16 Cybersecurity Experts jobs in the Philippines

If you are looking for an opportunity to work with the global Emerson Systems and Software organization, this is an exciting opportunity for you! As a Cybersecurity Intern, you will gain hands-on experience by contributing to the security of our web applications. In this role, you'll identify security vulnerabilities, implement secure coding practices, and integrate security tools into our development workflows. This project will serve as both a learning opportunity and a contribution to the organization's AI projects. Emerson interns are given meaningful work, support, and mentorship from experienced managers and key business leaders. There is strong potential to gain knowledge and experience in a variety of ways by exploring opportunities aligned with your interests and academic background.
**In This Role, Your Responsibilities Will Be:**
+ Working closely with the web development team to identify security vulnerabilities and implement security measures in web applications. This includes tasks related to secure coding practices, vulnerability assessments, and security testing.
+ Analyzing our current web application development processes and identifying areas that can be further improved through enhanced security measures. This may involve consulting with the web development and cybersecurity teams within the organization to ensure that security measures align with the industry's best practices.
+ Working on integrating security tools and practices into our existing web development workflows. This will involve training our web development team members on how to use the security tools effectively and ensuring a seamless transition to secure development practices.
+ Documenting the newly implemented security measures, including standard procedures, guidelines, and troubleshooting instructions, to ensure that the knowledge is retained within the organization.
**Who You Are:**
You can take a creative idea and put it into practice. You take on the challenge of unfamiliar tasks. You readily learn and adopt new technologies.
**For This Role, You Will Need:**
+ Currently pursuing an undergraduate or graduate degree in Computer Science, Information Technology, or any related field.
+ **Able to commit to a minimum of 480 hours.** We are open to both required and voluntary interns.
+ Strong curiosity about cybersecurity, automation, and software development.
+ General exposure to Artificial Intelligence concepts, gained through academic projects, thesis research, or practical experience.
+ Knowledge of Web Development Programming languages e.g. CSS, C#, React JS, HTML5, etc.
+ Ability to collaborate optimally with others and solve complex problems.
**Preferred Qualifications That Set You Apart:**
+ Familiarity with cybersecurity processes automation is a plus.
+ Experience with web development technologies.
+ Curiosity about developing solutions using existing tools and technologies.
**Our Culture & Commitment to You:**
At Emerson, we prioritize a workplace where every employee is valued, respected, and empowered to grow. We foster an environment that encourages innovation, collaboration, and diverse perspectives-because we know that great ideas come from great teams. Our commitment to ongoing career development and growing an inclusive culture ensures you have the support to thrive. Whether through mentorship, training, or leadership opportunities, we invest in your success so you can make a lasting impact. We believe diverse teams, working together are key to driving growth and delivering business results.
We recognize the importance of employee wellbeing. We prioritize providing competitive benefits plans, a variety of medical insurance plans, Employee Assistance Program, employee resource groups, recognition, and much more. Our culture offers flexible time off plans, including paid parental leave (maternal and paternal), vacation and holiday leave.
**Requisition ID** :
Emerson is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to sex, race, color, religion, national origin, age, marital status, political affiliation, sexual orientation, gender identity, genetic information, disability or protected veteran status. We are committed to providing a workplace free of any discrimination or harassment.

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start **Caring. Connecting. Growing together.**
**Primary Responsibilities:**
+ Perform manual penetration tests of web applications, API, and mobile applications to discover and exploit vulnerabilities
+ Prepare detailed report upon discovered vulnerabilities during security assessments
+ Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so
**Required Qualifications:**
+ Excellent skills with application security testing tools such as BurpSuite, OWASP ZAP, SQL Map, Kali Linux, etc.
+ Proven ability to handle applications individually
+ Proven ability to work with Nmap, APK Tool, MobSF, Fiddler, ADB, Drozer and any other Penetration testing tools
+ Proven ability to pursue opportunities to develop existing and new skills outside of comfort zone
+ Proven excellent oral and written communications skills
**Preferred Qualifications:**
+ 2+ years of experience in Cybersecurity environment
+ Experience with scripting languages such as: Python, bash, Powershell, etc.
+ Experience in CTF competitions or Bug Bounty programs
_At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission._
_Optum is a drug-free workplace. © 2025 Optum Global Solutions (Philippines) Inc. All rights reserved._

**About Us**
We are a global climate technologies company engineered for sustainability. We create sustainable and efficient residential, commercial and industrial spaces through HVACR technologies. We protect temperature-sensitive goods throughout the cold chain. And we bring comfort to people globally. Best-in-class engineering, design and manufacturing combined with category-leading brands in compression, controls, software and monitoring solutions result in next-generation climate technology that is built for the needs of the world ahead. 
Whether you are a professional looking for a career change, an undergraduate student exploring your first opportunity, or recent graduate with an advanced degree, we have opportunities that will allow you to innovate, be challenged and make an impact. Join our team and start your journey today!
A Cybersecurity Operations Analyst, often working within a Security Operations Center (SOC), is responsible for continuously monitoring network activity, analyzing security alerts, identifying potential cyber threats, investigating suspicious activity, and responding to security incidents by taking necessary mitigation actions to protect an organization's systems and data from cyberattacks; this role involves correlating security events, performing threat analysis, and escalating critical issues to the appropriate teams while staying updated on emerging cyber threats and vulnerabilities.
**Key responsibilities of a Cybersecurity Operations Analyst:**
Real-time monitoring:
Actively monitor network traffic, system logs, and security tools to detect malicious activity and anomalies.
Threat analysis:
Analyze security alerts, correlate events, and determine the severity of potential threats to identify malicious actors and their tactics.
Incident response:
Investigate security incidents, gather evidence, and implement appropriate response actions to contain and remediate cyberattacks.
Vulnerability management:
Identify and assess system vulnerabilities, prioritize patching, and work with relevant teams to address security gaps.
Reporting and communication:
Prepare detailed reports on security incidents, threat intelligence, and operational metrics to inform stakeholders and leadership.
Signature development:
Assist in creating and updating security signatures for detection tools based on emerging threats.
Trend analysis:
Stay informed about current cyber threats and trends to proactively identify potential risks.
Collaboration:
Work with other security teams, including incident responders, network engineers, and security architects, to coordinate security efforts.
**Our Commitment to Our People**
Across the globe, we are united by a singular Purpose: Sustainability is no small ambition. That's why everything we do is geared toward a sustainable future-for our generation and all those to come. Through groundbreaking innovations, HVACR technology and cold chain solutions, we are reducing carbon emissions and improving energy efficiency in spaces of all sizes, from residential to commercial to industrial.
Our employees are our greatest strength. We believe that our culture of passion, openness, and collaboration empowers us to work toward the same goal - to make the world a better place. We invest in the end-to-end development of our people, beginning at onboarding and through senior leadership, so they can thrive personally and professionally.
Flexible and competitive benefits plans offer the right options to meet your individual/family needs. We provide employees with flexible time off plans, including paid parental leave (maternal and paternal), vacation and holiday leave. 
Together, we have the opportunity - and the power - to continue to revolutionize the technology behind air conditioning, heating and refrigeration, and cultivate a better future. Learn more about us and how you can join our team!
**Our Commitment to Inclusion & Belonging**
At Copeland, we cultivate a strong sense of inclusion and belonging where individuals of all backgrounds, and with diverse perspectives, are embraced and treated fairly to enable a stronger workforce. Our employee resource groups play an important role in culture and community building at Copeland.
**Equal Opportunity Employer**
Copeland is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to sex, race, color, religion, national origin, age, marital status, political affiliation, sexual orientation, gender identity, genetic information, disability or protected veteran status. We are committed to providing a workplace free of any discrimination or harassment.
With $5B of global revenue, Copeland is a leading provider of compression products, electronics, software, and solutions across many applications within Heating, Ventilation, Air Conditioning, and Refrigeration (HVACR), where macro and regulatory trends towards environmental sustainability, leads to changes in HVACR technology. Other products include other heating applications, food service and retail, transportation, and healthcare/life sciences. This new business also has a solution portfolio that manages, monitors, and controls refrigeration units in the commercial setting, as well as software solutions that measure and monitor temperature conditions of refrigerated goods in transit, where there is a greater emphasis on energy management/sustainability solutions globally.

Our client is seeking a highly skilled and experienced Senior SOC Engineer to lead threat detection, incident response, and continuous monitoring efforts within our Security Operations Center. This role is critical to maintaining the confidentiality, integrity, and availability of our systems and data, especially in a highly regulated financial environment. The ideal candidate will bring deep technical expertise, a proactive mindset, and a passion for defending against evolving cyber threats.

Key Responsibilities :

• Lead and coordinate real-time monitoring , triage , and response to security incidents across cloud and on-prem environments.
• Develop and tune SIEM detection rules , use cases , and correlation logic to improve threat visibility.
• Perform threat hunting and forensic investigations using logs, endpoint telemetry, and network data.
• Collaborate with threat intelligence teams to integrate IOCs and TTPs into detection workflows.
• Maintain and enhance SOC playbooks, runbooks, and incident response procedures.
• Mentor junior SOC analysts and provide technical guidance during escalated incidents.
• Work with engineering and infrastructure teams to implement security controls and logging standards .
• Support compliance efforts (e.g., GLBA, FFIEC, PCI DSS) by ensuring logging, monitoring, and incident response capabilities meet regulatory requirements.
• Participate in red/blue/purple team exercises and post-incident reviews.

Qualifications :

• Lead and coordinate real-time monitoring, triage, and response to security incidents across cloud and on-prem environments.
• Develop and tune SIEM detection rules, use cases, and correlation logic to improve threat visibility.
• Perform threat hunting and forensic investigations using logs, endpoint telemetry, and network data.
• Collaborate with threat intelligence teams to integrate IOCs and TTPs into detection workflows.
• Maintain and enhance SOC playbooks, runbooks, and incident response procedures.
• Mentor junior SOC analysts and provide technical guidance during escalated incidents.
• Work with engineering and infrastructure teams to implement security controls and logging standards.
• Support compliance efforts (e.g., GLBA, FFIEC, PCI DSS) by ensuring logging, monitoring, and incident response capabilities meet regulatory requirements.
• Participate in red/blue/purple team exercises and post-incident reviews.

Preferred Certifications:

• GIAC Certified Incident Handler (GCIH)
• GIAC Security Operations Certified (GSOC)
• Certified Information Systems Security Professional (CISSP)
• Certified SOC Analyst (CSA)

--

Work setup: Hybrid, 3x a week RTO

Work location: BGC, Taguig City

Work schedule: Night shift

Interested applicants may apply directly on this job post or direct their CV to ( ).

***FILIPINO CITIZEN ONLY residing in the Philippines***

**Make an impact with NTT DATA**
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion - it's a place where you can grow, belong and thrive.
**Your day at NTT DATA**
As a Security Technical Architect at NTT DATA, you'll design robust security architectures that safeguard our systems, applications, and infrastructure. Working closely with cross-functional teams, you'll integrate security requirements throughout the system design and development lifecycle, ensuring our technology solutions are secure, compliant, and industry-leading.
On a day-to-day basis, you'll be viewed as a trusted technical advisor, collaborating with developers, engineers, and project managers to embed security into every project. Your expertise in secure coding practices, network security, identity and access management, DATA protection, and other security domains will be instrumental.
You'll play a pivotal role in evaluating and selecting security technologies, creating and enforcing security policies, and leading incident response activities. By setting technical standards and providing pre-sales technical support, you'll help define how our solutions meet client objectives and regulatory requirements.
Your role extends to managing client proof-of-concept initiatives and ensuring a smooth transition from proposed solutions to delivery. You'll document executive summaries, statements of work, and network diagrams, oversee pricing formats, and validate proposals, making you a key player in bringing security-focused projects to life.
**To thrive in this role, you need to have:**
+ Deep knowledge of security domains: network security, application security, cloud security, DATA protection, identity and access management, cryptography, and secure coding.
+ Proficiency in enterprise architecture principles and frameworks (e.g., TOGAF).
+ Understanding of security regulations, standards, and frameworks (e.g., ISO 27001, NIST, PCI dSS).
+ Hands-on experience with security technologies and tools (e.g., firewalls, intrusion detection/prevention systems, SIEM, vulnerability scanners, secure coding analysis tools).
+ Experience in a large-scale, multinational technology services environment.
+ Excellent analytical and problem-solving abilities for assessing risks and analysing security issues.
+ Strong client engagement skills and technical consulting aptitude.
+ Ability to collaborate and communicate effectively with team members.
+ Bachelor's degree in IT, computer science, or a related field.
#LI-APAC
**Workplace type** **:**
Hybrid Working
**About NTT DATA**
NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.
**Equal Opportunity Employer**
NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

**The Position**
The IT INF CSE CyberSecurity Response Team is looking for a Tier 2 Security Responder. You will be the responsible for providing advanced support in the identification, containment, and remediation of cybersecurity incidents. They work closely with Level 1 Analysts and other IT teams to ensure the security and integrity of the organization's information systems.
**Duties and Responsibilities:**
+ Monitor and analyze security alerts, logs, and reports to identify potential security incidents.
+ Perform in-depth analysis of security incidents, including root cause analysis and impact assessment.
+ Analyzes and mitigates cybersecurity vulnerabilities
+ Coordinate with Level 1 and 2 Analysts and other IT teams to contain and remediate security incidents.
+ Develop and maintain incident response procedures and documentation.
+ Provide guidance and mentorship to Level 1 and 2 Analysts.
+ Participate in the continuous improvement of the organization's security posture through the development and implementation of security controls and best practices.
+ Assist in the creation and maintenance of security runbooks, standards, and knowledge articles.
+ Stay up to date with the latest cybersecurity threats, trends, and technologies.
**Requirements:**
+ Bachelor's Degree in Computer Science, Information Technology, or a related field
+ Relevant professional certifications (e.g.: CompTIA Security+, SOC-200, OSDA), are preferred. ITIL v.3 or above certified
+ A minimum of 3-5 years of experience in cybersecurity, with a focus on incident response and vulnerability analysis.
+ Strong knowledge of security technologies, such as firewalls, Proxies, intrusion detection/prevention systems, and endpoint security solutions.
Experience
+ Familiarity with various operating systems, networking protocols, and security tools.
+ Excellent analytical and problem-solving skills.
+ Ability to prioritize tasks and manage time effectively.
+ A commitment to staying current with industry trends and emerging threats.
+ Sound programming knowledge in any of the following languages: Python, Ansible, SPL, JavaScript, or PowerShell.
+ Experience working in a virtual, international, and multicultural environment and availability to travel.
+ Strong analytical mindset, passionate team player.
+ Able to deal with ambiguity and find solutions to solve complex problems.
+ Creative, curious and a strong networker
All qualified applicants will receive consideration for employment without regard to a person's actual or perceived race, including natural hairstyles, hair texture and protective hairstyles; color; creed; religion; national origin; age; ancestry; citizenship status, marital status; gender, gender identity or expression; sexual orientation, mental, physical or intellectual disability, veteran status; pregnancy, childbirth or related medical condition; genetic information (including the refusal to submit to genetic testing) or any other class or characteristic protected by applicable law.

Senior Automation Engineer (Cybersecurity) - Makati City  Company Description

Founded and headquartered in Switzerland, Avaloq is continuously expanding its global footprint with around 2,500 colleagues in 12 countries, and more than 170 clients in 35 countries. We are an industry-leading provider of wealth management technology and services for financial institutions around the world, including private banks and wealth managers, investment managers, as well as retail and neo banks. Our research led approach and continual innovation is powered by the passion and creativity of our colleagues.
We are always looking for talented people to join us on our mission to orchestrate the financial ecosystem and democratize access to wealth management. Avaloq offers the opportunity to work closely with some of the world’s leading financial institutions as we jointly develop and shape careers. Championing a collaborative, supportive and flexible work environment empowers our colleagues to reach their full potential.

 Job Description

As an Automation Engineer within CISO Operations, you will take ownership of security tools, automate security processes, and contribute to strengthening our overall security posture. You will work across multiple platforms, integrating best-in-class security solutions while collaborating with cross-functional teams.

Your tasks

• Develop and deploy robust security solutions across various platforms to protect against evolving threats.
• Oversee security tool deployment and automation to optimize security operations.
• Leverage Terraform, Ansible, PowerShell, and custom scripts to automate security infrastructure and workflows.
• Manage and fine-tune security tools, including Tenable, Splunk, Wazuh, Clam AV, Microsoft Defender, and Trend Micro, across both Windows and Linux environments.
• Strengthen DDoS protection and Web Application Firewall (WAF) rules to improve defense capabilities.
• Secure cloud environments (AWS, Azure, Oracle Cloud) and ensure compliance with cloud security best practices.
• Provide expert advice to business units, enhancing security detection and response capabilities.

 Qualifications

• Bachelor’s, Master’s, or Postgraduate degree in Computer Science, Information Security, Engineering, or a related field.
• DevSecOps expertise (Terraform, GitHub, Containers, Microservices, Serverless Functions, Cloud Security).
• Hands-on experience with security tooling and technologies. 
• Strong knowledge of network security, web protocols, TCP/IP, firewalls, and cryptography.
• Proficiency in Windows and Linux systems administration.
• Strong problem-solving, organizational, and time management skills.
• Excellent written and verbal communication, with the ability to influence stakeholders at all levels.

It would be a real bonus if you have

• Certifications in ITIL, Cloud Security, Cybersecurity, or related fields.
• Previous experience in banking, financial services, or cybersecurity consulting.

 Additional Information

We realize that managing work life balance is a challenge we all face in our daily lives and in order to support with this we are pleased to offer hybrid and flexible working for most of our Avaloqers to maintain work life balance and still continue our fantastic Avaloq culture in our global offices. 

In Avaloq we are proud to embrace diversity and understand the success of our business is built on the power of different opinions, we are whole heartedly committed to fostering an equal opportunity environment and inclusive culture where you can be your true authentic self. 

We hire, compensate and promote regardless of origin, age, gender identity, sexual orientation or any other fantastic traits that make us all unique, we have done our best to write this advert in an inclusive and neutral way. 

Please be aware that we will not accept speculative CV submissions for any of our roles from recruitment agencies, and any unsolicited candidate submissions will be exempt from any payment expectations.  

#LI-Hybrid

**Job Summary:**
If you are a professional looking for an opportunity to work with the global Emerson Systems and Software organization, this is a stimulating opportunity for you! You will play a vital role in upholding the Global Strategic Services team's mission of being the key enablers of DeltaV Core Services, empowering the global Emerson Lifecycle Services' field service organization in delivering Lifecycle Services to Emerson customers. This role will require direct engagements with Emerson local offices, impact partners, and end-user customers, with wide organizational impact and visibility, connecting highly skilled resources to deliver successful projects and ensure customer satisfaction as well as revenue expansion of existing contracts.
**In This Role, Your Responsibilities Will Be:**
+ Driving successful project completion and ensuring the quality of deliverables.
+ Assuring Emerson's commitments to customers are met, following the contract, and seeking to improve customer satisfaction through the resolution of problems with speed and professionalism, and consistent customer interaction
+ Working with the Sales, Service, and Projects team from different Emerson local offices to define project targets, expectations, and commitments.
+ Collaborating closely with the Product Support management team to identify resources matched to the service skill requirements.
+ Planning multiple projects with varying complexity while maintaining a strong customer relationship, managing financial targets, and ensuring customer satisfaction.
+ Carefully plan and identify risks involved in projects or pursuit activities and put forth mitigation plans.
+ Drive project pursuits of varying complexity to achieve targets for the group
+ Initiate and lead changes in the Global Strategic Services processes for continuous improvement and continued operational sustainability
+ Provide project leadership to groups of highly qualified professional personnel engaged in service projects.
**Who You Are:**
You have a strong bottom-line orientation. You ask the right questions to accurately analyze situations. You consider all relevant factors and uses appropriate decision-making criteria and principles.
**For This Role, You Will Need:**
+ BS/MS Electrical Engineering, Chemical Engineering, Mechanical Engineering, Computer Engineering, or other technical degrees with the appropriate experience
+ Minimum of 3 years of experience in process control from at least one target industry - Oil and Gas, Chemical, Refining, Pharmaceutical, or other fluid process control industries
+ Knowledge and experience in engineering, servicing, and/or operating control systems in plants, and project management.
+ Proven ability to establish effective relationships with customers, business partners, and internal organizations to deliver successful lifecycle services
+ Primary work schedule is in the EMEA shift (1:00 pm-10:00 pm are the core hours), and may require a change in shift schedule as business requires.
**Preferred Qualifications that Set You Apart:**
+ PMP Certification is a plus.
+ Multi-year experience working in a service/project organization with interaction with process industry customers, and at different levels within the organization.
+ Plant experience and first-hand appreciation for onsite service activities.
+ Proven presentation skills at all levels, both internally and externally.
+ Experience with a Business Partner/Field Service Organization relationship is strongly preferred
+ Ability to effectively communicate project objectives and influence others
**Our Culture & Commitment to You**
At Emerson, we prioritize a workplace where every employee is valued, respected, and empowered to grow. We foster an environment that encourages innovation, collaboration, and diverse perspectives-because we know that great ideas come from great teams. Our commitment to ongoing career development and growing an inclusive culture ensures you have the support to thrive. Whether through mentorship, training, or leadership opportunities, we invest in your success so you can make a lasting impact. We believe diverse teams, working together are key to driving growth and delivering business results.
We recognize the importance of employee wellbeing. We prioritize providing competitive benefits plans, a variety of medical insurance plans, Employee Assistance Program, employee resource groups, recognition, and much more. Our culture offers flexible time off plans, including paid parental leave (maternal and paternal), vacation and holiday leave.
**Requisition ID** :
Emerson is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to sex, race, color, religion, national origin, age, marital status, political affiliation, sexual orientation, gender identity, genetic information, disability or protected veteran status. We are committed to providing a workplace free of any discrimination or harassment.

Job Scope:
To manage all RX security assessments and play a key part in ensuring RX's security compliance optimization. Monitor assessments while ensuring that Reed Exhibitions internal systems are compliant with RELX and industry standards. Proactively manage the third-party risk assessments, compliance evidence gathering of their IT services, infrastructure, applications and relevant services against their Security policies and related frameworks. Training and development will be provided in all areas of the role as required.
Key Responsibilities:
Security Assessment Management
+ Serve as an advanced technical advisor for third-party assessments, providing detailed security insights and solutions.
+ Perform in-depth security reviews and risk assessments for new and existing third-party vendors, ensuring compliance with organizational and regulatory requirements.
+ Demonstrate advanced knowledge in RELX security compliance policies and procedures.
+ Stay current with updates and developments in security standards such as OWASP Top 10, ISO27001, and SOC 2, and ensure their proper implementation across the organization.
+ Develop and deliver training and awareness on security policies and standards to business units.
+ Gain in-depth knowledge of the organization's major infrastructure security controls, ensuring they align with RELX Policies and Standards, industry best practices, and regulatory requirements.
+ Coordinate with technology/service owners and business owners to conduct annual security audits, vulnerability assessments, and penetration tests where applicable.
+ Work collaboratively within all business areas and key stakeholders to ensure the review and approach of all security governance, risk, and compliance scope is appropriate and proactive.
+ Ensure continuous monitoring and reporting of compliance and risk status against NIST2.0, RELX Framework, ISO27001, SOC2, PCI DSS, regional and global regulations, and all other relevant standards.
+ Support internal and external audits by providing detailed documentation and evidence of security controls and practices.
+ Perform RX Business Unit and Third-Party security audits according to the CISO office strategic plan and produce detailed documentation and evidence against security controls and practices tested.
+ Act as a point of escalation for security-related incidents, providing advanced security support and guidance to Level I Analysts and other team members.
+ Provide regular updates and at least monthly metric reports to senior management on security compliance and risk posture.
+ Escalation of high impact security issues to Security Compliance Manager.
Ideal candidate profile:
Technical Skills:
+ Bachelor's Degree holder.
+ Background in IT, compliance, and/or information security.
+ Ability to work across all levels of seniority within business teams to drive a working partnership.
+ Strong analytical and critical thinking skills.
+ Understanding of industry standards for IT security (e.g., ISO27001/2, SOC 2, PCI DSS).
+ Basic understanding of IT security applications (e.g., firewalls, intrusion detection, virus protection).
+ Understanding of IT security testing and vulnerability management, and Threat Modeling.
+ Understanding in Cloud Environment (e.g., AWS, Azure or GCP)
+ Understanding of Service Level Management.
+ Desired understanding of OneTrust portal or Similar.
+ With CompTIA Security+ or Similar or Higher.
Personal Skills:
+ Ability to work across all levels of seniority within the organization and suppliers to drive a working partnership.
+ Good communication skills at all levels, both oral and written.
+ Good interpersonal skills.
+ Ability to produce effective influence and persuasive arguments in support of security assessment process goals.
+ Highly driven and self-motivated individuals.
+ Skilled in project management and able to work independently in a fast-paced environment.
We are committed to providing a fair and accessible hiring process. If you have a disability or other need that requires accommodation or adjustment, please let us know by completing our Applicant Request Support Form or please contact .
Criminals may pose as recruiters asking for money or personal information. We never request money or banking details from job applicants. Learn more about spotting and avoiding scams here .
Please read our Candidate Privacy Policy .
We are an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law.
USA Job Seekers:
EEO Know Your Rights .
RELX is a global provider of information-based analytics and decision tools for professional and business customers, enabling them to make better decisions, get better results and be more productive.
Our purpose is to benefit society by developing products that help researchers advance scientific knowledge; doctors and nurses improve the lives of patients; lawyers promote the rule of law and achieve justice and fair results for their clients; businesses and governments prevent fraud; consumers access financial services and get fair prices on insurance; and customers learn about markets and complete transactions.
Our purpose guides our actions beyond the products that we develop. It defines us as a company. Every day across RELX our employees are inspired to undertake initiatives that make unique contributions to society and the communities in which we operate.