- Develop Indicator Enhancement/Enrichment Playbook for the Threat Intelligence Platform (TIP).
- Collect and ingest data from various sources to the TIP.
- Develop systems integration between multiple Threat Intelligence Source APIs and the TIP to ingest indicators of compromise.
- Develop threat intelligence data dashboards, based on various tagging, and indicator types along with their threat severity and confidence levels.
- Develop and maintained API connections with various security stack solutions.
- Understand and maintain API that enables the system integration between Apache Nifi and the indicators database (mirror of the Threat Intelligence Platform Database). This API handles requests to build IOC feeds based on indicator types, indicator attributes or tags, and indicators severity, and handles the enrichment of indicators.
- Develop and maintain threat intelligence system to gather IOC data from multiple external threat
- Collect, review, and analyze internal, open source, and dark web datasets to integrate with TIP and other security monitoring solutions.
- Apply knowledge of current cyber threats and the associated tactics, techniques, and procedures used to infiltrate computer networks.
- Understand and maintain VPN infrastructure.
- Understand and maintain email servers used to deliver notifications and automated projects.
- Provide accurate and priority-driven analysis on cyber activity/threats and present complex operational/technical topics to senior managers and stakeholders.
- Establish and maintain excellent working relationships/partnerships with the cyber security and infrastructure support teams throughout the organization, as well as different business segments.
- Ability to develop processes, scripts, and code in a quick manner to support current operations and to improve automation processes.
- Ability to work in a fast-paced environment with minimal supervision.
- Create and evaluate trend/correlation analysis for scenario forecasting at both the tactical and operational levels.
- Develop and refine cyber-threat intelligence collection and analysis processes.
- Generate presentations that illustrate research through visualizations, charts, graphs, infographics, and evidence capture for senior leadership.
- Provide input for developing objectives, key results, and program metrics.
- Exhibit strong critical thinking and problem-solving skills with sound judgment.
- Maintain or develop professional contacts in the various communities to support operations.
- Support the Critical Incident Response Center (CIRC)/SOC with intelligence collection, and/or dissemination as it relates to ongoing investigations.
- Excellent English verbal and written communications skills.
- Firm understanding and implementation of Software Development Life Cycle (SDLC) processes and executions.
- Firm understanding of programming languages: Python, Perl. PHP, Java, .net, and C.
- Good understanding of JQuery/Javascript web client applications.
- Firm understanding of database infrastructure development and management (PosgreSQL, MySQL, etc.) and NOSQL (MongoDB, DocumentDB, Elasticsearch, etc.) databases.
- Firm understanding of STIX/TAXII formats and integration with security stack.
- Firm understanding of Apache Nifi and Kafka.
- 8+ years of cybersecurity, threat intelligence, or network security experience; experience can include one or more of the following cyber-security functions: Cyber Threat Intelligence, Threat Hunting, System Administration, Intrusion Detection/Prevention, Monitoring, Incident Response, Digital Forensics, Vulnerability Management.
-
Firm understanding of network security concepts, including threat and risk analysis, security event/incident monitoring, asset and risk management, and intrusion detection and prevention sensors.
- Experienced configuring both Windows and Linux networks.
-
Prior experience as a technical cyber threat intelligence (or related) subject matter expert that has worked across organizational boundaries to analyze cyber threats to their organization's infrastructure and services.
-
A strong understanding of the cyber security principles, methodologies and best practices including knowledge of common threats, attack vectors, zero-days and exploitation techniques.
- A strong understanding of the Threat Intelligence terminology, the threat intelligence life cycle (cyber threat intel collection, data processing, analysis and findings reporting).
-
IT security engineer
5 araw ang nakalipas
ING Makati, Pilipinas Buong orasYour role and work environment · The purpose of CoE IT Security is ensuring ING will be amongst the safest banks and will be seen as a leader in (IT) security. We assist WB Tech Globally in being successful in IT Risk and IT Security. Overall, we ensure that IT Risk and IT Securi ...
-
IT Security Engineer
2 linggo ang nakalipas
ING Makati, Pilipinas Buong orasTogether with the people in your squad, you are responsible for implementing IT Security capabilities and delivering security & risk awareness throughout WB Tech. · ...
-
Security Engineer
5 araw ang nakalipas
Globe Group Taguig, Philippines, Pilipinas Buong orasAt Globe, our goal is to create a wonderful world for our people, business, and nation. By uniting people of passion who believe they can make a difference, we are confident that we can achieve this goal. · Job Description · Responsible for security technology that supports the e ...
-
IT Security Engineer
1 linggo ang nakalipas
PGBPGNGLOBAL Taguig City, Pilipinas Buong orasJob Location · Taguig CityJob Description · Responsible for the design, development and maintenance of the solutions. Entails R&D, engineering, integration and support, and requires experience in developing standards, best practices, reference architectures, and enterprise grade ...
-
Senior Information Security Engineer
1 linggo ang nakalipas
Robert Walters Makati, Pilipinas Buong orasKey skills: Information Security, Cloud Security, Engineer, Public Cloud, DevSecOps, Threat Modelling · An exciting Information Secuirty Engineer role has just become available at a leading international bank in the Philippines. · Our client is seeking a highly motivated and exp ...
-
Security Engineer
3 araw ang nakalipas
Manpower Core Group Inc. Manila, Pilipinas Buong orasApply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats.QualificationExperience in Security Response and M ...
-
Network Security Engineer
5 araw ang nakalipas
Willis Towers Watson Taguig, Manila, Pilipinas Buong orasThe Role · The purpose of the role is to maximise the operational performance of WTW services and maintain a strong secure posture. The role is accountable for the support of complex issues, controlling policy & compliance and supporting change activities. This role ensures the t ...
-
Information Security Engineer
5 araw ang nakalipas
MICHAEL PAGE INTERNATIONAL RECRUITMENT (PHILIPPINES) INC. Taguig, Philippines, Pilipinas Buong orasCompetitive salaries & benefits · Be part of a growing global team · About Our Client · The client is a multinational bank offering leading financial services to customers. · Job Description · Define local software security policy in alignment with global policy and standards · P ...
-
Cyber Security Engineer
5 araw ang nakalipas
ING Business Shared Services B.V. Taguig, Philippines, Pilipinas Buong orasWe are looking for you if: · You have operational familiarity with at least one system from following families: Windows, Windows Server, Linux, Cisco iOS, Oracle, SQL, · You are interested in IT Security field, · You have analytical thinking skills and you're highly responsibl ...
-
Cyber Security Engineer
5 araw ang nakalipas
Cobden and Carter International Inc Metro Manila / NCR, Pilipinas Buong orasWork set-up: Hybrid - 3x onsite, 2x WFH · BGC Taguig · Qualifications: Professional certifications such as CISSP, CISM, or CISA are highly desirable · Proven experience (> 5 years) in technology security roles, with a focus on DLP, UAM, and PAM. · In-depth knowledge of securi ...
-
Cloud Security Engineer
2 linggo ang nakalipas
Cambridge University Press & Assessment | Manila Manila, Pilipinas Buong orasDiscover a world of endless possibilities with Cambridge University Press & Assessment, a distinguished global academic publisher and assessment organisation proudly affiliated with the prestigious University of Cambridge. · We are looking for a Cloud Security Engineer to join ou ...
-
Security Incident Response Engineer
5 araw ang nakalipas
Baker McKenzie Taguig, Philippines, Pilipinas Buong orasThe Security Incident Response Engineer will provide technical expertise in serving the firm's incident response, processes, and activities. The Incident response engineer will work to identify, analyze, and respond to potential threats to the firm. · Responsibilities: · Provide ...
-
Devops Engineer-Security
5 araw ang nakalipas
Asia Peopleworks Inc Metro Manila / NCR, Pilipinas Buong orasAbout the jobAssess and implement DevSecOps process in the organization. · Define and map digital architecture processes for designing large scale DevSecOps pipelines. · Review cloud deployment architectures and implement required security controls. · Design, implement and coo ...
-
IT & Cyber Security Engineer
5 araw ang nakalipas
Anthesis Philippines Inc Metro Manila / NCR, Pilipinas Buong orasJob Description · Anthesis' core infrastructure is cloud-only and primarily Microsoft-focused (365 & AAD), with some other best-of-breed integrated Cloud platforms. Anthesis is expanding rapidly and IT support for more regions is being brought in-house and support and Security f ...
-
Web and Email Security Engineer
11 oras ang nakalipas
Hawodtechsolutions Taguig, Pilipinas Buong orasJob Description: · Qualifications:3-5yrs (mid level) · Technical Skills: Management of any web proxy tool (either of the following: Forcepoint, Bluecoat, Palo Alto) · Management of any email security tool (either of the following: Cisco, Symantec, Microsoft) · Understanding of c ...
-
engineer, cyber security ii
5 araw ang nakalipas
Qualfon Philippines, Inc. Philippines, Manila, Pilipinas Buong orasJob Summary · The Cyber Security Engineer is an individual contributor role supporting the global program to actively identify and remediate network, system and application vulnerabilities across Qualfon infrastructure. This role is responsible across all the global Qualfon asset ...
-
Senior Security Operations Engineer
1 linggo ang nakalipas
Cambridge University Press & Assessment | Manila Manila, PilipinasDiscover a world of endlesspossibilities with Cambridge University Press & Assessment, a distinguished global academic publisher and assessment organisation proudly affiliated with the prestigious University of Cambridge. · We are looking for a Security Operations Engineer to joi ...
-
engineer, cyber security ii
5 araw ang nakalipas
Qualfon Manila, PilipinasJob Summary · GENERAL DESCRIPTION: · The Cyber Security Engineer is an individual contributor role supporting the global program to actively identify and remediate network, system and application vulnerabilities across Qualfon infrastructure. This role is responsible across all t ...
-
SAP Security and Compliance Engineer
5 araw ang nakalipas
Adventus Philippines, Manila, Pilipinas Buong orasAdventus is an Information and Communications Technology (ICT) Solutions and Services Provider with a wide footprint across the globe. · We help organizations bring about positive transformation to their businesses by leveraging intelligent applications of innovative solutions an ...
-
SAP Security and Compliance Engineer
5 araw ang nakalipas
Adventus Philippines, Manila, Pilipinas Buong orasAdventus is an Information and Communications Technology (ICT) Solutions and Services Provider with a wide footprint across the globe. · We help organizations bring about positive transformation to their businesses by leveraging intelligent applications of innovative solutions an ...
GSO Lead Security Engineer - Makati City Metro Manila, Pilipinas - ADP
Paglalarawan
Lead Security EngineerGlobal Cybersecurity Services (GCS)
Global Security Organization
MISSION
At ADP we are driven by your success. We engage your unique talents and perspectives. We welcome your ideas on how to do things differently and better. In your efforts to achieve, learn and grow, we support you all the way. If success motivates you, you belong at ADP.
Technology at ADP. It's the foundation of the products and services that have made us a world-wide leader in workforce solutions. With us, you can combine technical skills and business acumen, to effectively consult as well as solve technical challenges. You have the opportunity to train on leading-edge technologies that continually redefine what's possible in our industry.
The Threat Intelligence Team within ADP's Global Security Organization (GSO) is responsible for Collection, Correlation, Automation and Reporting of various Cyber Threat and Fraud Data.
In this role, the Lead Security Engineer will be responsible for the design, development, enhancement, and maintenance of the Threat Intelligence Program's Platform Operations, Automation, and Integrations.
The Lead Security Engineer will demonstrate the ability to perform in a fast-paced team, technical expertise, and leadership in threat intelligence, application development, brand protection, and data analysis.
You will work alongside infrastructure security engineers, threat intelligence analysts, threat hunters, and the security operations team to help improve our current automation processes and future integrations.
You will work with various intelligence collection, reporting tools, and frameworks to automate the processes, develop playbooks, and/or integrate processes with other platforms.
You will review documentations, develop plans, catalog and document processes, communicate with stakeholders and application support teams, follow up on requests, and improve processes.
To thrive in this position, you'll need to be an expert in application development, API integration, automation processes, understand the Threat Intelligence Lifecycle, and know how threat intelligence products and services work.
You'll also need experience working with structured and unstructured data and are great at maintaining situation awareness.You know how to work with the Security Operations team to create the most value and identify gaps in available intelligence information and engage with leadership on strategies to meet intelligence requirements through Intelligence collection processes.
ROLES AND RESPONSIBILITIES
Firm understanding and implementation of Software Development Life Cycle (SDLC) processes and executions.
Firm understanding of programming languages:
Python, Perl. PHP, Java, .net, and C.Good understanding of JQuery/Javascript web client applications.
Firm understanding of database infrastructure development and management (PosgreSQL, MySQL, etc.) and NOSQL (MongoDB, DocumentDB, Elasticsearch, etc.) databases.
Firm understanding of STIX/TAXII formats and integration with security stack.
Firm understanding of Apache Nifi and Kafka.8+ years of cybersecurity, threat intelligence, or network security experience; experience can include one or more of the following cyber-security functions: Cyber Threat Intelligence, Threat Hunting, System Administration, Intrusion Detection/Prevention, Monitoring, Incident Response, Digital Forensics, Vulnerability Management.
Firm understanding of network security concepts, including threat and risk analysis, security event/incident monitoring, asset and risk management, and intrusion detection and prevention sensors.
Experienced configuring both Windows and Linux networks.Prior experience as a technical cyber threat intelligence (or related) subject matter expert that has worked across organizational boundaries to analyze cyber threats to their organization's infrastructure and services.
A strong understanding of the cyber security principles, methodologies and best practices including knowledge of common threats, attack vectors, zero-days and exploitation techniques.
A strong understanding of the Threat Intelligence terminology, the threat intelligence life cycle (cyber threat intel collection, data processing, analysis and findings reporting).Familiar with Threat Intelligence tools, platforms, and technologies e.
g:
Threat Intelligence Platforms, SIEM, WAF, Etc.
Experience writing code in any programming language (Python Prog Language knowledge desirable) for tasks automation and data manipulation.
Knowledge about network protocols, log analysis and simple data structures (JSON, YAML, CSV, XML, Parquet, etc.) and data transformation across theses popular data structures using programming languages.
Proficiency developing and orchestrating automations threat intelligence life cycle writing code that can handle collection, data analysis and interpretation from various sources to identify potential threats and assess relevance to the organization.
EDUCATION:
A Bachelor of Science in Computer Science degree is a plus, but not required. What's more important is having the skills and experience to do the job.
Holds certifications such as CLA, PCAP, CMDBA, Azure or AWS Developer Associate, OCAJP or similar training and certification.
OTHER COMPETENCIESKnowledge of advanced cyber threats, threat vectors, and attacker methodology to include tools, tactics, and procedures and how they tie into the Cyber Kill Chain or ATT&CK framework.
Experience in threat detection and analysis solutions.Knowledge of cloud services, infrastructure, and operations.
Experience with premium threat intelligence tooling and/or open-source intelligence techniques.
Experience with TIP automation development, collection, maintenance, and integrations.
Experience with disseminating information in accordance with TLP classification and handling protocols to the sector through the appropriate mechanisms.
Organizational and self-directing skills ability to initiate, coordinate and prioritize responsibilities and follow through on tasks to completionExperience with developing tools to enhance cyber-threat intelligence capabilities.
Security operations experience in the financial industry.SnowflakeMongoDBRedis (Data Caching System)Any AMQS (Advanced Message Queuing System) e.
g:
Apache Kafka, RabbitMQ, etc.
About
ADP:
We power organizations with insightful solutions that drive business success.
Consistently named one of the "Most Admired Companies" by FORTUNE Magazine, and recognized by Forbes as one of "The World's Most Innovative Companies," ADP has over a half-million clients around the globe and 70+ years of experience as a world-wide leader of business outsourcing solutions.
ADP is an Equal Opportunity Employer. ADP believes that diversity leads to strength.BASIC REQUIREMENTS/TECHNICAL SKILLS REQUIRED
Diversity, Equity, Inclusion & Equal Employment Opportunity at
ADP:
ADP is committed to an inclusive, diverse and equitable workplace, and is further committed to providing equal employment opportunities regardless of any protected characteristic includin
g:
race, color, genetic information, creed, national origin, religion, sex, affectional or sexual orientation, gender identity or expression, lawful alien status, ancestry, age, marital status, protected veteran status or disability.
Hiring decisions are based upon ADP's operating needs, and applicant merit including, but not limited to, qualifications, experience, ability, availability, cooperation, and job performance.
Ethics at
ADP:
ADP has a long, proud history of conducting business with the highest ethical standards and full compliance with all applicable laws. We also expect our people to uphold our values with the highest level of integrity and behave in a manner that fosters an honest and respectful workplace. Click to learn more about ADP's culture and our full set of values.