124 Cybersecurity Manager jobs in the Philippines

The
Cybersecurity Manager
will be responsible for developing, implementing, and overseeing the company's cybersecurity strategy to protect Meralco PowerGen Corporation (MGEN), its subsidiaries, and its power generation plants from cyber threats. This role ensures the confidentiality, integrity, and availability of corporate and operational technology (OT) systems, while maintaining compliance with industry regulations and best practices in the Philippine power sector.

Key Responsibilities:

1. Cybersecurity Strategy & Governance

• Develop and execute the organization's cybersecurity roadmap, aligned with MGen's corporate and plant operations objectives.
• Establish and enforce cybersecurity policies, procedures, and standards in compliance with local and international regulations (e.g., ERC, DOE, NERC CIP, ISO
• Lead periodic risk assessments and cybersecurity maturity evaluations.

2. Threat Management & Incident Response

• Oversee the monitoring, detection, and response to cybersecurity incidents, including forensic investigations and root cause analysis.
• Implement security controls to protect IT and OT infrastructure, including SCADA systems, industrial control systems (ICS), and corporate networks.
• Manage the company's Security Operations Center (SOC) or coordinate with external SOC providers.

3. Security Architecture & Technology

• Recommend and deploy security technologies such as firewalls, IDS/IPS, endpoint detection & response (EDR), SIEM, and OT-specific security solutions.
• Ensure secure system design for new projects, including renewable energy plants and market-facing platforms.
• Oversee vulnerability management, penetration testing, and patch management programs.

4. Compliance & Audit

• Ensure compliance with Philippine power industry regulations, data privacy laws, and relevant international standards.
• Support internal and external IT security audits, ensuring timely remediation of findings.
• Coordinate cybersecurity reporting to regulators and corporate leadership.

5. Awareness & Training

• Lead cybersecurity awareness campaigns for corporate and plant employees.
• Conduct specialized training for plant operations teams on OT and ICS security best practices.

6. Team Leadership & Vendor Management

• Hands-on leader
  ; the Cybersecurity Manager will still handle operational tasks.
• Manage and mentor cybersecurity staff and contractors.
• Oversee relationships with cybersecurity vendors, consultants, and managed service providers.
• Manage cybersecurity budgets and resource planning.

Qualifications:

Education & Certifications:

• Bachelor's degree in Information Security, Computer Science, Information Technology, or related field (Master's degree preferred).
• Professional certifications such as CISSP, CISM, CISA, CEH, or GICSP (OT/ICS security) preferred.

Experience:

• At least 7 years of IT experience, with 3–5 years in cybersecurity leadership roles.
• Strong background in securing critical infrastructure, preferably in the energy or utilities sector.
• Hands-on
  experience with both IT and OT security.

Technical Skills:

• In-depth knowledge of network security, application security, and OT security.
• Familiarity with security frameworks (NIST, ISO 27001, COBIT) and compliance standards.
• Experience with SIEM, EDR, IAM, and cloud security.

Behavioral Competencies:

• Strong leadership and decision-making skills.
• Excellent problem-solving and crisis management abilities.
• Effective communication and stakeholder management skills.

 Power Up Your Career with Power Mac Center 

We are seeking a strategic and hands-on 
Cybersecurity Manager
 to lead and strengthen our organization's cybersecurity posture. This role focuses on safeguarding our IT infrastructure—including on-premise and cloud environments—critical business applications, and social media platforms. The ideal candidate will have a strong technical foundation, proven leadership experience, and the ability to align cybersecurity initiatives with business objectives.

Responsibilities

• Develop and execute a comprehensive cybersecurity strategy that aligns with the organization's business goals and risk appetite, with specific emphasis on network security, server infrastructure (on-premise and cloud), application security, and social media protection.
• Design, implement, and maintain effective security controls, tools, and processes across all in-scope systems and environments.
• Lead and manage vulnerability assessments, penetration testing, and continuous security evaluations to proactively identify and mitigate threats.
• Direct incident response efforts, including detection, analysis, containment, eradication, recovery, and post-incident reviews.
• Ensure ongoing compliance with relevant cybersecurity standards, regulations, and internal policies (e.g., NIST, ISO, GDPR, etc.).
• Collaborate with cross-functional teams to promote a security-first culture and raise organizational awareness of cybersecurity risks and best practices.

Qualifications

• Minimum 
  7 years of experience
   in cybersecurity, with at least 
  3 years in a managerial or leadership role
  .
• Proven expertise in network and server security (both on-premise and cloud), application security, and incident response.
• Deep understanding of networking protocols and architectures, including TCP/IP, DNS, routing, switching, firewalls, IDS/IPS, and VPN technologies.
• Strong knowledge of operating system security, particularly 
  Windows Server
   and 
  Linux
   environments.
• Familiarity with common application vulnerabilities (e.g., OWASP Top 10) and appropriate mitigation strategies.
• Hands-on experience with cybersecurity tools and platforms such as SIEM, EDR, vulnerability scanners, penetration testing suites, and cloud security solutions.
• Demonstrated experience managing and developing cybersecurity teams (minimum 3–5 years of people management in a similar domain).

• Security Strategy and Planning:
• Develop and implement comprehensive security strategies and frameworks that align with business objectives.
• Collaborate with senior management to ensure security policies and practices support business goals.
• Conduct regular reviews and updates of security policies, procedures, and standards. Risk Management:
• Perform risk assessments to identify security threats and vulnerabilities across the organization's systems and networks.
• Develop and implement risk mitigation strategies to reduce the impact of potential security incidents.
• Ensure compliance with relevant security standards and regulatory requirements (e.g., ISO 27001, GDPR, NIST).
• Security Solutions Design: Design and implement security solutions, including firewalls, intrusion detection/prevention systems, encryption technologies, and access controls. Evaluate and recommend security tools and technologies to enhance the organization's security posture.
• Ensure the security architecture is robust, scalable, and able to withstand evolving threats.
• Incident Response and Management: Lead the response to security incidents, including investigation, containment, and remediation.
• Develop and maintain an incident response plan and conduct regular drills and simulations. Provide post-incident analysis and recommendations to prevent future occurrences.
• Internal Security Awareness and Training: Develop and deliver security awareness programs to educate employees on security best practices and policies.
• Ensure all employees understand their roles and responsibilities in maintaining information security.
• Stay updated on the latest cybersecurity trends, threats, and technologies to continuously improve the organization's security awareness.
• Compliance and Audit: Ensure the organization complies with legal and regulatory requirements related to information security.
• Conduct internal audits to assess the effectiveness of security controls and identify areas for improvement. Prepare for and support external audits and security assessments.

Requirements:

1. Bachelor's or Master's degree in Information Security, Computer Science, or a related field.

2. 8+ years of experience in information security, cybersecurity, or a related discipline.

3. Strong knowledge of security frameworks and standards (e.g., ISO 27001, NIST, CIS).

4. Proven experience with security technologies such as firewalls, SIEM, IDS/IPS, and endpoint protection.

5. Excellent analytical, problem-solving, and communication skills.

6. Ability to work independently and as part of a team in a fast-paced environment.

7. Professional certifications such as CISSP, CISM, CRISC, or CEH.

8. Experience in conducting security assessments, penetration testing, and vulnerability management.

9. Familiarity with cloud security (e.g., AWS, Azure, Google Cloud).

10. Knowledge of DevSecOps practices and tools

Job Type: Full-time

Pay: Php90, Php120,000.00 per month

Benefits:

• Paid training

Experience:

• Cybersecurity: 8 years (Preferred)
• Leading a team of cybersecurity: 5 years (Preferred)

Work Location: In person

Prime Infra is seeking experienced IT Cybersecurity Manager to support one of our Business Units. We are looking for highly skilled professionals who can ensure operational excellence, strengthen IT governance, and drive innovation across infrastructure, cybersecurity, and applications management.

Responsibilities

• Lead cybersecurity initiatives across corporate offices and plant operations.
• Manage and respond to security incidents (IR), ensuring swift containment and resolution.
• Conduct risk assessments and implement mitigation strategies to strengthen security posture.
• Develop, implement, and enforce cybersecurity policies and procedures.
• Ensure compliance with relevant security standards and regulatory requirements.
• Collaborate with business and operations teams to embed security best practices.

Qualifications

• Bachelor's degree in Information Security, Computer Science, or related field.
• Minimum of 5–7 years of experience in IT security, with exposure to both corporate and plant/manufacturing environments preferred.
• Strong knowledge of incident response, threat management, and risk management.
• Security certifications (CISSP, CISM, CEH, etc.) are an advantage.
• Excellent analytical and problem-solving skills with the ability to manage multiple priorities.

O92n5dQFzx

• Design, manage, and secure the organization's network infrastructure while ensuring alignment with cybersecurity best practices and compliance requirement
• Leads a team of network engineers and security professionals to ensure network performance, reliability, and protection against cyber threats
• Certification Preferred: CCNP, CISM
• Familiarity with AWS security and hybrid environments
• Bachelor's degree in Information Technology, or Computer Engineering
• 7+ years of experience in network engineering, IT security, systems administration and/or database administration
• 2+ years in a leadership role

• Design, manage, and secure the organization's network infrastructure while ensuring alignment with cybersecurity best practices and compliance requirement
• Leads a team of network engineers and security professionals to ensure network performance, reliability, and protection against cyber threats
• Certification Preferred: CCNP, CISMFamiliarity with AWS security and hybrid environments
• Bachelor's degree in Information Technology, or Computer Engineering
• 7+ years of experience in network engineering, IT security, systems administration and/or database administration
• 2+ years in a leadership role

Job Type: Full-time

Work Location: In person

• Design, manage, and secure the organization's network infrastructure while ensuring alignment with cybersecurity best practices and compliance requirement
• Leads a team of network engineers and security professionals to ensure network performance, reliability, and protection against cyber threats
• Certification Preferred: CCNP, CISM
• Familiarity with AWS security and hybrid environments
• Bachelor's degree in Information Technology, or Computer Engineering
• 7+ years of experience in network engineering, IT security, systems administration and/or database administration
• 2+ years in a leadership role

• Collaborate with senior management to define the security strategy and goals. Align security initiatives with businessobjectives and industry best practices. Stay updated with industry trends, competitive landscape, and emergingtechnologies related to Information Security and Cybersecurity. Utilize market intelligence to identify opportunities for innovation and growth.
• • Initiate and maintain contact with key stakeholders. Build and maintain strong relationships with existing clients to ensure client satisfaction and encourage repeat business. Understand client needs and challenges to propose tailored Information Security solutions and services.
• • Collaborate with technical and growth team to create compelling proposals and presentations. Identify and pursue strategic partnerships with technology vendors, service providers, and other organizations to enhance the Information Security service portfolio.
• • Lead negotiations with clients, vendors, and partners to establish mutually beneficial agreements. Ensure contracts are aligned with business objectives and comply with legal and regulatory requirements.
• • Develop and maintain an inventory of security projects and initiatives within the portfolio. Prioritize projects based on risk assessment, business impact, and strategic goals.
• • Drive successful Information Security and Cybersecurity projects and implementations. Collaborate with key internal stakeholders to ensure seamless project delivery and customer satisfaction.
• • Oversee security projects from initiation to completion. Define project scopes, objectives, timelines, and deliverables.
• Coordinate with project manager to monitor project progress, track milestones, and manage project risks and issues.
• • Establish key performance indicators (KPIs) and metrics to measure the effectiveness of security initiatives. Develop and deliver regular reports on the status of security projects, compliance, risk posture, and incident response activities to senior management and stakeholders.

Job requirements:

• Bachelor's or master's degree in computer science, Information Systems, or a related field.
• • Has at least 8 years of Information Technology experience with solid background in Information Security Management
• • Proven experience in Information Security, Risk management, and Portfolio management.
• •
  Strong knowledge of security frameworks, standards, and best practices (NIST, ITIL, COBIT, ISO/IEC 27001 and 27002, Project Management).
• • Excellent project management skills, including the ability to manage multiple projects simultaneously.
• • Experience in business development, sales, or marketing within the IT security industry.
• • Strong understanding of IT security technologies, solutions, and services.
• • Ability to build and maintain relationships with clients, partners, and key stakeholders.
• • Excellent communication, negotiation, and interpersonal skills.
• • Ability to work effectively in cross-functional teams and manage relationships with stakeholders.

Require knowledge on several areas, including:

• o Current security tools
• o Business security practices and procedures
• o Hardware/software security implementation
• o Encryption techniques/tools
• o Communication protocols
• • The following certifications (or equivalent) may also be required:

o CISSP

o CISM

o CISA

o CEH

o Security+

o MCSE: Security or MCSA

About Workstreet

At Workstreet, we are on an exciting journey to help businesses scale securely by building and implementing cutting-edge security and compliance programs. We're a fast-growing startup specializing in compliance frameworks like SOC 2, ISO 27001, GDPR, and more. Our goal is to empower companies to meet regulatory standards while enhancing their cybersecurity posture from day one

Workstreet is seeking an experienced Compliance and Security extraordinaire who will be responsible for managing compliance programs and ensuring adherence to frameworks like SOC 2, ISO 27001, HIPAA, and others for our clients. The ideal candidate will have a proven track record in policy writing, implementing SOC 2 Type 1 and Type 2, and hands-on experience with technical controls in various cloud platforms such as AWS, GCP, and Azure.

Key Responsibilities:

• Develop, write, and maintain policies and procedures to ensure compliance with SOC 2, ISO 27001, and other relevant standards.
• Manage and execute SOC 2 Type 1 and Type 2 implementation projects. Implement and oversee technical controls in cloud environments, including AWS, GCP, and Azure.
• Direct daily operations of a small team, driving success through effective leadership.
• Conduct regular security audits and risk assessments to identify vulnerabilities and ensure continuous improvement of security posture.
• Coordinate with different teams to ensure compliance and security best practices are integrated into their workflows.
• Stay updated on new regulatory requirements and industry best practices.
• Work within and feel comfortable operating compliance platforms like Drata, Vanta, and SecureFrame.

Qualifications:

• Bachelor's degree in Information Technology, Cybersecurity, or a related field.
• 3+ years managing a small team.
• Proven experience in managing compliance programs and familiarity with SOC 2 and ISO 27001 frameworks.
• Strong knowledge and experience in implementing technical controls in cloud platforms like AWS, GCP, and Azure.
• Excellent communication and writing skills in English.
• Ability to work independently with a strong sense of initiative.
• Must be amenable to work US Eastern Time zone hours.

Preferred Skills:

• Relevant certifications (e.g., CISA, CISSP, CISM).
• Experience in conducting security training and awareness programs.
• Familiarity with other compliance frameworks and regulations (e.g., GDPR, HIPAA).

What We Offer:

• Competitive pay
• Work from anywhere in the world
• Ability to grow from this role into a vCISO role
• Ability to work with amazing companies and clients

Workstreet Celebrates Diversity

As an equal opportunity employer, Workstreet is committed to providing employment opportunities to all individuals. All applicants for positions at Workstreet will be treated without regard to race, color, ethnicity, religion, sex, gender, gender identity and expression, sexual orientation, national origin, disability, age, marital status, veteran status, pregnancy, or any other basis prohibited by applicable law.