Threat Hunter Principal

3 weeks ago


Metro Manila Philippines Buscojobs Full time

Threat Hunter Principal jobs in Mandaluyong

Posted today

Job Description

The Incident Response Analyst will provide detection, containment, and analysis of security events to protect the confidentiality, integrity, and availability of information systems in accordance with the firm's business objectives, regulatory requirements, and strategic goals.

Responsibilities

  • Provide Tier 2 incident response services to the global organization on behalf of the Information Security Team
  • Receive, process, and resolve tickets per defined SLA's
  • Analyze information garnered from monitoring systems, operational incidents, and other sources to determine the scope and impact of potential security incidents, and process accordingly
  • Critically assess current practices and provide feedback to management on improvement opportunities
  • Assist with the design and implementation of threat detection and prevention solutions identified as necessary for the protection of Firm assets
  • Effectively utilize common IR toolsets, platforms, and processes, such as SIEM, log management, packet capture, and breach detection systems
  • Assist with forensic examinations and chain-of-custody procedures as directed by the Security Incident Response Engineers
  • Provide input into standards and procedures
  • Report compliance failures to management for immediate remediation
  • Maintain assigned systems to ensure availability, reliability, and integrity, including the oversight of current and projected capacity, performance, and licensing
  • Provide status reports and relevant metrics to the Security Operations Manager
  • Contribute to the Firm's security-related information repositories and other marketing/awareness endeavors
  • Participate in special projects as needed

Skills and Experience

Education

  • Possess a Computer Science Bachelor's Degree or substantial equivalent experience

Special Requirements, Licenses, and Certifications (desirable but not required):

  • GSEC, GCIH, GCFE, GREM
  • CISSP or SSCP

Experience

  • Some professional experience in information security with a focus on incident response and forensics
  • Foundational knowledge of IR concepts and best practices, including forensics and chain-of-custody
  • Experience with common IR tools such as SIEM, log management, IDS, breach detection systems (APT/BDS/EDR), and packet capture.
  • Broad understanding of TCP/IP, DNS, common network services, and other foundational topics
  • Working knowledge of malware detection, analysis, and evasion techniques
  • Able to conduct static and dynamic analysis of malware to extract indicators of compromise, profile malware behavior, and provide recommendations for mitigating and detecting malware; Able to analyze suspicious websites, script-based and malware code
  • Experience with vulnerability management tools such as Qualys, Nessus, or other vulnerability scanning discovery tools
  • Broad familiarity with the threat landscape and the ability to adapt practices to evolving circumstances
  • Identify, analyze, and report threats within the enterprise by using information collected from a variety of sources (IDS/IPS, SIEM, AV), to protect data and networks. Implement techniques to hunt for known and unknown threats based on available threat intelligence reports and knowledge of the attacker's TTPs
  • Able to gather and analyze facts, draw conclusions, define problems, and suggest solutions
  • Maintain critical thinking and composure under pressure
  • Strong written and oral communication skills. Ability to convey complex concepts to non-technical constituents. Proficiency in oral and written English
  • Capable of assisting with the preparation of internal training materials and documentation
  • Able to be productive and maintain focus without direct supervision
  • Passionate in the practice and pursuit of IR excellence
  • Can exhibit a disciplined and rigorous approach to incident handling
  • Willing to accommodate shift-based work for a global organization
  • Provide exemplary customer service by striving for first-call resolution and demonstrating empathy, respect, professionalism, and expertise
  • Experience with digital forensics on host or network and identification of anomalous behavior on the network or endpoint devices. Familiar with host and network-based forensic tools such as EnCase, FTK, Sleuth Kit, X Ways, etc.

Posted today

Job Description

We are looking for a skilled Incident Response Specialist to lead the investigation and resolution of high-priority and escalated security incidents. In this role, you will work closely with internal teams to improve the bank's cybersecurity defenses and ensure timely response to threats.

We are looking for a skilled Incident Response Specialist to lead the investigation and resolution of high-priority and escalated security incidents. In this role, you will work closely with internal teams to improve the bank's cybersecurity defenses and ensure timely response to threats.

What You'll Do

Incident Handling & Investigation

  • Lead investigations of complex or escalated security incidents.
  • Perform deep-dive forensic analysis, including root cause and post-incident reviews.
  • Act as an escalation point for other analysts during critical security events.
  • Analyze incidents to assess impact, risk, and potential data compromise.

Threat Containment & Response

  • Lead threat containment, eradication, and recovery efforts.
  • Identify malware behavior, compromised systems, and data infiltration attempts.
  • Provide guidance to teams on remediation and recovery strategies.
  • Communicate response plans clearly to asset owners and other stakeholders.

Threat Intelligence & Analysis

  • Use threat intelligence to assess scope and impact of attacks.
  • Analyze network traffic, malware, and suspicious behaviors to support investigations.
  • Support Threat Hunting and SOC Tool teams with new detection methods.

Documentation & Playbooks

  • Document incidents thoroughly from detection to resolution.
  • Develop, update, and test incident response procedures and playbooks.
  • Participate in simulations and response drills to ensure readiness.

Collaboration & Support

  • Work with Infrastructure & Operations teams to resolve incidents.
  • Collaborate with the SOC Manager and Incident Response Lead to improve processes.
  • Review system metrics and monitoring data to identify trends and anomalies.

Tool Management & Continuous Improvement

  • Evaluate, recommend, and troubleshoot security tools and technologies.
  • Contribute to improving SOC policies, procedures, and overall maturity.
  • Stay informed about new threats, vulnerabilities, and compliance requirements.

Additional Responsibilities

  • Perform other tasks as assigned by the CTMD Head.
What We're Looking For
  • Education: Bachelor's degree in Computer Science, Cybersecurity, or a related field.
  • Experience: Proven experience in incident response, malware analysis, and threat detection.
  • Technical Skills:

  • Strong understanding of network, system, and application security.

  • Hands-on experience with SOC tools, threat intelligence platforms, and forensic tools.
  • Soft Skills:

  • Clear communication with both technical and non-technical stakeholders.

  • Strong analytical, problem-solving, and decision-making abilities.
  • Ability to perform under pressure and manage escalated incidents.
  • Knowledge: Familiarity with regulatory requirements and cybersecurity frameworks (e.g., ISO, NIST, etc.).
#J-18808-Ljbffr

  • , Metro Manila, Philippines Buscojobs Full time

    Posted today Job Description Threat Hunter Principal Up To 80k Joining Bonus Location: Mandaluyong, National Capital Region Role summary and responsibilities vary across postings within this description. The core responsibilities typically include leading incident response, threat hunting, forensic analysis, and collaboration with security teams to detect,...


  • , Metro Manila, Philippines Buscojobs Full time

    Threat Intelligence Principal Posted 1 day ago Job Description As the AVP for Internal Audit and Regulatory Response, you will help sustain the operational requirements of the Security and Architecture Group (SAG) - MNL Governance, Risk and Compliance, including the Audit and Controls Assurance function. Currently, these responsibilities are being handled...


  • , Metro Manila, Philippines Buscojobs Full time

    Breach Readiness Principal jobs in Mandaluyong Mandaluyung, National Capital Region Accenture Posted today Job Description Responsibilities :The role of Breach Readiness - Principal is to conduct full evaluation of the organization's current security posture and its ability to detect and respond to potential threats or security incidents. Additional...


  • , Metro Manila, Philippines Buscojobs Full time

    Principal Security Compliance Analyst jobs in ... Posted today Job Description Responsibilities: Actively monitor, detect, and respond to security alerts and incidents per defined SLA. Incidents are acknowledged and responded to within the agreed response SLO. Perform alert triage and analysis including asset and custodian identification, reputational...


  • , Metro Manila, Philippines Nezda Global Full time

    Learner | Tech Talent Hunter | Relationship Builder | Team Coach | Innovator About the Role You’ll be part of Aurecon’s core security engineering team — implementing Azure and hybrid cloud solutions, strengthening identity and access management, and automating infrastructure in line with global security standards. This is a highly technical role that...

  • Account Manager

    6 days ago


    , , Philippines Cloudstaff Full time

    Account Manager – Cybersecurity Sales – Philippines Responsibilities Identify and engage potential clients across enterprise and government sectors. Conduct in-depth research on client needs, industry trends, and cybersecurity challenges specific to the Philippines. Build and maintain a strong market presence through strategic outreach and...


  • Philippines Trustwave Full time ₱900,000 - ₱1,200,000 per year

    About TrustwaveTrustwave is a leading cybersecurity and managed security services provider focused on threat detection and response. We uncover threats that others can't and respond quicker than others can to protect against the devastating impacts of cyberattacks. We're a world-class team of cyber consultants, threat hunters and researchers serving clients...

  • Security Consultant

    5 days ago


    Philippines Trustwave Full time ₱1,200,000 - ₱3,600,000 per year

    About TrustwaveTrustwave is a leading cybersecurity and managed security services provider focused on threat detection and response. We uncover threats that others can't and respond quicker than others can to protect against the devastating impacts of cyberattacks. We're a world-class team of cyber consultants, threat hunters and researchers serving clients...

  • It Security Manager

    3 weeks ago


    , Metro Manila, Philippines Buscojobs Full time

    Mandaluyong, National Capital Region ₱ - ₱ Y InfoPro Business Solutions, Inc. Posted 1 day ago Security Operations Manager Mandaluyong, National Capital Region ₱ - ₱ Y InfoPro Business Solutions, Inc. Job Description Overseeing the Managed Cybersecurity Services ensuring risks exposure are on manageable level. Key Responsibilities: Manage threat...

  • Security Engineer

    5 days ago


    Manila, National Capital Region, Philippines Trustwave, A LevelBlue Company Full time $40,000 - $80,000 per year

    About TrustwaveTrustwave is a leading cybersecurity and managed security services provider focused on threat detection and response. We uncover threats that others can't and respond quicker than others can to protect against the devastating impacts of cyberattacks. We're a world-class team of cyber consultants, threat hunters and researchers serving clients...