Talent.com
This job offer is not available in your country.
Threat Intelligence Lead

Threat Intelligence Lead

Trends Group Inc.Manila, Metro Manila, Philippines
1 day ago
Job description

Join to apply for the Threat Intelligence Lead role at Trends Group Inc.

Get AI-powered advice on this job and more exclusive features.

I. PURPOSE

Participate and support activities that will help improve the existing operations and operationalize new service portfolio to achieve service excellence, operational efficiency, and retention of customers.

II. Duties And Responsibilities

  • Accomplish all assigned tasks by the management in a timely and effective manner as deemed necessary for the betterment of the organization.
  • Ensure effective and efficient processes are followed, and that proper escalation protocols are in place and complied with by the team.
  • Report significant events to immediate superior and ensure smooth and effective shift turnovers.
  • Contribute to the knowledge and information relevant to Operations.
  • Participate in activities promoting a harmonious working environment such as demonstrating trust and respect and practicing open communication.
  • Comply with company policies, guidelines, standards, and procedures.
  • Professionally represent Trends management; enriching client relationships and providing expertise, composure, and competence.
  • Perform all other duties and tasks as assigned by the Threat Intelligence Manager and MSS Manager.

Threat Intelligence

  • Monitor the displayed information on the Threat Intelligence Platform (TIP) related to emerging threats, vulnerabilities, campaigns, etc.
  • Conduct research using the Threat Intelligence Platform (TIP) or any other relevant source of information such as open-source, proprietary or commercial information to gather cyber and IT information about threats, vulnerabilities, and / or any other party that needs to be monitored for awareness.
  • Monitor, utilize the collected data, and report to the client if affected by pre-NVD and zero-day vulnerabilities.
  • Utilize Threat Intelligence Platform’s threat intelligence card and advanced queries for deeper and more contextual investigations.
  • Investigate information on the intention to target clients, their industry like major activist campaigns, and indications of activism and all relevant intelligence against the clients.
  • Perform industry peer comparison and determine the trending attack methods.
  • Prepare and submit the following reports based on frequency : Operational Intelligence Report (Weekly Digest), Tactical Intelligence Report (Daily Digest), Incident-related Reports (Adhoc), Other operational reports as directed by the business.
  • Lead the team in establishing cyber protection programs and activities.
  • Perform as lead researcher, giving guidance to the team on where, what, and how to dig information.
  • Review materials prepared and written by the team.
  • Create analyst notes (or validated research documents) and collaborate with other members of the team for verification of reports.
  • Detect, report, and request takedowns of servers launching phishing attacks, fake applications that impersonate legitimate ones from app stores, malicious websites, or fraudulent social media accounts.
  • Report any brand attack and data leakage detection from the solution with corresponding mitigating actions.

    • Threat Hunting

  • Configure tools and detect patterns / outliers within client environments matching tactics, techniques, or procedures (TTPs) of known threat actors, malware or other unusual or suspicious behaviors.
  • Conduct cyber hunts in support of identifying emerging threats on behalf of multiple clients, often operating as a lead investigator.
  • Provide expert analytic investigative support for large-scale and complex security incidents across multiple clients and support the TOC team through the investigation, recommendations, response, and post-mortem efforts.
  • Monitor multiple client environments and investigate & report on emerging threats.
  • Work with internal teams on orchestration & tool-based enablement and optimization of team processes supporting overall service delivery.
  • Conduct dynamic and static malware analysis on samples obtained during incident handling or hunt operations to identify IOCs.
  • Contribute to documenting simple and reusable hunt tactics and techniques for the extended and shifting team delivering threat services.
  • Engage with client POCs as necessary to help them truly mature and optimize their security architecture, primarily from a risk management and incident response perspective.

    • Availability Management

  • Operationalization of management defined metrics and reporting compliance.
  • Ensures that tools being used are appropriate for the agreed service level targets for availability such as tools for role-based access design, availability reporting, and design testing.
  • Escalate availability and capacity-related issues and provide suggestions.

    • Capacity Management

  • Execute strategies developed by the managers to deliver the service and plans for short, medium, and long-term business requirements.
  • Ensure that resources of managed devices are within the acceptable thresholds.
  • Escalate threshold breaches.

    • IT Service Continuity Management

  • Perform the role assigned in the Business Continuity Plan (BCP).
  • Lead the team in following and participating in Business Continuity Plan (BCP) activities to ensure continuity of performance of people and processes and that minimum agreed service levels are met in case of a disruptive incident / s.

    • Risk Management

  • Participate in the execution of risk treatment plans to people and processes needed for Service Operations that may impact clients, Sales Groups, and other relevant stakeholders.

    • Service Level Management

  • Ensure compliance of Service Level Agreements with clients.
  • Manage the performance of team members in Internal Support
  • Monitor and report on Operational Service Levels.

    • Configuration Management

  • Collects and ensures accurate information of configurations of client assets during Service Operations.
  • Maintains information about Configuration Items (CIs) of client assets as part of Service Operations.
  • Maintains a logical model, containing the components of client CIs and their associations.
  • Handover configuration items and other relevant information to Service Transition for Offboarding.

    • Client Support

  • Ensure that the team members are :
  • Performing triage on received events and incidents.
  • Handling cases assigned.
  • Undertaking immediate effort / s to restore a failed service of a Managed Service client as quickly as possible.
  • Performing brand monitoring and takedown requests.
  • Handling escalation and follow-ups until resolution.
  • Create Incident and Root-Cause-Analysis (RCA) Reports.
  • Execute set frameworks, guidelines, and procedures that follow best practices and applicable frameworks for Events Management, Incident Management, and Service Requests.

    • Client Incident Management

  • Create operational playbooks to detect, analyze, eradicate, remediate, and recover from client cybersecurity and quality of service incidents.
  • Lead resolution of P2 and P3 escalations.
  • Lead initial triage and resolution of P1 incidents.
  • Escalate incidents that may turn into a problem or disaster.
  • Create RCA Reports and execute Compromise Assessment / Preventive Action (CA / PA).

    • Client Access Management

  • Ensure team members perform authorization of users’ right to access client assets, while preventing access to non-authorized users.
  • Essentially executes Terms and Conditions of the client.

    • Client IT Asset Management

  • Ensure that clients’ managed assets are accounted for, maintained, upgraded if within scope.
  • Monitors the clients’ managed assets lifecycle and provides reports and recommendations to the Client, Service Delivery Manager / s, and other relevant stakeholders.

    • Client Problem Management

  • Provide necessary data and ensure CA / PA is implemented.
  • Ensure team’s compliance to contractual problem management deliverables.

    • Process Management

  • Create, share, use, and manage the documented processes of Service Operations, and ensure that these processes are being followed.

    • Knowledge Management

  • Responsible in updating the knowledge and information pertaining to existing Clients and clients’ Managed ICT assets.

    • Continual Service Improvement Management

  • Execute improvement plans of the people and processes of Service Operations.
  • Suggest, follow, and deploy new processes, and ensure that the team follows.
  • Review and guarantee quality of data and content of tickets.

    • III. Qualifications

  • Minimum Education : Must be a graduate of any IT related bachelor’s degree such as Computer Studies, Computer Engineering, Information Technology, Electronics Engineering.
  • Minimum Experience / Training : Have at least 3-4 years of working experience in a 24x7x365 Security Operations Center.
  • Trainings and / or certifications on any of the following domains are required : IT Service Management; IT Infrastructure (Network, Servers, Cloud, etc.); Cybersecurity and / or Information Security; Threat Intelligence Certifications i.e. CTIA, GCTI, CCTIA; eCTHPv2 or other related certification; OSINT / Threat Intelligence Trainings.
  • Competency : Familiar / 0-12 months; Novice / 1-2 years; Intermediate / 3-4 years; Advanced / >

    • 5 years.

    Knowledge

  • Knowledge of cybersecurity and privacy principles.
  • Knowledge of computer networking concepts and protocols, and network security methodologies.
  • Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
  • Knowledge of cyber threats and vulnerabilities.
  • Knowledge of specific operational impacts of cybersecurity lapses.
  • Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
  • Knowledge of system administration, network, and operating system hardening techniques.
  • Knowledge of MITRE ATT&CK Framework and NIST SP800-61

    • Technical Skill

  • ITIL
  • Networking Fundamentals
  • Operating System Fundamentals
  • Application / Web Programming
  • Enterprise Application Architecture
  • Cybersecurity Fundamentals
  • Secure Network Architecture
  • Application Security & Secure Coding Practices
  • Identity & Access Management Principles
  • Cryptography & Encryption Technologies
  • Perimeter Defense Technologies
  • End-Point Protection Technologies
  • Vulnerability Scanning & Ethical Hacking
  • Advanced Persistent Threats & pattern modeling
  • Forensic Investigation
  • Dark web Surfing & Intel Gathering

    • Communication Skills

  • Speaks clearly and can be easily understood.
  • Expresses & speaks ideas in a logical and organized sequence.
  • Writes clearly, concisely, and effectively.
  • Expresses ideas in a logical and organized sequence in written form.

    • IV. Working Conditions

  • Reporting to the company’s main office in Makati City.
  • Shifting schedule.
  • Collaborate physically and / or virtually with internal and external stakeholders.
  • May travel for company-sponsored conferences and related marketing events.

    • Attend training and acquire certifications that are applicable to the role.

    Referrals increase your chances of interviewing at Trends Group Inc. by 2x

    Note : This refined description preserves the original scope and responsibilities while improving structure and readability. It does not introduce new claims or requirements.

    #J-18808-Ljbffr

    Create a job alert for this search

    Lead • Manila, Metro Manila, Philippines

    Related jobs
    • Promoted
    ISO 27001 (ISMS) Lead Auditor (Pasig) | Onsite

    ISO 27001 (ISMS) Lead Auditor (Pasig) | Onsite

    TASQ Staffing SolutionsPasig, Metro Manila, Philippines
    About the job : ISO 27001 (ISMS) Lead Auditor (Pasig) | Onsite.Additional 6k (Rice, Laundry, uniform, and Personal Gasoline & Transportation Allowance). Business Travel Expenses (Actual Cost Reimburs...Show moreLast updated: 30+ days ago
    • Promoted
    Site Safety Officer 2 (Solar)

    Site Safety Officer 2 (Solar)

    RecruitNest ConsultingMaragondon, Cavite, Philippines
    Position Type : Experienced - Individual Contributor.Employment Type : Full-Time; Open-ended Contract (Direct Hire).Work Setup & Location : Onsite / Fieldwork - Maragondon, Cavite.Industry : Infrastructu...Show moreLast updated: 30+ days ago
    Security Analyst

    Security Analyst

    blueAPACHECity Of Manila, Metro Manila, PH
    Quick Apply
    APACHE is an Australian owned award-winning Managed Service Provider, recognised for the 5th year running, as Mid-Market Partner of the Year at the ARN Innovation Awards. We pride ourselves on being...Show moreLast updated: 30+ days ago
    Cyber Security Consultant - Urgently Hiring!

    Cyber Security Consultant - Urgently Hiring!

    HenkelMakati, NCR, Philippines
    As a Cybersecurity Consultant at Henkel, you will play a critical role in strengthening our organization's information security posture across global operations. Your primary goal will be to conduct...Show moreLast updated: 30+ days ago
    • Promoted
    Security Solution Architect

    Security Solution Architect

    Buscojobs, Metro Manila, Philippines, Metro Manila, Philippines
    Security Solution Architect jobs in Manila.Conduct and / or support authorized penetration testing on enterprise network assets. Prepare reports that identify technical and procedural findings and pro...Show moreLast updated: 1 day ago
    • Promoted
    • New!
    Director of Offensive Security Research & Community (US - East perferred)

    Director of Offensive Security Research & Community (US - East perferred)

    CobaltBiñan, Laguna, Philippines
    Director of Offensive Security Research & Community (US - East perferred).Cobalt was founded on the belief of a fundamental human aspiration : the desire to live better and safer.It all started in 2...Show moreLast updated: 17 hours ago
    • Promoted
    SAP Platform Security Leader Operations and Audit & Compliance

    SAP Platform Security Leader Operations and Audit & Compliance

    Procter & Gamble PhilippinesManila, Metro Manila, Philippines
    We seek a highly skilled and experienced professional to assume the Senior Manager of SAP Platform Security Operations and Audit & Compliance role. In this high impact position, you will support all...Show moreLast updated: 30+ days ago
    Lead Auditor - ISO 27001 (ISMS) - Pasig

    Lead Auditor - ISO 27001 (ISMS) - Pasig

    TASQ Staffing SolutionsPasig, Metro Manila, Philippines
    Quick Apply
    About the job : ISO 27001 (ISMS) Lead Auditor (Pasig) | Onsite.An additional 6k (Rice, Laundry, uniform, and Personal Gasoline & Transportation Allowance). Business Travel Expenses (Actual Cost Reimb...Show moreLast updated: 30+ days ago
    Security Consulting and Risk Officer

    Security Consulting and Risk Officer

    AvantePH Staffing and Consultancy Inc.Taguig, Metro Manila, PH
    Quick Apply
    Responsible for securing data, network, and applications in system development or system implementations.Perform threat modeling, business and technical process analysis, application security and a...Show moreLast updated: 3 days ago
    • Promoted
    Information Security Associate Manager

    Information Security Associate Manager

    DXC TechnologyTaguig, Metro Manila, Philippines
    Support the management of security initiatives under the direction of senior security personnel.Assist in implementing security policies and standards, collaborating with the security team.Monitor ...Show moreLast updated: 2 days ago
    • Promoted
    BPO MIS - Real Time Analyst (Clark, Pampanga)

    BPO MIS - Real Time Analyst (Clark, Pampanga)

    TASQ Staffing SolutionsAngeles, Pampanga, Philippines
    About the Job : Process Specialist - MIS / RTA (Clark) | Onsite • •.HMO coverage for the employee and two dependents starting Day 1. Excellent opportunities for career growth.Bachelor's degree in any fie...Show moreLast updated: 30+ days ago
    • Promoted
    PMO Senior Manager (Solar / Renewable Energy)

    PMO Senior Manager (Solar / Renewable Energy)

    RecruitNest ConsultingPakil, Laguna, Philippines
    Position Type : Experienced - Senior Manager.Employment Type : Full-Time; Open-ended Contract (Direct Hire).Work Setup & Location : Onsite / Fieldwork - Laguna / Rizal. Industry : Infrastructure & Energy (H...Show moreLast updated: 30+ days ago
    Security Operation Center (SOC) Lead

    Security Operation Center (SOC) Lead

    Questronix CorporationSan Pedro, Laguna, PH
    Quick Apply
    Lead a team of Cyber Security Analysts within the Security Operations Center (SOC).Manage and execute hands-on technical detection, analysis, containment, eradication, and remediation to support da...Show moreLast updated: 30+ days ago
    • Promoted
    Compliance Officer (Energy / Power Infrastructure)

    Compliance Officer (Energy / Power Infrastructure)

    RecruitNest ConsultingPakil, Laguna, Philippines
    Position Type : Experienced - Individual Contributor.Employment Type : Full-Time; Permanent (Direct Hire).Work Setup & Location : Onsite / Field Work - Rizal Province. Work Schedule : Mondays - Fridays, D...Show moreLast updated: 30+ days ago
    • Promoted
    Security Engineer I

    Security Engineer I

    RELXQuezon City, Metro Manila, Philippines
    RELX Quezon City, National Capital Region, Philippines.Monitor and respond to security alerts generated by technologies such as SIEM, IDS, EDR or security reports sent directly to the information s...Show moreLast updated: 27 days ago
    Lead, Governance, Risk & Compliance (GRC)

    Lead, Governance, Risk & Compliance (GRC)

    EastWest BankMakati, Metro Manila, Philippines
    Quick Apply
    The Lead - Governance, Risk & Compliance (GRC) will serve as a critical member of the GRC department within the Governance & Assurance Division, reporting directly to the Head of GRC.This role is r...Show moreLast updated: 30+ days ago
    • Promoted
    • New!
    Sap Platform Security Leader Operations And Audit & Compliance

    Sap Platform Security Leader Operations And Audit & Compliance

    BuscojobsMetro Manila, Philippines
    We seek a highly skilled and experienced professional to assume the Senior Manager of SAP Platform Security Operations and Audit & Compliance role. In this high impact position, you will support all...Show moreLast updated: 13 hours ago
    • Promoted
    Senior Team Lead

    Senior Team Lead

    Gear IncMuntinlupa City, Metro Manila, Philippines
    The STL is expected to mentor team leaders, manage escalations, guide productivity, and help improve operational workflows based on data insights and volume trends. They serve as a key link between ...Show moreLast updated: 30+ days ago