Cyber Security Analyst (Hybrid)

We at the Lennor Group are urgently looking for a Cyber Security Analyst

About Lennor Group

As a proud Filipino company, we are committed to providing world-class business and workforce solutions. Our deep market expertise, combined with a global perspective, empowers us to serve businesses of all sizes and industries efficiently.

Our brand, Lennor Metier, is a leading recruitment agency and headhunting firm in the Philippines, partnering with reputable companies to source top talent for direct-hire opportunities. It specializes in IT, Finance, Engineering, Sales & Marketing, Supply Chain, HR, and Executive Search.

Salary Range: ₱70,000 - ₱85,000

Work Setup: Hybrid

Shift Schedule: Day Shift

Job Commitment: Contractual / Project Based

Location: Makati City

Job Overview

The Cyber Security Analyst is responsible for safeguarding the organization’s digital assets by identifying and mitigating potential security risks, monitoring network activity for unusual behavior, and responding to incidents. This role requires a strong understanding of security best practices, hands-on experience with various security tools, and the ability to respond quickly and effectively to emerging threats. A key focus of this role is on the effective management and optimization of the Security Information and Event Management (SIEM) system, ensuring it provides actionable intelligence for rapid threat response. This role will require strong analytical skills, good collaboration skills, detailed working knowledge of current and emerging security technologies, and the ability to correlate events to identify abnormal behavior.

Your Responsibilities

• Responsible to ensure accurate and rapid response to security events.
• Analyze security logs, SIEM alerts, and incident reports to identify and mitigate risks.
• Respond to and investigate security incidents, including breaches, malware outbreaks, and phishing attacks. Monitor networks and systems for security breaches, alerts, and anomalous activity.
• Conduct root-cause analysis to prevent future incidents and develop incident response procedures.
• Provide analysis and trending of security log data from various security devices
• Configure and maintain SIEM tools to align with the organization’s security objectives and threat landscape.
• Create custom SIEM dashboards and reports for different stakeholders to visualize critical security metrics and incident data.
• Develop and optimize SIEM content, including rules, alerts, and correlation logic, to improve threat detection and response.
• Regularly review and tune SIEM rules to reduce false positives, enhance event correlation, and maintain relevance to evolving threats.
• Document and update SIEM processes and configurations, ensuring a high level of data accuracy and availability.
• Perform regular vulnerability scans and assist in patch management processes. Work with IT teams to prioritize and remediate them.
• Recommend solutions to mitigate risks in any activity that may potentially impact security of existing IT and information management
• Ensure compliance with industry regulations (e.g. GDPR, ISO 27001) and company policies.
• Assist in the development, implementation, and maintenance of security policies, standards, and guidelines.
• Assist in training staff on security best practices, including phishing awareness and data protection.
• Help develop educational materials and conduct periodic security awareness training
• Advise and consult internal/ external customers on risk assessment, threat modelling and vulnerability management
• Perform risk assessments and recommend security measures to mitigate potential risks.
• Document risks, vulnerabilities, and remediation strategies in a detailed risk management report.
• Maintain up-to-date knowledge of the IT security industry, including awareness of new or revised security solutions, improved security processes and development of new attacks and threat vectors.
• Manage and optimize security tools, such as firewalls, antivirus software, and intrusion detection/prevention systems (IDPS).
• Perform 1st level troubleshooting on servers and network issues with regards to log collection/ security tools.
• Generate reports on security metrics, incidents, and remediation efforts for management.
• Maintain accurate documentation of incidents, security changes, and system configurations.
• Any other ad-hoc duties as required or assigned.
  
  

What Our Client Is Looking For

• Bachelor’s Degree or Advanced Diploma in Computer Science, Information Technology, Cybersecurity from a recognized university or related field (or equivalent experience)
• At least 1-3 years in a cybersecurity role, with hands-on experience in SIEM content management, network security, threat monitoring, or incident response.
• With strong knowledge of cybersecurity principles, practices, and technologies.
• With expertise in SIEM tools and content management, including rule creation, alert tuning, and report customization.
• Proficiency with security tools like firewalls, IDPS, antivirus, and vulnerability scanners.
• With knowledge of scripting (Python, PowerShell) for automation within the SIEM environment is a plus.
• Has the ability to analyze and interpret security data to identify vulnerabilities and potential threats.
• With excellent communication skills, with the ability to explain complex security concepts to non-technical stakeholders.
• With strong analytical skills and attention to detail.
• Has the ability to work on-call or off-hours as needed to respond to security incidents.
• May require occasional travel for training or workshop.
• With experience in the application of threat modelling or other risk identification techniques.
• With detailed knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits
• With knowledge in information security space with emphasis on TCP/IP network security, operating system security, common attack patterns and exploitation techniques
• Relevant certifications (e.g., CompTIA Security+, Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), GIAC Security Essentials (GSEC)) are a plus
• Must have effective leadership skills and a team player.
• With a strong sense of ownership and drive
  
  

Ready to take the next step in your career? Submit your application now!

• We kindly request your patience as we receive a significant number of applications. Rest assured that our team will update your application's status soon. In the meantime, we encourage you to follow our LinkedIn page to stay informed about future opportunities and company updates.

We at the Lennor Group are urgently looking for a Cyber Security Analyst

About Lennor Group

As a proud Filipino company, we are committed to providing world-class business and workforce solutions. Our deep market expertise, combined with a global perspective, empowers us to serve businesses of all sizes and industries efficiently.

Our brand, Lennor Metier, is a leading recruitment agency and headhunting firm in the Philippines, partnering with reputable companies to source top talent for direct-hire opportunities. It specializes in IT, Finance, Engineering, Sales & Marketing, Supply Chain, HR, and Executive Search.

Salary Range: ₱70,000 - ₱85,000

Work Setup: Hybrid

Shift Schedule: Day Shift

Job Commitment: Contractual / Project Based

Location: Makati City

Job Overview

The Cyber Security Analyst is responsible for safeguarding the organization’s digital assets by identifying and mitigating potential security risks, monitoring network activity for unusual behavior, and responding to incidents. This role requires a strong understanding of security best practices, hands-on experience with various security tools, and the ability to respond quickly and effectively to emerging threats. A key focus of this role is on the effective management and optimization of the Security Information and Event Management (SIEM) system, ensuring it provides actionable intelligence for rapid threat response. This role will require strong analytical skills, good collaboration skills, detailed working knowledge of current and emerging security technologies, and the ability to correlate events to identify abnormal behavior.

Your Responsibilities

• Responsible to ensure accurate and rapid response to security events.
• Analyze security logs, SIEM alerts, and incident reports to identify and mitigate risks.
• Respond to and investigate security incidents, including breaches, malware outbreaks, and phishing attacks. Monitor networks and systems for security breaches, alerts, and anomalous activity.
• Conduct root-cause analysis to prevent future incidents and develop incident response procedures.
• Provide analysis and trending of security log data from various security devices
• Configure and maintain SIEM tools to align with the organization’s security objectives and threat landscape.
• Create custom SIEM dashboards and reports for different stakeholders to visualize critical security metrics and incident data.
• Develop and optimize SIEM content, including rules, alerts, and correlation logic, to improve threat detection and response.
• Regularly review and tune SIEM rules to reduce false positives, enhance event correlation, and maintain relevance to evolving threats.
• Document and update SIEM processes and configurations, ensuring a high level of data accuracy and availability.
• Perform regular vulnerability scans and assist in patch management processes. Work with IT teams to prioritize and remediate them.
• Recommend solutions to mitigate risks in any activity that may potentially impact security of existing IT and information management
• Ensure compliance with industry regulations (e.g. GDPR, ISO 27001) and company policies.
• Assist in the development, implementation, and maintenance of security policies, standards, and guidelines.
• Assist in training staff on security best practices, including phishing awareness and data protection.
• Help develop educational materials and conduct periodic security awareness training
• Advise and consult internal/ external customers on risk assessment, threat modelling and vulnerability management
• Perform risk assessments and recommend security measures to mitigate potential risks.
• Document risks, vulnerabilities, and remediation strategies in a detailed risk management report.
• Maintain up-to-date knowledge of the IT security industry, including awareness of new or revised security solutions, improved security processes and development of new attacks and threat vectors.
• Manage and optimize security tools, such as firewalls, antivirus software, and intrusion detection/prevention systems (IDPS).
• Perform 1st level troubleshooting on servers and network issues with regards to log collection/ security tools.
• Generate reports on security metrics, incidents, and remediation efforts for management.
• Maintain accurate documentation of incidents, security changes, and system configurations.
• Any other ad-hoc duties as required or assigned.
  
  

What Our Client Is Looking For

• Bachelor’s Degree or Advanced Diploma in Computer Science, Information Technology, Cybersecurity from a recognized university or related field (or equivalent experience)
• At least 1-3 years in a cybersecurity role, with hands-on experience in SIEM content management, network security, threat monitoring, or incident response.
• With strong knowledge of cybersecurity principles, practices, and technologies.
• With expertise in SIEM tools and content management, including rule creation, alert tuning, and report customization.
• Proficiency with security tools like firewalls, IDPS, antivirus, and vulnerability scanners.
• With knowledge of scripting (Python, PowerShell) for automation within the SIEM environment is a plus.
• Has the ability to analyze and interpret security data to identify vulnerabilities and potential threats.
• With excellent communication skills, with the ability to explain complex security concepts to non-technical stakeholders.
• With strong analytical skills and attention to detail.
• Has the ability to work on-call or off-hours as needed to respond to security incidents.
• May require occasional travel for training or workshop.
• With experience in the application of threat modelling or other risk identification techniques.
• With detailed knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits
• With knowledge in information security space with emphasis on TCP/IP network security, operating system security, common attack patterns and exploitation techniques
• Relevant certifications (e.g., CompTIA Security+, Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), GIAC Security Essentials (GSEC)) are a plus
• Must have effective leadership skills and a team player.
• With a strong sense of ownership and drive
  
  

Ready to take the next step in your career? Submit your application now!

• We kindly request your patience as we receive a significant number of applications. Rest assured that our team will update your application's status soon. In the meantime, we encourage you to follow our LinkedIn page to stay informed about future opportunities and company updates.