14 Cybersecurity Specialist jobs in the Philippines

**Make an impact with NTT DATA**
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion - it's a place where you can grow, belong and thrive.
**Your day at NTT DATA**
As a Security Technical Architect at NTT DATA, you'll design robust security architectures that safeguard our systems, applications, and infrastructure. Working closely with cross-functional teams, you'll integrate security requirements throughout the system design and development lifecycle, ensuring our technology solutions are secure, compliant, and industry-leading.
On a day-to-day basis, you'll be viewed as a trusted technical advisor, collaborating with developers, engineers, and project managers to embed security into every project. Your expertise in secure coding practices, network security, identity and access management, DATA protection, and other security domains will be instrumental.
You'll play a pivotal role in evaluating and selecting security technologies, creating and enforcing security policies, and leading incident response activities. By setting technical standards and providing pre-sales technical support, you'll help define how our solutions meet client objectives and regulatory requirements.
Your role extends to managing client proof-of-concept initiatives and ensuring a smooth transition from proposed solutions to delivery. You'll document executive summaries, statements of work, and network diagrams, oversee pricing formats, and validate proposals, making you a key player in bringing security-focused projects to life.
**To thrive in this role, you need to have:**
+ Deep knowledge of security domains: network security, application security, cloud security, DATA protection, identity and access management, cryptography, and secure coding.
+ Proficiency in enterprise architecture principles and frameworks (e.g., TOGAF).
+ Understanding of security regulations, standards, and frameworks (e.g., ISO 27001, NIST, PCI dSS).
+ Hands-on experience with security technologies and tools (e.g., firewalls, intrusion detection/prevention systems, SIEM, vulnerability scanners, secure coding analysis tools).
+ Experience in a large-scale, multinational technology services environment.
+ Excellent analytical and problem-solving abilities for assessing risks and analysing security issues.
+ Strong client engagement skills and technical consulting aptitude.
+ Ability to collaborate and communicate effectively with team members.
+ Bachelor's degree in IT, computer science, or a related field.
#LI-APAC
**Workplace type** **:**
Hybrid Working
**About NTT DATA**
NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.
**Equal Opportunity Employer**
NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

Produce security incident reports and briefings to be distributed to the Management.

Configure and manage Infrastructure Security and SIEM solutions.

Design, develop and create correlation rules within the Security Information and Event Management SIEM platform.

Monitor devices and correlation tools for potential threats.

Initiate escalation procedure to counteract potential threats/vulnerabilities to the respective stake holders.

Appropriately inform and advise management on incidents and incident prevention

Graduate of a bachelor’s degree

6 months to 2 years of Information Security and Event Management experience
Hands-on Technical experience of Security Information and Event Management.

Good understanding of concepts and products used for Security Information and Event Management such as Splunk.

Good understanding of Infrastructure Security and its impact on Security Operations, Vulnerabilities, Reporting, Analytics and Monitoring.

Amenable to work in Uptown, Taguig

**_Job Title:_**
Senior Research Scientist - Network Security
**About** **Trellix:**
**Trellix, the trusted CISO ally, is redefining the future of cybersecurity and soulful work.** Our comprehensive, GenAI-powered platform helps organizations confronted by today's most advanced threats gain confidence in the protection and resilience of their operations. Along with an extensive partner ecosystem, we accelerate technology innovation through artificial intelligence, automation, and analytics to empower over 53,000 customers with responsibly architected security solutions.
We also recognize the importance of closing the 4-million-person cybersecurity talent gap. We aim to create a home for anyone seeking a meaningful future in cybersecurity and look for candidates across industries to join us in soulful work. More at .
**_Role Overview:_**
We are looking for a Senior Research Scientist to help us build and expand
Trellix Network Detection and Response. The ideal candidate is someone who is passionate about solving real problems by turning cutting edge research into operational production solutions. In this role, you will focus on analyzing network-based attacker behavior and develop innovative solutions to address emerging challenges in the field of networking.
**Responsibilities:**
+ Research attacker methodologies and develop innovative solutions to identify detection solutions
+ Knowledge on how machine learning can be applied in networking problems
+ Perform data analysis to measure efficacy and identify methodologies to improve existing solutions
+ Forward Looking Research - Researcher will help develop leading edge prototypes to solve emerging challenges.
+ Threat Analytics - Leverage threat intelligence from different sources, identify patterns to co-relate and establish the origin and flow of attacks.
+ Drive roadmap for detection efficacy and network research operation
**Requirements:**
+ Total 8 to 14years experience with at least three years direct or equivalent experience in areas of network-based threats and other aspects of cyber attacks.
+ Strong understanding of networking protocols (e.g., TCP/IP) and network architecture.
+ Proficiency in programming languages such as Python, C++, or Java.
+ Knowledge of cybersecurity principles and practices
+ Strong analytical, problem-solving, and communication skills
**Preferred:**
+ Hands-on reverse engineering and knowledge of operating system internals.
+ Red teaming experience on various techniques
+ Machine learning experience
**Additional Qualifications**
Above all, the right passion and attitude to solve new challenges
**_Company Benefits and Perks:_**
We believe that the best solutions are developed by teams who embrace each other's unique experiences, skills, and abilities. We work hard to create a dynamic workforce where we encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees.
+ Retirement Plans
+ Medical, Dental and Vision Coverage
+ Paid Time Off
+ Paid Parental Leave
+ Support for Community Involvement
We're serious about our commitment to a workplace where everyone can thrive and contribute to our industry-leading products and customer support, which is why we prohibit discrimination and harassment based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.

Job Scope:
To manage all RX security assessments and play a key part in ensuring RX's security compliance optimization. Monitor assessments while ensuring that Reed Exhibitions internal systems are compliant with RELX and industry standards. Proactively manage the third-party risk assessments, compliance evidence gathering of their IT services, infrastructure, applications and relevant services against their Security policies and related frameworks. Training and development will be provided in all areas of the role as required.
Key Responsibilities:
Security Assessment Management
+ Serve as an advanced technical advisor for third-party assessments, providing detailed security insights and solutions.
+ Perform in-depth security reviews and risk assessments for new and existing third-party vendors, ensuring compliance with organizational and regulatory requirements.
+ Demonstrate advanced knowledge in RELX security compliance policies and procedures.
+ Stay current with updates and developments in security standards such as OWASP Top 10, ISO27001, and SOC 2, and ensure their proper implementation across the organization.
+ Develop and deliver training and awareness on security policies and standards to business units.
+ Gain in-depth knowledge of the organization's major infrastructure security controls, ensuring they align with RELX Policies and Standards, industry best practices, and regulatory requirements.
+ Coordinate with technology/service owners and business owners to conduct annual security audits, vulnerability assessments, and penetration tests where applicable.
+ Work collaboratively within all business areas and key stakeholders to ensure the review and approach of all security governance, risk, and compliance scope is appropriate and proactive.
+ Ensure continuous monitoring and reporting of compliance and risk status against NIST2.0, RELX Framework, ISO27001, SOC2, PCI DSS, regional and global regulations, and all other relevant standards.
+ Support internal and external audits by providing detailed documentation and evidence of security controls and practices.
+ Perform RX Business Unit and Third-Party security audits according to the CISO office strategic plan and produce detailed documentation and evidence against security controls and practices tested.
+ Act as a point of escalation for security-related incidents, providing advanced security support and guidance to Level I Analysts and other team members.
+ Provide regular updates and at least monthly metric reports to senior management on security compliance and risk posture.
+ Escalation of high impact security issues to Security Compliance Manager.
Ideal candidate profile:
Technical Skills:
+ Bachelor's Degree holder.
+ Background in IT, compliance, and/or information security.
+ Ability to work across all levels of seniority within business teams to drive a working partnership.
+ Strong analytical and critical thinking skills.
+ Understanding of industry standards for IT security (e.g., ISO27001/2, SOC 2, PCI DSS).
+ Basic understanding of IT security applications (e.g., firewalls, intrusion detection, virus protection).
+ Understanding of IT security testing and vulnerability management, and Threat Modeling.
+ Understanding in Cloud Environment (e.g., AWS, Azure or GCP)
+ Understanding of Service Level Management.
+ Desired understanding of OneTrust portal or Similar.
+ With CompTIA Security+ or Similar or Higher.
Personal Skills:
+ Ability to work across all levels of seniority within the organization and suppliers to drive a working partnership.
+ Good communication skills at all levels, both oral and written.
+ Good interpersonal skills.
+ Ability to produce effective influence and persuasive arguments in support of security assessment process goals.
+ Highly driven and self-motivated individuals.
+ Skilled in project management and able to work independently in a fast-paced environment.
We are committed to providing a fair and accessible hiring process. If you have a disability or other need that requires accommodation or adjustment, please let us know by completing our Applicant Request Support Form or please contact .
Criminals may pose as recruiters asking for money or personal information. We never request money or banking details from job applicants. Learn more about spotting and avoiding scams here .
Please read our Candidate Privacy Policy .
We are an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law.
USA Job Seekers:
EEO Know Your Rights .
RELX is a global provider of information-based analytics and decision tools for professional and business customers, enabling them to make better decisions, get better results and be more productive.
Our purpose is to benefit society by developing products that help researchers advance scientific knowledge; doctors and nurses improve the lives of patients; lawyers promote the rule of law and achieve justice and fair results for their clients; businesses and governments prevent fraud; consumers access financial services and get fair prices on insurance; and customers learn about markets and complete transactions.
Our purpose guides our actions beyond the products that we develop. It defines us as a company. Every day across RELX our employees are inspired to undertake initiatives that make unique contributions to society and the communities in which we operate.

_We're looking for an_ **_Information Security Analyst (Access Provisioning)_** _to join our ETS Control and Governance team at MBPS. In this role, you are expected to define and maintain a standard access model for cloud resources, review and approve access requests every day within the committed SLA. You will enhance existing automation to make the review and approval task more efficient. Furthermore, you will drive remediation of deviations from the standard access model._
**Position Responsibilities:**
+ Define and communicate the standard access model for various access level to resources in the Public Cloud service.
+ Own the intake channels including SNOW Process and IaC Pipelines.
+ Manage access authorization for public cloud resources.
+ Perform access review and approval on a daily basis with the committed SLAs.
+ Develop/enhance automation for intake, review, and implementation.
+ Monitor assignment of privileged roles on a daily basis.
+ Discover and remediate deviations from approved access model in the existing environment.
+ Maintain an exception process and tracks temporary elevation of privileges.
**Required Qualifications:**
+ University/College graduate with 2 - 4 years of progressive experience related to identity and access management, cloud security
+ Proven security mindset, Knowledge and understanding of any industry standard Access Management Framework, Principal of Least Privileged Access, Just-in-Time Access, RBAC and ABAC etc.
+ Possess "automation-first" mindset. Writes automation(s) to streamline common tasks, tests, and workflows.
+ Knowledge of following cloud platforms and Devop tools: Azure, Terraform, Github, GitHub Actions, Python, JIRA, Confluence
+ **_Amenable to work in UP Ayala Technohub (Quezon City)_**
+ **_Amenable to work in a hybrid set-up (3x a week onsite)_**
+ **_Amenable to work in a fixed NIGHT shift schedule_**
**Preferred Qualifications:**
+ Self-driven, able to meet objectives with a minimal amount of managerial oversight/supervision.
+ A team player who can interact with various internal functions such as business unit security officers, security engineers, reliability engineers, DevOps engineers.
+ Advocate constant learning from both success and failure, and encourages openness to change and continuous improvement
+ Proficient in English, both verbal and written
**When you join our team:**
+ We'll empower you to learn and grow the career you want.
+ We'll recognize and support you in a flexible environment where well-being and inclusion are more than just words.
+ As part of our global team, we'll support you in shaping the future you want to see.
**Acerca de Manulife y John Hancock**
Manulife Financial Corporation es un importante proveedor internacional de servicios financieros que ayuda a las personas a tomar decisiones de una manera más fácil y a vivir mejor. Para obtener más información acerca de nosotros, visite .
**Manulife es un empleador que ofrece igualdad de oportunidades**
En Manulife/John Hancock, valoramos nuestra diversidad. Nos esforzamos por atraer, formar y retener una fuerza laboral tan diversa como los clientes a los que prestamos servicios, y para fomentar un entorno laboral inclusivo en el que se aprovechen las fortalezas de las culturas y las personas. Estamos comprometidos con la equidad en las contrataciones, la retención de talento, el ascenso y la remuneración, y administramos todas nuestras prácticas y programas sin discriminación por motivos de raza, ascendencia, lugar de origen, color, origen étnico, ciudadanía, religión o creencias religiosas, credo, sexo (incluyendo el embarazo y las afecciones relacionadas con este), orientación sexual, características genéticas, condición de veterano, identidad de género, expresión de género, edad, estado civil, estatus familiar, discapacidad, o cualquier otro aspecto protegido por la ley vigente.
Nuestra prioridad es eliminar las barreras para garantizar la igualdad de acceso al empleo. Un representante de Recursos Humanos trabajará con los solicitantes que requieran una adaptación razonable durante el proceso de solicitud. Toda la información que se haya compartido durante el proceso de solicitud de adaptación se almacenará y utilizará de manera congruente con las leyes y las políticas de Manulife/John Hancock correspondientes. Para solicitar una adaptación razonable en el proceso de solicitud, envíenos un mensaje a .
**Modalidades de Trabajo**
Híbrido

_We're looking for an_ **_Information Security Analyst (Access Provisioning)_** _to join our ETS Control and Governance team at MBPS. In this role, you are expected to define and maintain a standard access model for cloud resources, review and approve access requests every day within the committed SLA. You will enhance existing automation to make the review and approval task more efficient. Furthermore, you will drive remediation of deviations from the standard access model._
**Position Responsibilities:**
+ Define and communicate the standard access model for various access level to resources in the Public Cloud service.
+ Own the intake channels including SNOW Process and IaC Pipelines.
+ Manage access authorization for public cloud resources.
+ Perform access review and approval on a daily basis with the committed SLAs.
+ Develop/enhance automation for intake, review, and implementation.
+ Monitor assignment of privileged roles on a daily basis.
+ Discover and remediate deviations from approved access model in the existing environment.
+ Maintain an exception process and tracks temporary elevation of privileges.
**Required Qualifications:**
+ University/College graduate with 2 - 4 years of progressive experience related to identity and access management, cloud security
+ Proven security mindset, Knowledge and understanding of any industry standard Access Management Framework, Principal of Least Privileged Access, Just-in-Time Access, RBAC and ABAC etc.
+ Possess "automation-first" mindset. Writes automation(s) to streamline common tasks, tests, and workflows.
+ Knowledge of following cloud platforms and Devop tools: Azure, Terraform, Github, GitHub Actions, Python, JIRA, Confluence
+ **_Amenable to work in UP Ayala Technohub (Quezon City)_**
+ **_Amenable to work in a hybrid set-up (3x a week onsite)_**
+ **_Amenable to work in a fixed NIGHT shift schedule_**
**Preferred Qualifications:**
+ Self-driven, able to meet objectives with a minimal amount of managerial oversight/supervision.
+ A team player who can interact with various internal functions such as business unit security officers, security engineers, reliability engineers, DevOps engineers.
+ Advocate constant learning from both success and failure, and encourages openness to change and continuous improvement
+ Proficient in English, both verbal and written
**When you join our team:**
+ We'll empower you to learn and grow the career you want.
+ We'll recognize and support you in a flexible environment where well-being and inclusion are more than just words.
+ As part of our global team, we'll support you in shaping the future you want to see.
**Acerca de Manulife y John Hancock**
Manulife Financial Corporation es un importante proveedor internacional de servicios financieros que ayuda a las personas a tomar decisiones de una manera más fácil y a vivir mejor. Para obtener más información acerca de nosotros, visite .
**Manulife es un empleador que ofrece igualdad de oportunidades**
En Manulife/John Hancock, valoramos nuestra diversidad. Nos esforzamos por atraer, formar y retener una fuerza laboral tan diversa como los clientes a los que prestamos servicios, y para fomentar un entorno laboral inclusivo en el que se aprovechen las fortalezas de las culturas y las personas. Estamos comprometidos con la equidad en las contrataciones, la retención de talento, el ascenso y la remuneración, y administramos todas nuestras prácticas y programas sin discriminación por motivos de raza, ascendencia, lugar de origen, color, origen étnico, ciudadanía, religión o creencias religiosas, credo, sexo (incluyendo el embarazo y las afecciones relacionadas con este), orientación sexual, características genéticas, condición de veterano, identidad de género, expresión de género, edad, estado civil, estatus familiar, discapacidad, o cualquier otro aspecto protegido por la ley vigente.
Nuestra prioridad es eliminar las barreras para garantizar la igualdad de acceso al empleo. Un representante de Recursos Humanos trabajará con los solicitantes que requieran una adaptación razonable durante el proceso de solicitud. Toda la información que se haya compartido durante el proceso de solicitud de adaptación se almacenará y utilizará de manera congruente con las leyes y las políticas de Manulife/John Hancock correspondientes. Para solicitar una adaptación razonable en el proceso de solicitud, envíenos un mensaje a .
**Modalidades de Trabajo**
Híbrido

Security Analyst I

TaskUs is seeking a hands-on Security Compliance Manager for our third-Party Application Assurance to join our enterprise security team. As part of TaskUs' transformational security organization, we are looking for talented, experienced individual performers to help develop, and implement these foundational programs.

As a hands-on security analyst, you will be responsible for identifying, assessing, tracking, and managing security risks in our third-party and internal security review programs. This role requires hands-on experience with assessing security risks, especially with specific security programs. You must be able to solve challenging security issues at scale and work collaboratively with all stakeholders. Additionally, you should be comfortable with incomplete requirements and a fast paced environment.

**Responsibilities**:

- People management and team supervision
- Conduct regular security assessments on third-parties and internal stakeholders on requirements and standards
- Collaborate with internal stakeholders on assessments and identify risks and track them
- Consult with internal stakeholders on security standards and best practices to protect Zoom data and systems
- Follow up with internal stakeholders and third-parties on remediation to ensure security risks are tracked and closed

**Requirements**:

- Team management experience of at least 1 to 2 years
- At least 3 years experience specifically in a security role
- Prior experience working in third-party risk management, enterprise risk management, or security compliance teams
- Exceptional verbal and written communication skills necessary to effectively collaborate with peers, and to present and explain highly technical information to stakeholders who may have limited technical knowledge.
- Bachelor's degree in IT Security, Computer Science, or equivalent; or an additional 4 years of relevant IT experience.

Others:

- Burp suite experience is great to have but any testing experience with tools that allow you to proxy
- Familiarity with tools that allow you to proxy
- Burp is a very familiar known too / similar tools are good too
- Nice-to-have tools/experience are web app testing / mobile app testing
- Familiarity with top 10 framework - OWASP framework to test any form of mobile/app. familiarity with the top 10 is great!
- Testing STK for security is a nice-to-have experience too

About Us

We are a collective of highly capable humans, who understand how to deploy technology and data to best serve your purpose. From Digital CX to Content Security, AI Operations, Consulting, and anything in between, we consider ourselves responsible for protecting our partners’ interests and supporting their long term success through innovation and technology -powered by ridiculously smart people.

TaskUs partners with the world’s most innovative and disruptive brands to protect what matters most and to thrive in an ever-changing world.

TaskUs currently has over 23,000 employees around the world with offices across the United States, the Philippines, India, Taiwan, Mexico, Greece, and Ireland.

TaskUs is an equal opportunity employer.

If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!

TaskUs is an Equal Opportunity Employer

**Responsibilities**:
**Application Hardening**
- Application Architecture Review (Scoping)
- Fine-tune SAST/DAST tools and processes according to policies
- Conducts false positive analysis and code reviews
- Reproduce, demonstrate, and retest vulnerabilities
- Assess risk, recommend remediation, and generate vulnerability report
- Review reports and provide feedback to software developers and provide reports to management
- Provide developer walkthrough relating to vulnerability findings
- Continually improve SAST/DAST process and environment

**Others**
- Threat Modeling

**Qualifications**:

- Graduate of Bachelor’s Degree course, preferably IT related courses
- At least 2 years of coding / developer experience and understanding of the SLDC process
- Open to higher years of experience. Role calibration will be done during skills interview.
- Good foundation in computer programming on data structures, design patterns, object-oriented programming, algorithms, and software design
- Experience working on large enterprise organizations
- Working knowledge to administer MS Windows or Linux
- Understanding and familiarity with common code review methods and standards
- Working knowledge on secure coding practice
- Strong foundation on web service technologies such as XML, REST, SOAP, AJAX, JSON, HTML5, JavaScript, and CSS3
- Familiar on different security standards and frameworks such as CIS, COBIT, ISO 17799, ISO 27001, NIST SP800-53, ITIL v2, HIPAA, FFIEC, NERC-CIP, PCI-DSS, OWASP
- Good oral and written communication skills
- Strong attention to details, documentation, and organizational skills
- SAST / DAST certifications
- Must be knowledgeable to the following technologies:

- SAST: SonarQube, Checkmarx, Forify, Codacy, MobSF, Veracode
- DAST: Acunetix, AppScan, Burp Suite, Nessus, Nexpose, QualysGuard, WebInspect

**Join our high-performing team and enjoy these benefits**:

- Healthcare Insurance (HMO) & Life Insurance coverage from day 1 of employment
- Expanded maternity leave up to 120 days*
- Expanded paternity leave up to 30 days*
- Employee Stock Purchase Pan
- Loyalty and Christmas Gift
- Inclusion and Diversity Benefits
- Night Differential
- Allowances
- Car and housing plan
- Company-sponsored trainings like upskilling and certification
- Flexible Working Arrangements
- Healthy and Encouraging Work Environment

**TERMS AND CONDITIONS**

**Additional Information**:
The following documents will be asked as part of the pre-hiring requirements prior onboarding. We recommend to prepare the requirements early to ensure on time onboarding. Detailed discussion will take place during onboarding process as well as changes on the requirements as needed.
- Transcript of Records (TOR)
- Diploma (for graduates only) and/or Certificate of Graduation
- Certificate of Employment (COE) and/or SSS Employment History
- Government Documents:

- SSS ID and/or SSS Verification Form
- SSS Statement of Account (SOA)
- SSS Certificate of Contribution
- Pag-IBIG Member’s Data Record (MDR)
- Philhealth ID and/or Philhealth Member Data Record (MDR)
- TIN ID and/or Processed BIR Form 1905 or any BIR documents reflecting your TIN and with BIR Stamped
- NSO Birth Certificate

**Salary**: Php28,000.00 - Php145,000.00 per month

Schedule:

- 8 hour shift
- Rotational shift

**Provides support to Re**: sources and other Publicis Groupe agencies on security projects and initiatives

Coordinates with various technology functions during the implementation of security controls/solutions as part of Global ISMS/ISO 27001 program

Perform review of IT security policies, procedures, and control frameworks, including cloudbased environments and solutions/workloads.
ÂPerform periodic internal IT security audits and assessments.
Participates in external security audits, and manage audit evidence
ÂParticipate in creation and establishing Cloud based security framework, baselines, standards,procedure and guidelines for implementation and periodic assessments
Coordinate in identification, recording and management of cloud security risks through use of industry solution such as CSPM and CNAPP

At least 2+ years of IT and / or information security-related experience, including at least 1+
years of IT or Cloud security experience
Familiarity with general information security controls, processes and principles
Experience in IT security co