22 Cybersecurity Analyst jobs in the Philippines

**About Us**
We are a global climate technologies company engineered for sustainability. We create sustainable and efficient residential, commercial and industrial spaces through HVACR technologies. We protect temperature-sensitive goods throughout the cold chain. And we bring comfort to people globally. Best-in-class engineering, design and manufacturing combined with category-leading brands in compression, controls, software and monitoring solutions result in next-generation climate technology that is built for the needs of the world ahead. 
Whether you are a professional looking for a career change, an undergraduate student exploring your first opportunity, or recent graduate with an advanced degree, we have opportunities that will allow you to innovate, be challenged and make an impact. Join our team and start your journey today!
A Cybersecurity Operations Analyst, often working within a Security Operations Center (SOC), is responsible for continuously monitoring network activity, analyzing security alerts, identifying potential cyber threats, investigating suspicious activity, and responding to security incidents by taking necessary mitigation actions to protect an organization's systems and data from cyberattacks; this role involves correlating security events, performing threat analysis, and escalating critical issues to the appropriate teams while staying updated on emerging cyber threats and vulnerabilities.
**Key responsibilities of a Cybersecurity Operations Analyst:**
Real-time monitoring:
Actively monitor network traffic, system logs, and security tools to detect malicious activity and anomalies.
Threat analysis:
Analyze security alerts, correlate events, and determine the severity of potential threats to identify malicious actors and their tactics.
Incident response:
Investigate security incidents, gather evidence, and implement appropriate response actions to contain and remediate cyberattacks.
Vulnerability management:
Identify and assess system vulnerabilities, prioritize patching, and work with relevant teams to address security gaps.
Reporting and communication:
Prepare detailed reports on security incidents, threat intelligence, and operational metrics to inform stakeholders and leadership.
Signature development:
Assist in creating and updating security signatures for detection tools based on emerging threats.
Trend analysis:
Stay informed about current cyber threats and trends to proactively identify potential risks.
Collaboration:
Work with other security teams, including incident responders, network engineers, and security architects, to coordinate security efforts.
**Our Commitment to Our People**
Across the globe, we are united by a singular Purpose: Sustainability is no small ambition. That's why everything we do is geared toward a sustainable future-for our generation and all those to come. Through groundbreaking innovations, HVACR technology and cold chain solutions, we are reducing carbon emissions and improving energy efficiency in spaces of all sizes, from residential to commercial to industrial.
Our employees are our greatest strength. We believe that our culture of passion, openness, and collaboration empowers us to work toward the same goal - to make the world a better place. We invest in the end-to-end development of our people, beginning at onboarding and through senior leadership, so they can thrive personally and professionally.
Flexible and competitive benefits plans offer the right options to meet your individual/family needs. We provide employees with flexible time off plans, including paid parental leave (maternal and paternal), vacation and holiday leave. 
Together, we have the opportunity - and the power - to continue to revolutionize the technology behind air conditioning, heating and refrigeration, and cultivate a better future. Learn more about us and how you can join our team!
**Our Commitment to Inclusion & Belonging**
At Copeland, we cultivate a strong sense of inclusion and belonging where individuals of all backgrounds, and with diverse perspectives, are embraced and treated fairly to enable a stronger workforce. Our employee resource groups play an important role in culture and community building at Copeland.
**Equal Opportunity Employer**
Copeland is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to sex, race, color, religion, national origin, age, marital status, political affiliation, sexual orientation, gender identity, genetic information, disability or protected veteran status. We are committed to providing a workplace free of any discrimination or harassment.
With $5B of global revenue, Copeland is a leading provider of compression products, electronics, software, and solutions across many applications within Heating, Ventilation, Air Conditioning, and Refrigeration (HVACR), where macro and regulatory trends towards environmental sustainability, leads to changes in HVACR technology. Other products include other heating applications, food service and retail, transportation, and healthcare/life sciences. This new business also has a solution portfolio that manages, monitors, and controls refrigeration units in the commercial setting, as well as software solutions that measure and monitor temperature conditions of refrigerated goods in transit, where there is a greater emphasis on energy management/sustainability solutions globally.

Cybersecurity Analyst
**Req number:**
R5907
**Employment type:**
Full time
**Worksite flexibility:**
Remote
**Who we are**
CAI is a global technology services firm with over 8,500 associates worldwide and a yearly revenue of $1 billion+. We have over 40 years of excellence in uniting talent and technology to power the possible for our clients, colleagues, and communities. As a privately held company, we have the freedom and focus to do what is right-whatever it takes. Our tailor-made solutions create lasting results across the public and commercial sectors, and we are trailblazers in bringing neurodiversity to the enterprise.
**Job Summary**
We are looking for a motivated Cybersecurity Analyst ready to take us to the next level! If you have data analysis, preferably in a Cybersecurity organization, and are looking for your next career move, apply now.
**Job Description**
We are looking for a **Cybersecurity Analyst** to design, develop, and maintain dashboards and visualizations in Power BI. This position will be **full-time** and **remote.**
**What You'll Do**
+ Partner with senior leaders and stakeholders to define reporting needs and translate them into technical requirements
+ Design, develop, and maintain dashboards and visualizations in Power BI
+ Leverage Databricks for data preparation, transformation, and analysis
+ Develop and monitor KPIs and metrics to support IT operations and service delivery
+ Ensure data accuracy and integrity across all reporting solutions
+ Familiarity with data governance, automation, and performance tuning best practices
+ Evaluate and apply automation options
**What You'll Need**
**Required:**
+ 4+ years of data analysis, preferably in a Cyber Security organization
+ Specific Technical Skillsets
+ Data Science (e.g. Databricks)
+ PowerBI/Tableau
+ Metrics and Reporting Experience
+ Postman
+ Github
+ Excellent verbal and written communication skills
**Preferred:**
+ Preferred experience working in large, cross-functional teams in a globally diverse model
+ Industry-recognized certifications (e.g., A+, Network+, Security+) are a plus
**Physical Demands**
+ Ability to safely and successfully perform the essential job functions
+ Sedentary work that involves sitting or remaining stationary most of the time with occasional need to move around the office to attend meetings, etc.
+ Ability to conduct repetitive tasks on a computer, utilizing a mouse, keyboard, and monitor
**Reasonable accommodation statement**
If you require a reasonable accommodation in completing this application, interviewing, completing any pre-employment testing, or otherwise participating in the employment selection process, please direct your inquiries to or (888) 824 - 8111.

Job Scope:
To manage all RX security assessments and play a key part in ensuring RX's security compliance optimization. Monitor assessments while ensuring that Reed Exhibitions internal systems are compliant with RELX and industry standards. Proactively manage the third-party risk assessments, compliance evidence gathering of their IT services, infrastructure, applications and relevant services against their Security policies and related frameworks. Training and development will be provided in all areas of the role as required.
Key Responsibilities:
Security Assessment Management
+ Serve as an advanced technical advisor for third-party assessments, providing detailed security insights and solutions.
+ Perform in-depth security reviews and risk assessments for new and existing third-party vendors, ensuring compliance with organizational and regulatory requirements.
+ Demonstrate advanced knowledge in RELX security compliance policies and procedures.
+ Stay current with updates and developments in security standards such as OWASP Top 10, ISO27001, and SOC 2, and ensure their proper implementation across the organization.
+ Develop and deliver training and awareness on security policies and standards to business units.
+ Gain in-depth knowledge of the organization's major infrastructure security controls, ensuring they align with RELX Policies and Standards, industry best practices, and regulatory requirements.
+ Coordinate with technology/service owners and business owners to conduct annual security audits, vulnerability assessments, and penetration tests where applicable.
+ Work collaboratively within all business areas and key stakeholders to ensure the review and approach of all security governance, risk, and compliance scope is appropriate and proactive.
+ Ensure continuous monitoring and reporting of compliance and risk status against NIST2.0, RELX Framework, ISO27001, SOC2, PCI DSS, regional and global regulations, and all other relevant standards.
+ Support internal and external audits by providing detailed documentation and evidence of security controls and practices.
+ Perform RX Business Unit and Third-Party security audits according to the CISO office strategic plan and produce detailed documentation and evidence against security controls and practices tested.
+ Act as a point of escalation for security-related incidents, providing advanced security support and guidance to Level I Analysts and other team members.
+ Provide regular updates and at least monthly metric reports to senior management on security compliance and risk posture.
+ Escalation of high impact security issues to Security Compliance Manager.
Ideal candidate profile:
Technical Skills:
+ Bachelor's Degree holder.
+ Background in IT, compliance, and/or information security.
+ Ability to work across all levels of seniority within business teams to drive a working partnership.
+ Strong analytical and critical thinking skills.
+ Understanding of industry standards for IT security (e.g., ISO27001/2, SOC 2, PCI DSS).
+ Basic understanding of IT security applications (e.g., firewalls, intrusion detection, virus protection).
+ Understanding of IT security testing and vulnerability management, and Threat Modeling.
+ Understanding in Cloud Environment (e.g., AWS, Azure or GCP)
+ Understanding of Service Level Management.
+ Desired understanding of OneTrust portal or Similar.
+ With CompTIA Security+ or Similar or Higher.
Personal Skills:
+ Ability to work across all levels of seniority within the organization and suppliers to drive a working partnership.
+ Good communication skills at all levels, both oral and written.
+ Good interpersonal skills.
+ Ability to produce effective influence and persuasive arguments in support of security assessment process goals.
+ Highly driven and self-motivated individuals.
+ Skilled in project management and able to work independently in a fast-paced environment.
We are committed to providing a fair and accessible hiring process. If you have a disability or other need that requires accommodation or adjustment, please let us know by completing our Applicant Request Support Form or please contact .
Criminals may pose as recruiters asking for money or personal information. We never request money or banking details from job applicants. Learn more about spotting and avoiding scams here .
Please read our Candidate Privacy Policy .
We are an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law.
USA Job Seekers:
EEO Know Your Rights .
RELX is a global provider of information-based analytics and decision tools for professional and business customers, enabling them to make better decisions, get better results and be more productive.
Our purpose is to benefit society by developing products that help researchers advance scientific knowledge; doctors and nurses improve the lives of patients; lawyers promote the rule of law and achieve justice and fair results for their clients; businesses and governments prevent fraud; consumers access financial services and get fair prices on insurance; and customers learn about markets and complete transactions.
Our purpose guides our actions beyond the products that we develop. It defines us as a company. Every day across RELX our employees are inspired to undertake initiatives that make unique contributions to society and the communities in which we operate.

_We're looking for an_ **_Information Security Analyst (Access Provisioning)_** _to join our ETS Control and Governance team at MBPS. In this role, you are expected to define and maintain a standard access model for cloud resources, review and approve access requests every day within the committed SLA. You will enhance existing automation to make the review and approval task more efficient. Furthermore, you will drive remediation of deviations from the standard access model._
**Position Responsibilities:**
+ Define and communicate the standard access model for various access level to resources in the Public Cloud service.
+ Own the intake channels including SNOW Process and IaC Pipelines.
+ Manage access authorization for public cloud resources.
+ Perform access review and approval on a daily basis with the committed SLAs.
+ Develop/enhance automation for intake, review, and implementation.
+ Monitor assignment of privileged roles on a daily basis.
+ Discover and remediate deviations from approved access model in the existing environment.
+ Maintain an exception process and tracks temporary elevation of privileges.
**Required Qualifications:**
+ University/College graduate with 2 - 4 years of progressive experience related to identity and access management, cloud security
+ Proven security mindset, Knowledge and understanding of any industry standard Access Management Framework, Principal of Least Privileged Access, Just-in-Time Access, RBAC and ABAC etc.
+ Possess "automation-first" mindset. Writes automation(s) to streamline common tasks, tests, and workflows.
+ Knowledge of following cloud platforms and Devop tools: Azure, Terraform, Github, GitHub Actions, Python, JIRA, Confluence
+ **_Amenable to work in UP Ayala Technohub (Quezon City)_**
+ **_Amenable to work in a hybrid set-up (3x a week onsite)_**
+ **_Amenable to work in a fixed NIGHT shift schedule_**
**Preferred Qualifications:**
+ Self-driven, able to meet objectives with a minimal amount of managerial oversight/supervision.
+ A team player who can interact with various internal functions such as business unit security officers, security engineers, reliability engineers, DevOps engineers.
+ Advocate constant learning from both success and failure, and encourages openness to change and continuous improvement
+ Proficient in English, both verbal and written
**When you join our team:**
+ We'll empower you to learn and grow the career you want.
+ We'll recognize and support you in a flexible environment where well-being and inclusion are more than just words.
+ As part of our global team, we'll support you in shaping the future you want to see.
**Acerca de Manulife y John Hancock**
Manulife Financial Corporation es un importante proveedor internacional de servicios financieros que ayuda a las personas a tomar decisiones de una manera más fácil y a vivir mejor. Para obtener más información acerca de nosotros, visite .
**Manulife es un empleador que ofrece igualdad de oportunidades**
En Manulife/John Hancock, valoramos nuestra diversidad. Nos esforzamos por atraer, formar y retener una fuerza laboral tan diversa como los clientes a los que prestamos servicios, y para fomentar un entorno laboral inclusivo en el que se aprovechen las fortalezas de las culturas y las personas. Estamos comprometidos con la equidad en las contrataciones, la retención de talento, el ascenso y la remuneración, y administramos todas nuestras prácticas y programas sin discriminación por motivos de raza, ascendencia, lugar de origen, color, origen étnico, ciudadanía, religión o creencias religiosas, credo, sexo (incluyendo el embarazo y las afecciones relacionadas con este), orientación sexual, características genéticas, condición de veterano, identidad de género, expresión de género, edad, estado civil, estatus familiar, discapacidad, o cualquier otro aspecto protegido por la ley vigente.
Nuestra prioridad es eliminar las barreras para garantizar la igualdad de acceso al empleo. Un representante de Recursos Humanos trabajará con los solicitantes que requieran una adaptación razonable durante el proceso de solicitud. Toda la información que se haya compartido durante el proceso de solicitud de adaptación se almacenará y utilizará de manera congruente con las leyes y las políticas de Manulife/John Hancock correspondientes. Para solicitar una adaptación razonable en el proceso de solicitud, envíenos un mensaje a .
**Modalidades de Trabajo**
Híbrido

_We're looking for an_ **_Information Security Analyst (Access Provisioning)_** _to join our ETS Control and Governance team at MBPS. In this role, you are expected to define and maintain a standard access model for cloud resources, review and approve access requests every day within the committed SLA. You will enhance existing automation to make the review and approval task more efficient. Furthermore, you will drive remediation of deviations from the standard access model._
**Position Responsibilities:**
+ Define and communicate the standard access model for various access level to resources in the Public Cloud service.
+ Own the intake channels including SNOW Process and IaC Pipelines.
+ Manage access authorization for public cloud resources.
+ Perform access review and approval on a daily basis with the committed SLAs.
+ Develop/enhance automation for intake, review, and implementation.
+ Monitor assignment of privileged roles on a daily basis.
+ Discover and remediate deviations from approved access model in the existing environment.
+ Maintain an exception process and tracks temporary elevation of privileges.
**Required Qualifications:**
+ University/College graduate with 2 - 4 years of progressive experience related to identity and access management, cloud security
+ Proven security mindset, Knowledge and understanding of any industry standard Access Management Framework, Principal of Least Privileged Access, Just-in-Time Access, RBAC and ABAC etc.
+ Possess "automation-first" mindset. Writes automation(s) to streamline common tasks, tests, and workflows.
+ Knowledge of following cloud platforms and Devop tools: Azure, Terraform, Github, GitHub Actions, Python, JIRA, Confluence
+ **_Amenable to work in UP Ayala Technohub (Quezon City)_**
+ **_Amenable to work in a hybrid set-up (3x a week onsite)_**
+ **_Amenable to work in a fixed NIGHT shift schedule_**
**Preferred Qualifications:**
+ Self-driven, able to meet objectives with a minimal amount of managerial oversight/supervision.
+ A team player who can interact with various internal functions such as business unit security officers, security engineers, reliability engineers, DevOps engineers.
+ Advocate constant learning from both success and failure, and encourages openness to change and continuous improvement
+ Proficient in English, both verbal and written
**When you join our team:**
+ We'll empower you to learn and grow the career you want.
+ We'll recognize and support you in a flexible environment where well-being and inclusion are more than just words.
+ As part of our global team, we'll support you in shaping the future you want to see.
**Acerca de Manulife y John Hancock**
Manulife Financial Corporation es un importante proveedor internacional de servicios financieros que ayuda a las personas a tomar decisiones de una manera más fácil y a vivir mejor. Para obtener más información acerca de nosotros, visite .
**Manulife es un empleador que ofrece igualdad de oportunidades**
En Manulife/John Hancock, valoramos nuestra diversidad. Nos esforzamos por atraer, formar y retener una fuerza laboral tan diversa como los clientes a los que prestamos servicios, y para fomentar un entorno laboral inclusivo en el que se aprovechen las fortalezas de las culturas y las personas. Estamos comprometidos con la equidad en las contrataciones, la retención de talento, el ascenso y la remuneración, y administramos todas nuestras prácticas y programas sin discriminación por motivos de raza, ascendencia, lugar de origen, color, origen étnico, ciudadanía, religión o creencias religiosas, credo, sexo (incluyendo el embarazo y las afecciones relacionadas con este), orientación sexual, características genéticas, condición de veterano, identidad de género, expresión de género, edad, estado civil, estatus familiar, discapacidad, o cualquier otro aspecto protegido por la ley vigente.
Nuestra prioridad es eliminar las barreras para garantizar la igualdad de acceso al empleo. Un representante de Recursos Humanos trabajará con los solicitantes que requieran una adaptación razonable durante el proceso de solicitud. Toda la información que se haya compartido durante el proceso de solicitud de adaptación se almacenará y utilizará de manera congruente con las leyes y las políticas de Manulife/John Hancock correspondientes. Para solicitar una adaptación razonable en el proceso de solicitud, envíenos un mensaje a .
**Modalidades de Trabajo**
Híbrido

**Company Description**
**Work with Us. Change the World.**
At AECOM, we're delivering a better world. Whether improving your commute, keeping the lights on, providing access to clean water, or transforming skylines, our work helps people and communities thrive. We are the world's trusted infrastructure consulting firm, partnering with clients to solve the world's most complex challenges and build legacies for future generations.
There has never been a better time to be at AECOM. With accelerating infrastructure investment worldwide, our services are in great demand. We invite you to bring your bold ideas and big dreams and become part of a global team of over 50,000 planners, designers, engineers, scientists, digital innovators, program and construction managers and other professionals delivering projects that create a positive and tangible impact around the world.
We're one global team driven by our common purpose to deliver a better world. Join us.
**Job Description**
**Job Brief**
The primary function is to perform advisory and assurance projects of Audit Services Group (ASG) focused on IT, information security and data privacy risks. ASG is responsible for evaluating the adequacy and effectiveness of the company's systems of internal controls that guide company activities toward accomplishing key business objectives.
**Duties and Responsibilities**
+ Participate in planning, scoping and execution of risk-based IT, information security, and data privacy assurance and advisory projects in accordance with the Institute of Internal Auditors (IIA) and ASG standards
+ Perform test of design and operating effectiveness of controls
+ Effectively communicate audit results to management
+ Work with stakeholders to develop actions plans that address root cause of findings
+ Anticipate the impact of new technologies and strategic initiatives of the Company on its information security and privacy risk profile
+ Demonstrate up-to-date knowledge in information security and privacy and apply this to the development, execution and improvement of audit programs and recommendations
+ Develop and maintain productive working relationships with stakeholders, while maintaining independence and objectivity.
+ Contribute to various department initiatives to streamline processes, improve stakeholder experience, and increase productivity.
+ Contribute specialized expertise to different assigned projects and may provide key updates to Project Lead and Manager.
**Qualifications**
**Minimum Requirements**
+ Bachelor's degree in management information systems, computer science, accounting, finance, or other IT related fields is required
+ 2-4 years of IT auditing, technology, information security, privacy or other relevant work experience is required
+ Must have strong verbal and written communication skills; fluency in English is required
+ Knowledge of auditing cloud services, encryption technology, mobile technology, application security, software development methodologies, and common security frameworks preferred
+ Ability to travel up to 30% including international travel (valid passport required)
+ Professional certifications (e.g., CIA, CISA, CISSP) are preferred
**Additional Information**
**About AECOM**
AECOM is proud to offer comprehensive benefits to meet the diverse needs of our employees. Depending on your employment status, AECOM benefits may include medical, dental, vision, life, AD&D, disability benefits, paid time off, leaves of absences, voluntary benefits, perks, flexible work options, well-being resources, employee assistance program, business travel insurance, service recognition awards, retirement savings plan, and employee stock purchase plan.
AECOM is the global infrastructure leader, committed to delivering a better world. As a trusted professional services firm powered by deep technical abilities, we solve our clients' complex challenges in water, environment, energy, transportation and buildings. Our teams partner with public- and private-sector clients to create innovative, sustainable and resilient solutions throughout the project lifecycle - from advisory, planning, design and engineering to program and construction management. AECOM is a Fortune 500 firm that had revenue of $16.1 billion in fiscal year 2024. Learn more at aecom.com.
**What makes AECOM a great place to work**
You will be part of a global team that champions your growth and career ambitions. Work on groundbreaking projects - both in your local community and on a global scale - that are transforming our industry and shaping the future. With cutting-edge technology and a network of experts, you'll have the resources to make a real impact. Our award-winning training and development programs are designed to expand your technical expertise and leadership skills, helping you build the career you've always envisioned. Here, you'll find a welcoming workplace built on respect, collaboration and community - where you have the freedom to grow in a world of opportunity.
As an Equal Opportunity Employer, we believe in your potential and are here to help you achieve it. All your information will be kept confidential according to EEO guidelines.
**ReqID:** J
**Business Line:** Geography OH
**Business Group:** DCS
**Strategic Business Unit:** GBS
**Career Area:** Finance
**Work Location Model:** Hybrid
**Legal Entity:** AECOM Global Business Services - Philippines ROHQ

Carry out all information security risk assessment.
- Carry out Privacy risk and impact assessment for client operations and technology infrastructure
- Conducting operations audit based on Information security and privacy principles.
- Conducting review of contractual contracts, privacy contracts / exhibits / privacy agreements
- Supporting compliance certification (ISO, PCI, SSAE) and client audits
- Ensure various information security, privacy regulatory requirements /client’s data privacy requirements are effectively addressed.
- Advise business unit leaders and risk management leaders in issues related to information security.
- Handling information security incidents, data breaches investigations
- Assist Risk management functional leaders in overseeing compliance activities relating to information security.
- Creation and maintenance of risk assessment trackers and keeping them current
- Creation and maintenance of up-to-date inventory of sensitive information profiling for client operations
- Ensure that contract arrangements are in place and being complied with. Obtain necessary evidence for the same. Conducting necessary due diligence on subcontractors / third party.
- Driving information security training and awareness to ensure employees are aware of their responsibilities.
- Experience on privacy regulations (HIPAA/ HITECH, EU Privacy directive/ DPA, GLBA, PIPEDA, Australia/ New Zealand privacy laws / APP etc)

**Qualifications**
- Graduate - Preferably BE, BSC Computer
- LOB: EU-Risk Management and Audit
- Amenable to work onsite in Eastwood, Quezon City

Schedule:

- 8 hour shift

Ability to commute/relocate:

- Manila: Reliably commute or planning to relocate before starting work (required)

Carry out all information security risk assessment.
- Carry out Privacy risk and impact assessment for client operations and technology infrastructure
- Conducting operations audit based on Information security and privacy principles.
- Conducting review of contractual contracts, privacy contracts / exhibits / privacy agreements
- Supporting compliance certification (ISO, PCI, SSAE) and client audits
- Ensure various information security, privacy regulatory requirements /client’s data privacy requirements are effectively addressed.
- Advise business unit leaders and risk management leaders in issues related to information security.
- Handling information security incidents, data breaches investigations
- Assist Risk management functional leaders in overseeing compliance activities relating to information security.
- Creation and maintenance of risk assessment trackers and keeping them current
- Creation and maintenance of up-to-date inventory of sensitive information profiling for client operations
- Ensure that contract arrangements are in place and being complied with. Obtain necessary evidence for the same. Conducting necessary due diligence on subcontractors / third party.
- Driving information security training and awareness to ensure employees are aware of their responsibilities.
- Experience on privacy regulations (HIPAA/ HITECH, EU Privacy directive/ DPA, GLBA, PIPEDA, Australia/ New Zealand privacy laws / APP etc)

**Qualifications**
- Graduate - Preferably BE, BSC Computer
- LOB: EU-Risk Management and Audit
- Amenable to work onsite in Eastwood, Quezon City

Schedule:

- 8 hour shift

Ability to commute/relocate:

- Manila: Reliably commute or planning to relocate before starting work (required)

Job Overview: The Chief Information Security Officer works with other executives across different departments to design security systems and assets. The CISO’s main responsibility is creating and implementing an information security program that is designed to protect enterprise communications, systems, and assets from any potential threats. He/She will ensure compliance to legal security practices.Job Description: ● Define and own a multi-year cybersecurity roadmap and key performance indicators focused on reducing cyber risk ● Build and inspire a highly skilled and diverse Cybersecurity team. Foster a culture of trusted cross-functional partnership, service, and continuous improvement ● Create quarterly, annual, and long-term cyber security and cyber risk management goals, articulate strategies, define metrics and provide necessary updates to executive leadership ● Partner with leadership for the development, planning, and execution of major security initiatives. Support Secure Software Development Lifecycle ● Collaborate with the SOC team and ISO 27001 Core team to establish appropriate security standards and provide an effective governance structure to ensure cyber compliance and accountability ● Lead Security Incident Response, Third Party Information Security Assessment, Data Protection and Encryption, ● Identity & Access Management and Privileged User Access to protect customer and employee data ● Define cyber security governance and control strategies for emerging technologies such as cloud & containerization, blockchain, etc. ● Keep well informed of developing security threats, and proactively create strategies to understand and mitigate potential security problems that might arise from acquisitions or other big business moves ● Other job-related activities may be assigned from time to time.RequirementsRequirements: ● Education – At least graduate with a Bachelor’s Degree in IT, Computer Science, Engineering, or any related course. ● Related Work Experience - Key Industry certifications in Information Security, such as CISSP, CISM and CISA ● Knowledge – Knowledgeable in security and operations processes. ● 15+ years of experience in Information/Cybersecurity in a public or large private technology company with a global customer base ● 7+ years people management experience with hands-on experience building diverse teams while promoting an inclusive organization ● A demonstrated knowledge of information security standards (e.g., NIST, ISO-27001), rules and regulations related to information security and data confidentiality (e.g., PCI, NIST, NSA) and other various security standards and policies ● A strong understanding of Cloud Security Mode and key principles, such as CSPs Shared Responsibility Models, Security and Infrastructure as Code, Preventive/Reactive Guardrails, Containerization, Server-less Computing, Continuous monitoring/drift detection, and the importance of end-to-end automation ● Strong interpersonal and communication skills with the ability to influence at all levels of the organization, while being able to simplify complex topics for understanding and critical decision making by Executive Management and the Board ● Ability to understand not only emerging industry trends as far as cyber security is concerned but also the landscape of emerging threats, making appropriate adjustments within the cybersecurity program