Talent.com
Junior Vulnerability Analyst
Junior Vulnerability AnalystInfinit-O • Pasay, 00, ph
Junior Vulnerability Analyst

Junior Vulnerability Analyst

Infinit-O • Pasay, 00, ph
9 days ago
Job type
  • Quick Apply
Job description

Job Description

Infinit-O is the trusted, customer-centric, and sustainable leader in Business Process Optimization. We empower finance and healthcare organizations to thrive in a digital-first world by combining specialized industry expertise and innovative technology for 20 years.

We navigate complex industry landscapes to drive transformative outcomes, helping businesses streamline operations, enhance customer experience, and achieve sustainable growth backed by a world-class Net Promoter Score of 75. Our approach combines operational efficiency with a human-centered ethos, ensuring sustainable value creation for our clients and team members.

As a Certified B Corporation, Infinit-O is committed to the highest standards of social and environmental performance, accountability, and transparency. We embed these values into every aspect of our operations—aligning business success with a positive impact on our clients, people, and communities.

Our commitment to Diversity, Equity, and Inclusion (DEI) is integral to our mission. We believe that building inclusive, equitable teams is not only the right thing to do—it is also essential for driving innovation and better business outcomes. We actively promote equal opportunity through inclusive hiring practices, continuous learning programs, and regular equity assessments to ensure a fair and empowering workplace for all.

Role Background

Junior Vulnerability Analysts, under the close mentorship of their senior peers and leadership teams, aid in identifying, assessing, and communicating new and emerging threats in the cybersecurity landscape, specifically as they pertain to vulnerability intelligence. As a Junior Vulnerability Analyst, you will be expected to familiarize yourself with high-impact and critical vulnerabilities, proofs-of-concept, and reports of in-the-wild exploitation, producing and reviewing intelligence summaries accessible to the client's customers.

Specific Duties and Responsibilities

  • Vulnerability Lead Identification and Analysis : You will be tasked with the prompt identification, analysis, and comprehensive assessment of emerging cybersecurity threats, specifically recently disclosed or exploited vulnerabilities.

○ Subject Matter : Your ability to stay informed on breaking cybersecurity news, advisories, and exploitation activity will be crucial in ensuring we provide prompt coverage and thorough analysis of high-impact

vulnerabilities.

○ Key Detail Identification : During research, identify and take note of the root cause of a vulnerability, exploitation chains, post-exploitation activity (including any host and network IoCs, and malware samples), threat actors, exposed vulnerable instances, publicly available proofs-of-concept, and MITRE ATT&CK tactics and techniques

  • Author Insikt Notes : Write TTP Instances detailing identified vulnerability leads. TTP Instances include a combination of information from open-source reporting and your own analysis (i.e. code review). Each TTP Instance should comprehensively address the nature of the threat, its potential impact, suggested mitigation strategies, and a succinct summary for quick referencing. ○ Cadence : Write up to 2 TTP Instance notes daily

    • ○ Quality : Authored TTP Instances should include minimal grammatical or syntax errors. Plagiarism is not acceptable.

  • Detection Engineering : Design and develop Nuclei templates for vulnerability scanning, ensuring these templates are tailored to detect new and emerging vulnerabilities efficiently.

    • ○ Cadence : Create at least 1 Nuclei template per month with assistance from our Senior Vulnerability Analyst

    ○ Delivery : Nuclei templates will be delivered alongside a TTP Instance. ○ Junior Analysts : For Junior Analysts, detection engineering training will be provided as you mature within your role on the team. Experience deploying or writing Nuclei templates is not required for this role.

  • Information Security : Adhere to and implement Infinit-O's quality and information security policies and carry out its processes and procedures accordingly. ○ Protect client-supplied and generated-for-client information from unauthorized access, disclosure, modification, destruction, or interference (see also Table of Offenses)

    • ○ Carry out tasks as assigned and aligned with particular processes or activities related to information security.

    ○ Report any potential or committed non-conformity, observation and / or security event or risks to your immediate superior.

    Requirements

    Required Skills

  • Strong written communication in English
  • Demonstrable experience writing reports on technical subject matter (e.g. vulnerability exploits, malware infection chains, offensive security tools) in a clear, concise, and logical format
  • Disciplined time management
  • Self-starting, self-motivated, and thrive in a collaborative environment
  • Accountability combined with the ability to receive and apply constructive feedback from peers and leadership

    • Minimum Qualifications

  • B.S. equivalent in computer science, information systems, or cyber intelligence
  • At least 6 months of minimum professional experience in cybersecurity, threat intelligence, or information technology
  • Genuine interest in reading about cybersecurity topics and technical subject matter, such as vulnerability analysis, exploitation, and proofs-of-concept
  • Demonstrable experience researching and analyzing new cyber threats
  • Demonstrable experience in technical writing, showcasing an ability to translate complex technical concepts into engaging, reader-friendly content. Your capability will be assessed via a writing sample.
  • A meticulous attention to detail, underscoring a commitment to accuracy and thoroughness in all aspects of work.
  • Capable of functioning effectively within a team as well as independently. Preferred Qualifications, But Not Required
  • Practical experience using common threat intelligence analysis models such as MITRE ATT&CK, D3FEND, the Diamond Model, and the Cyber Kill Chain.
  • Familiarity with and use of common cyber threat intelligence tools such as DomainTools, VirusTotal, Shodan, etc.
  • Practical experience with network and web application penetration testing tools, such as Burp Suite, Nmap, ZAP, Metasploit, and Wireshark.
  • Familiarity with scripting and programming languages such as YAML, Python, Golang, JavaScript, etc.
  • Prior experience within vulnerability management or vulnerability remediation.
  • Experience creating Nuclei templates.

    • Requirements

    Required Skills

  • Strong written communication in English
  • Demonstrable experience writing reports on technical subject matter (e.g. vulnerability exploits, malware infection chains, offensive security tools) in a clear, concise, and logical format
  • Disciplined time management
  • Self-starting, self-motivated, and thrive in a collaborative environment
  • Accountability combined with the ability to receive and apply constructive feedback from peers and leadership Minimum Qualifications
  • B.S. equivalent in computer science, information systems, or cyber intelligence
  • At least 6 months of minimum professional experience in cybersecurity, threat intelligence, or information technology
  • Genuine interest in reading about cybersecurity topics and technical subject matter, such as vulnerability analysis, exploitation, and proofs-of-concept
  • Demonstrable experience researching and analyzing new cyber threats
  • Demonstrable experience in technical writing, showcasing an ability to translate complex technical concepts into engaging, reader-friendly content. Your capability will be assessed via a writing sample.
  • A meticulous attention to detail, underscoring a commitment to accuracy and thoroughness in all aspects of work.
  • Capable of functioning effectively within a team as well as independently.
    • Create a job alert for this search

    Analyst • Pasay, 00, ph

    Related jobs
    Dynamics 365 F&O Analyst Programmer (Relocate to Malta / Big 4)

    Dynamics 365 F&O Analyst Programmer (Relocate to Malta / Big 4)

    Black Pen Recruitment • Manila, Philippines
    Our client’s Microsoft Business Solutions team is a Microsoft Gold Partner and leader in Microsoft software implementations for medium to large organisations, providing their clients with the abili...Show more
    Last updated: 30+ days ago • Promoted
    Junior QA Analyst

    Junior QA Analyst

    Vertere Global Solutions Inc • Taguig, National Capital Region, PH
    We are hiring IT FRESH GRADUATES! QA Automation Requirements : Graduate of a 4-year BS IT or IT related courses or BS Math, BS Finance, BS Accounting Willing to work onsite in BGC, Taguig City Wi...Show more
    Last updated: 30+ days ago • Promoted
    GPS Analyst (Bulacan Based)

    GPS Analyst (Bulacan Based)

    Presam Construction & General Services Inc. • Guiguinto Bulacan, Bulacan, Philippines
    Presam Group of Companies is a 100% family owned corporation with subsidiaries in the fields of Petro-chemical industry, construction, supply and distribution, property and resort development, haul...Show more
    Last updated: 8 days ago • Promoted
    Dynamics 365 CE Senior Analyst Programmer (Relocate toMalta / Big 4)

    Dynamics 365 CE Senior Analyst Programmer (Relocate toMalta / Big 4)

    Black Pen Recruitment • Manila, Philippines
    Our client’s Microsoft Business Solutions team is a Microsoft Gold Partner and leader in Microsoft software implementations for medium to large organisations, providing their clients with the abili...Show more
    Last updated: 30+ days ago • Promoted
    Cybersecurity Analyst (Onsite)

    Cybersecurity Analyst (Onsite)

    Blaseek • Quezon City, National Capital Region, PH
    About the Role We’re looking for a Cybersecurity Analyst to help protect the organization’s digital assets and ensure the security of critical systems and data. This role focuses on identifying vul...Show more
    Last updated: 30+ days ago • Promoted
    Due Diligence Analyst (Preferably Junior Associates)

    Due Diligence Analyst (Preferably Junior Associates)

    Payreto • Makati City, National Capital Region (NCR), PH
    Quick Apply
    WHAT WE OFFER Competitive Salary Packages Professional Development Opportunities Hybrid Work Setup Equipment Provided Day 1 HMO Life Insurance Position Overview The Due Diligence Analyst will suppo...Show more
    Last updated: 30+ days ago
    Threat Landscape Analyst (Hybrid)

    Threat Landscape Analyst (Hybrid)

    Accpro International • Pasay, National Capital Region, PH
    QUALIFICATIONS : • 1 year of experience in technical writing, cybersecurity, or cyber threat intelligence roles.Foundational understanding of cyber threats, defense techniques, OSINT, MITRE ATT&CK, ...Show more
    Last updated: 9 days ago • Promoted
    Junior Systems Analyst (Client-site)

    Junior Systems Analyst (Client-site)

    Umpisa Inc. • Taguig, Metro Manila, PH
    Quick Apply
    Philippines be known globally as a tech hub.We create a set of world-class and impactful products and solutions to help organizations and individuals live better lives. We offer demanding, challengi...Show more
    Last updated: 16 days ago
    Vulnerability Assessment Analyst - Pasay City

    Vulnerability Assessment Analyst - Pasay City

    JK Network Services • Pasay, National Capital Region, PH
    COMPANY PROFILE : A well-established BPO company that is well-committed in providing business outsourcing needs to its clients Position : Vulnerability Assessment Analyst Company Industry : BPO Compan...Show more
    Last updated: 30+ days ago • Promoted
    Dynamics 365 CE Senior Analyst Programmer (Relocate to Malta / Big 4)

    Dynamics 365 CE Senior Analyst Programmer (Relocate to Malta / Big 4)

    Black Pen Recruitment • Manila, Philippines
    Our client’s Microsoft Business Solutions team is a Microsoft Gold Partner and leader in Microsoft software implementations for medium to large organisations, providing their clients with the abili...Show more
    Last updated: 30+ days ago • Promoted
    Dynamics 365 CE Analyst Programmer (Relocate to Malta / Big 4)

    Dynamics 365 CE Analyst Programmer (Relocate to Malta / Big 4)

    Black Pen Recruitment • Manila, Philippines
    Our client’s Microsoft Business Solutions team is a Microsoft Gold Partner and leader in Microsoft software implementations for medium to large organisations, providing their clients with the abili...Show more
    Last updated: 30+ days ago • Promoted
    Cybersecurity Analyst (Junior - Mid Level)

    Cybersecurity Analyst (Junior - Mid Level)

    Nityo Infotech • Quezon City, National Capital Region, Philippines
    We are seeking a skilled Cybersecurity Analyst to join our team.This role is responsible for safeguarding the organization’s digital assets by identifying vulnerabilities, monitoring for threats, a...Show more
    Last updated: 8 days ago • Promoted
    Junior Quality Assurance Analyst (Client-site)

    Junior Quality Assurance Analyst (Client-site)

    Umpisa Inc. • Taguig, Metro Manila, PH
    Quick Apply
    Philippines be known globally as a tech hub.We create a set of world-class and impactful products and solutions to help organizations and individuals live better lives. We offer demanding, challengi...Show more
    Last updated: 16 days ago
    Vulnerability Analyst

    Vulnerability Analyst

    ACCPRO INTERNATIONAL • Pasay, National Capital Region, Philippines
    NOW HIRING : Vulnerability Analyst .Work Setup : Hybrid (1–2x a month return to office) .Schedule : Mid Shift (4 PM or 5 PM login) . As a Vulnerability Analyst, you’ll play a critical role in identifyi...Show more
    Last updated: 8 days ago • Promoted
    Dynamics 365 CE Analyst Programmer (Relocate to Malta / Big4)

    Dynamics 365 CE Analyst Programmer (Relocate to Malta / Big4)

    Black Pen Recruitment • Manila, Philippines
    Our client’s Microsoft Business Solutions team is a Microsoft Gold Partner and leader in Microsoft software implementations for medium to large organisations, providing their clients with the abili...Show more
    Last updated: 30+ days ago • Promoted
    Threat Landscape Analyst (Hybrid)

    Threat Landscape Analyst (Hybrid)

    ACCPRO INTERNATIONAL • Pasay, National Capital Region, PH
    QUALIFICATIONS : • 1 year of experience in technical writing, cybersecurity, or cyber threat intelligence roles.Basic knowledge of cyber threats, defense strategies, OSINT, MITRE ATT&CK, CVEs, and m...Show more
    Last updated: 9 days ago • Promoted