ARCHIVED
This job listing has been archived and is no longer accepting applications.
MisuJob - AI Job Search Platform MisuJob
Login Sign Up

Threat Intelligence Manager

Confidential

Makati, Metro Manila permanent

Posted: January 30, 2026

Interested in this position?

Create a free account to apply with AI-powered matching

Register to Apply

Quick Summary

Manage teams and ensure accordance with support and operations' policies, protocols, and procedures.

Required Skills

Threat Intelligence Data Analysis Cybersecurity Incident Response Vendor Management Team Leadership Performance Management Training and Development Compliance Reporting

Job Description

I. PURPOSE

 

Execute activities that will improve existing operations and operationalize new service portfolio to achieve service excellence, operational efficiency, business profitability, and retention of customers.

 

II. DUTIES AND RESPONSIBILITIES

 

Accomplish all assigned tasks by the management in a timely and effective manner as deemed necessary for the betterment of the organization.  

Manage teams and ensure accordance with the support and operations’ policies, protocols, and procedures. 

Oversee the 24x7x365 management of teams and overall performance and reliability of the shift. 

Ensure effective and efficient processes are followed, and that proper escalation protocols are in place and complied with by the teams. 

Prepare shift hand over report. Hand over open and ongoing events, incidents, and escalations to the next shift.  

Collaborate and contribute with other managers in improving workflows, documentations, standards, and processes.  

Accountable for the growth of team members and ensuring succession plan is in place. 

Evaluate the skill sets of each group member and give recommendations to the MSS Manager for growth. 

Responsible/Accountable in providing input to training and certifications plan for his direct reports and ensure that the entire group is covered according to business operations need. 

Conduct performance review of team members. 

Contribute to the knowledge and information relevant to Operations. 

Participate in activities promoting a harmonious working environment such as demonstrating trust and respect and practicing open communication.   

Comply with company policies, guidelines, standards, and procedures.   

Professionally represent Trends management; enriching client relationships and providing expertise, composure, and competence. 

Perform all other duties and tasks as assigned by the MSS Manager. 

 

Threat Intelligence

Monitor the displayed information on the Threat Intelligence Platform (TIP) related to emerging threats, vulnerabilities, campaigns, etc.

Conduct research using the Threat Intelligence Platform (TIP) or any other relevant source of information such as open-source, proprietary or commercial information to gather cyber and IT information about threats, vulnerabilities, and/or any other party that needs to be monitored for awareness.   

Monitor, utilize the collected data, and report to the client if affected by pre-NVD and zero-day vulnerabilities.   

Utilize Threat Intelligence Platform’s threat intelligence card and advanced queries for deeper and more contextual investigation.

Investigate information on the intention to target clients, their industry like major activist campaigns, and indications of activism and all relevant intelligence against the clients. 

Perform industry peer comparison and determine the trending attack methods.   

Prepare and submit the following reports based on frequency:   

Operational Intelligence Report (Weekly Digest)   

Tactical Intelligence Report (Daily Digest)   

Incident-related Reports (Adhoc)   

Other operational report as directed by the business 

Lead the team in establishing cyber protection programs and activities.

Perform as lead researcher, giving guidance to team on where, what, and how to dig information.

Review materials prepared and written by the team.

Create analyst notes (or validated research documents) and collaborate with other members of the team for verification of reports.  

Detect, report, and request for takedowns of servers launching phishing attacks, fake applications that impersonate legitimate ones from app stores, malicious websites, or fraudulent social media accounts.   

Report any brand attack and data leakage detection from the solution with corresponding mitigating actions.

 

 Threat Hunting

Configure tools and detect patterns/outliers within client environments matching tactics, techniques, or procedures (TTPs) of known threat actors, malware or other unusual or suspicious behaviors. 

Conduct cyber hunts in support of identifying emerging threats on behalf of multiple clients, often operating as a lead investigator. 

Provide expert analytic investigative support for large-scale and complex security incidents across multiple clients and support the TOC team through the investigation, recommendations, response, and post-mortem efforts. 

Monitor multiple client environments and investigate & report on emerging threats. 

Work with internal teams on orchestration & tool-based enablement and optimization of team processes supporting overall service delivery. 

Conduct dynamic and static malware analysis on samples obtained during incident handling or hunt operations to identify IOCs. 

Contribute to documenting simple and reusable hunt tactics and techniques for the extended and shifting team delivering threat services. 

Engage with client POCs as necessary to help them truly mature and optimize their security architecture, primarily from a risk management and incident response perspective.

 

Availability Management 

Manage monthly shift schedules, create appropriate shift design, manage conflicts within the shift, design operational process guidelines, and ensure cascade and understanding of the shift being managed as compliance to agreed levels of availability of people and processes needed for Operations delivery. 

Operationalization of management defined metrics and reporting compliance.

Ensures that tools being used are appropriate for the agreed service level targets for availability such as tools for role-based access design, availability reporting, and design testing.

 

Capacity Management 

Determine and report the capacity and performance of people, processes, and organizational controls, and ensure resolution of issues through tactical adjustment of operational processes, people, and platform.

Work with other managers to gather data and develop strategies as input to the business plan and execute these strategies to deliver the service and plans for short, medium, and long-term business requirements.  

 

IT Service Continuity Management 

Perform the role assigned in the Business Continuity Plan (BCP). 

Create and perform adjustments in the operational processes in compliance with the Business Continuity Plan (BCP) objectives to ensure service delivery objectives are met in case of a disaster. 

Provide input to the Operations’ Business Impact analysis to reduce risks to an acceptable level and plan for the team’s recovery. 

 

Risk Management 

Execute risk treatment plans for people and processes needed for Operations. 

 

Service Level Management 

Ensure compliance of Service Level Agreements with clients.   

Manage the performance of team members in Internal Support     

Monitor and report on Operational Service Levels.   

 

Change Advisory Board   

Approve Method of Procedures to be presented during Managed ICT Services Change Advisory Board meetings.  

Participate in client Change Advisory Board meetings.   

Advise client during Operational discussions on the possible impact, risks, and effects of proposed client changes. 

Create advisories on the possible impact, risks, and effects of proposed client changes. 

Provides Method of Procedure/s and other documentation to clients whenever necessary. 

 

Configuration Management 

Responsible for accepting Configuration Items (CI) and other relevant information of Transitions.  

Sign off CI of client assets and its components as part of Operations, and handover CI and other relevant information to Transitions for Offboarding.  

 

Client Support 
   

Ensure that the team members are:

Performing triage on received events and incidents.

Handling cases assigned. 

Undertaking immediate effort/s to restore a failed service of a Managed Service client as quickly as possible. 

Performing brand monitoring and takedown requests. 

Handling escalation and follow-ups until resolution.  

Review Incident and Root-Cause-Analysis (RCA) Reports.  

 

Client Incident Management
   

Review operational playbooks to detect, analyze, eradicate, remediate, and recover from client cybersecurity incidents. 

Guarantee that quality of service incidents is reviewed and adjusted according to client needs, agreed standards and frameworks. 

Lead resolution of P1 and P2 incidents. 

Review RCA Reports and ensure Corrective Actions/Preventive Actions (CA/PA) are executed. 

 

Client Access Management     

Performs authorization of users’ right to access client assets, while preventing access to non-authorized users. 

Essentially executes Terms and Conditions of the client.  

Client IT Asset Management     

Ensure that clients’ managed assets are accounted for, maintained, upgraded (if within scope), and that lifecycle is monitored.

Provides reports and recommendations to the Client, Service Delivery Manager/s, and other relevant stakeholders.   

 

Client Problem Management     

Leads P1/P2 RCA and ensure CA/PA is implemented on time. 

Ensure shift compliance with contractual Problem Management deliverables. 

Acts as the Problem Manager for P1/P2 incidents: 

Manage the lifecycle of all identified problems.  

Prevent recurring incidents from happening and minimize the impact of recurring incidents that cannot be prevented.  

Maintain information or Knowledgebase about Known Errors and Workarounds.  

Identify Problem records. 

Attend Problem Management meetings with the MSS Manager. 

 

Process Management    

Create, share, use, and manage the documented processes of Service Operations, and ensure that these processes are being followed.   

 

Knowledge Management     

Responsible in updating the knowledge and information pertaining to existing Clients and clients’ Managed ICT assets.    

 

Continual Service Improvement Management     

Execute improvement plans of the people and processes of Operations at a tactical level. 

Review and approve tactical and operational changes and ensure its deployment. 

Ensure the quality of data and content of tickets are reviewed. 

 

III.    QUALIFICATIONS

A.    Minimum Education

Must be a graduate of any IT related bachelor’s degree such as: 

Computer Studies 

Computer Engineering 

Information Technology 

Electronics Engineering  

 

B.    Minimum Experience/Training

Have at least 5 years of working experience in a 24x7x365 Security Operations Center. 

Trainings and/or certifications on at least 2 of the following domains are required: 

IT Service Management  

IT Infrastructure (Network, Servers, Cloud, etc.) 

Cybersecurity and/or Information Security 

Threat Intelligence Certifications i.e. CTIA, GCTI, CCTIA  

eCTHPv2 or other related certification    

OSINT/Threat Intelligence Trainings  

C.    Competency

(F) - Familiar / 0-12 months 
(N) - Novice / 1-2 years 
(I) - Intermediate / 3-4 years 
(A) - Advanced / > 5 years 

 

KNOWLEDGE 

(A) Knowledge of cybersecurity and privacy principles. 

(A) Knowledge of computer networking concepts and protocols, and network security methodologies. 

(A) Knowledge of risk management processes (e.g., methods for assessing and mitigating risk). 

(A) Knowledge of cyber threats and vulnerabilities. 

(A) Knowledge of specific operational impacts of cybersecurity lapses. 

(A) Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth). 

(A) Knowledge of system administration, network, and operating system hardening techniques. 

(A) Knowledge of MITRE ATT&CK Framework and NIST SP800-61 

 

TECHNICAL SKILLS

(A) ITIL 

(A) Networking Fundamentals 

(A) Operating System Fundamentals 

(A) Application/Web Programming 

(A) Enterprise Application Architecture 

(A) Cybersecurity Fundamentals 

(A) Secure Network Architecture 

(A) Application Security & Secure Coding Practices 

(I) Identity & Access Management Principles 

(A) Cryptography & Encryption Technologies 

(I) Perimeter Defense Technologies 

(I) End-Point Protection Technologies 

(A) Vulnerability Scanning & Ethical Hacking 

(A) Advanced Persistent Threats & pattern modeling 

(A) Forensic Investigation 

(N) Dark web Surfing & Intel Gathering 

 

COMMUNICATION SKILLS 

(A) Speaks clearly and can be easily understood. 

(A) Expresses & speaks ideas in a logical and organized sequence. 

(A) Writes clearly, concisely, and effectively. 

(A) Expresses ideas in a logical and organized sequence in written form. 

 

IV.    WORKING CONDITIONS

Reporting to the company’s main office in Makati City. 

Shifting schedule. 

Collaborate physically and/or virtually with internal and external stakeholders. 

May travel for company-sponsored conferences and related marketing events. 

Attend training and acquire certifications that are applicable to the role.

Why Apply Through MisuJob?

AI-Powered Job Matching: MisuJob uses advanced artificial intelligence to analyze your skills, experience, and career goals. Our matching algorithm compares your profile against thousands of job requirements to find positions where you have the highest chance of success. This saves you hours of manual job searching and ensures you only see relevant opportunities.

One-Click Applications: Once you create your profile, applying to jobs is effortless. Your resume and cover letter are automatically tailored to highlight the most relevant experience for each position. You can apply to multiple jobs in minutes, not hours.

Career Intelligence: Beyond job matching, MisuJob provides valuable career insights. See how your skills compare to market demands, identify skill gaps to address, and understand salary benchmarks for your experience level. Make data-driven decisions about your career path.

Frequently Asked Questions

How do I apply for this position?

Click the "Register to Apply" button above to create a free MisuJob account. Once registered, you can apply with one click and track your application status in your dashboard.

Is MisuJob free for job seekers?

Yes, MisuJob is completely free for job seekers. Create your profile, get matched with jobs, and apply without any cost. We help you find your dream job without any hidden fees.

How does AI matching work?

Our AI analyzes your resume, skills, and experience to understand your professional profile. It then compares this against job requirements using natural language processing to calculate a match percentage. Higher matches mean better fit for the role.

Can I apply to jobs in other countries?

Absolutely. MisuJob features jobs from companies worldwide, including remote positions. Filter by location or look for remote opportunities to find jobs that match your preferences.

Ready to Apply?

Join thousands of job seekers using MisuJob's AI to find and apply to their dream jobs automatically.

Create Free Account Sign In
← Browse all jobs
Register to Apply