incidents and their resolution to see if there are recurring malfunctions.
• Adjusting the incident management process as required to ensure its effectiveness.
• Keep users, management, and key stakeholders regularly informed about the status of the incidents, resolution timelines, and any service impacts.
• Communicating with upper management if major issues are found in the IT system.
• Ensures that incident resolution complies with agreed SLAs, and taking action if incidents are not resolved in a timely manner.
• Regularly conduct post-incident reviews to analyze the causes of incidents and producing reports on incident trends and performance.

Professional Qualification:

• Bachelor's degree in information technology, engineering, or a related field.
• At least one (1) year experience working in IT service management, or a similar role.
• Strong knowledge of IT service management software including ITIL and COBIT.
• Experience working with IT systems and software such as ServiceNow, ManagedEngine ServiceDeskPlus, and other IT ticketing systems
• Solid knowledge on Pivot Tables or PowerBI
• Ability to collaborate with team members.
• Ability to analyze a high volume of technical data and work in a fast-paced environment.
• Strong problem solving, analytical, and time management skills.

This advertiser has chosen not to accept applicants from your region.

Job Description

Position Accountability Statement and responsibilities are as listed above. Broad responsibility highlights are also listed above. Desired Skills and Competencies include Driving Execution, Seasoned Judgment through data analytics, insighting and decision-making, Driving Stakeholder Success, Innovation and Risk-Taking, Influencing and Negotiating.

Incident Management Analyst (Open for Fresh)

Makati, National Capital Region Worldpay

Posted today

What you will be doing

• Manages computing environment to protect production systems critical to business success
• Act as focal point for incident review and escalation if necessary
• Support a computer operations environment that meets all service level agreements, availability, response time parameters, etc. and availability targets
• Works across a wide array of product lines and engages various levels of management on a day to day basis
• Use ITIL framework, as the Incident Management process is a key input into the established Change and Problem processes
• Develop, coordinate and promote incident management activities across enterprise and takes responsibility for effective functioning of Incident Management processes across all support areas
• Engagement following onset of a production incident
• Provide immediate tactical response and coordination minimizing duration of service interruptions
• Consult with other teams on proper integration and correlation of the incident management process and their respective areas
• Provide regular incident bulletins to teams concerning open or ongoing incidents
• Ensure effective and rapid response to major incidents
• Review and recommend changes to support processes to ensure continuous improvement of the incident management process
• Other related duties as needed

What you bring: Fresh graduate; BS Information Technology or Information Systems; Good communications; Highly trainable; Flexibility; Attention to detail; Willing to travel and work onsite in Makati.

This advertiser has chosen not to accept applicants from your region.

Security Operations Center

Posted today

Job Description

• 1 and ½ - above years of experience in SOC
• Hands-on experience on SIEM, EDR, and ESA-Email Security Appliance
• Foundational knowledge in Network Security, Endpoint security, Mail Security, MITRE ATT&CK framework, Adversary TTPs, and Vulnerabilities

Job Type: Permanent

• Health insurance
• Life insurance
• On-site parking
• Transportation service provided

Application Question(s):

• 1 and ½ - above years of experience in SOC
• Hands-on experience on SIEM, EDR, and ESA - Email Security Appliance
• Solid foundation on security concepts such as Network Security, Endpoint security, Mail Security, MITRE ATT&CK framework, Adversary TTPs, and Vulnerabilities.

This advertiser has chosen not to accept applicants from your region.

Security Operations – CyberArk

Security Operations Technician – CyberArk & SIEM

Key Responsibilities

• Operate, maintain and optimise CyberArk and SIEM platforms
• Investigate and resolve incidents and service requests related to privileged access and security monitoring tools
• Collaborate with the Security team to implement changes based on security requirements
• Perform routine health checks, audits, and compliance activities
• Documentation, SOPs, knowledge base
• Identify opportunities to automate repetitive tasks
• Participate in on-call rotations

Required Skills and Experience

• Hands-on experience with CyberArk: configuration, troubleshooting, maintenance
• Experience with SIEM tools such as LogRhythm, Splunk, QRadar
• IAM and security operations knowledge
• ITIL incident and change management experience
• Automation scripting (PowerShell, Python) a plus
• Strong analytical and troubleshooting skills
• Fluent English

Soft Skills

• Detail-oriented; security best practices
• Proactive and solution-oriented
• Multi-tasking and prioritization
• Team player; good communication
• Eagerness to learn in international environment

This advertiser has chosen not to accept applicants from your region.

Security Operations Center

Qualifications

• 1 and ½ - above years of experience in SOC
• Hands-on tools experience: SIEM, EDR, and Email Security Appliance
• Security concepts foundation: Network, Endpoint, Mail Security; MITRE ATT&CK; Adversary TTPs; Vulnerabilities

Job Type: Permanent

Experience

• SOC: 1 year required
• SIEM: 1 year preferred
• Network security: 1 year required
• Endpoint security: 1 year required
• Mail security: 1 year preferred

This advertiser has chosen not to accept applicants from your region.

Security Operations Center – Mandaluyong

Location: Mandaluyong, National Capital Region

Salary: ₱ - ₱

Qualifications

• Bachelor's degree in IT, Computer Science, or related field
• At least 2 years of SOC or cybersecurity operations experience
• Proficient in SIEM, IDS/IPS, and incident handling workflows
• Certifications such as Security+, CEH preferred

Job Descriptions

• Monitor and analyze security events; initial triage and escalation
• Support incident response and threat intelligence
• Prepare reports and maintain documentation

This advertiser has chosen not to accept applicants from your region.

Security Operations Assistant

Posted 1 day ago

Job Description

The Administrative Assistant will provide essential support to office operations, ensuring smooth day-to-day activities and assisting both internal staff and external clients.

• Regular Duties: Monitor inventory, contracts, transmittals; answer calls; data entry; handle petty cash; process payments; arrange meetings; filing; licenses and permits; onsite work
• Occasional Duties: Secretarial support to training institute; assist trainings
• Qualifications: Bachelor’s in Office Administration or related; 1 year experience; valid driving license; willing to travel and work onsite in Makati

This advertiser has chosen not to accept applicants from your region.

Originating text included region-notice and counts (numbers) have been preserved where relevant for context but not as active content. EEO statements and generic regional notices remain as provided by the source.

#J-18808-Ljbffr

---