IT Analyst (Cyber Security)

Work Setup and Location: On-Site, Arayat st., Mandaluyong, Metro Manila

Work Schedule: Morning or Mid-Shift, Monday-Friday (8-hour shift only)

Experience Level: 3-5 years

No. of employees required: 1

About the Role:

We are seeking a skilled IT Analyst (Cyber Security) to join our security team. This role will focus on protecting the organization's IT infrastructure, applications, and data from cyber threats and ensuring compliance with security best practices. You will be responsible for identifying vulnerabilities, monitoring security events, and responding to incidents while helping to implement a strong security posture across the organization.

Key Responsibilities:

Security Monitoring and Threat Detection

• Continuously monitor networks, systems, and applications for signs of security threats and vulnerabilities.
• Analyze security logs and data to detect abnormal patterns or potential intrusions.
• Utilize security tools (e.g., SIEM, intrusion detection systems) to identify, investigate, and respond to incidents.

Incident Response and Remediation

• Lead or support incident response efforts to mitigate and resolve security breaches or attacks.
• Investigate security incidents, document findings, and implement corrective actions.
• Provide recommendations on improving security controls to prevent future incidents.

Vulnerability Assessment and Risk Management

• Conduct regular vulnerability assessments, penetration testing, and security audits.
• Collaborate with IT and development teams to address vulnerabilities and security risks.
• Assist in risk assessments and help prioritize security measures based on threat landscape and business needs.

Security Policy and Compliance

• Assist in developing, implementing, and enforcing security policies, standards, and procedures.
• Ensure compliance with regulatory requirements and industry best practices (e.g., GDPR, ISO 27001).
• Support internal and external security audits and assessments.

Security Awareness and Training

• Conduct security awareness training for employees to promote safe computing practices.
• Communicate security risks and best practices to stakeholders at all levels.

Collaboration and Reporting

• Work with cross-functional teams to integrate security measures into IT systems and workflows.
• Generate regular reports on security incidents, vulnerabilities, and the effectiveness of implemented security measures.

Requirements

Qualifications and Skills:

• Education: Bachelor’s degree in Information Security, Computer Science, Information Technology, or a related field.
• Experience:
• 3-5 years of experience in cybersecurity, IT security, or a similar role.
• Hands-on experience with security tools, systems, and technologies (e.g., firewalls, SIEM, endpoint protection).
• Technical Skills:
• In-depth knowledge of security frameworks (e.g., NIST, CIS, ISO 27001).
• Experience with network security, encryption, identity and access management, and threat intelligence.
• Familiarity with cybersecurity tools such as Splunk, Wireshark, Nessus, or Qualys.
• Soft Skills:
• Strong analytical, problem-solving, and critical-thinking abilities.
• Excellent communication skills, with the ability to explain complex security concepts to non-technical audiences.
• Attention to detail and a proactive approach to identifying security risks.
• Certifications (preferred):
• Certified Information Systems Security Professional (CISSP).
• Certified Ethical Hacker (CEH).
• CompTIA Security+ or equivalent cybersecurity certifications.