18 Ethical Hacking jobs in the Philippines
Information Security Analyst II
Manila, Metropolitan Manila
RELX INC
Posted 8 days ago
Job Viewed
Job Description
Job Scope:
To manage all RX security assessments and play a key part in ensuring RX's security compliance optimization. Monitor assessments while ensuring that Reed Exhibitions internal systems are compliant with RELX and industry standards. Proactively manage the third-party risk assessments, compliance evidence gathering of their IT services, infrastructure, applications and relevant services against their Security policies and related frameworks. Training and development will be provided in all areas of the role as required.
Key Responsibilities:
Security Assessment Management
+ Serve as an advanced technical advisor for third-party assessments, providing detailed security insights and solutions.
+ Perform in-depth security reviews and risk assessments for new and existing third-party vendors, ensuring compliance with organizational and regulatory requirements.
+ Demonstrate advanced knowledge in RELX security compliance policies and procedures.
+ Stay current with updates and developments in security standards such as OWASP Top 10, ISO27001, and SOC 2, and ensure their proper implementation across the organization.
+ Develop and deliver training and awareness on security policies and standards to business units.
+ Gain in-depth knowledge of the organization's major infrastructure security controls, ensuring they align with RELX Policies and Standards, industry best practices, and regulatory requirements.
+ Coordinate with technology/service owners and business owners to conduct annual security audits, vulnerability assessments, and penetration tests where applicable.
+ Work collaboratively within all business areas and key stakeholders to ensure the review and approach of all security governance, risk, and compliance scope is appropriate and proactive.
+ Ensure continuous monitoring and reporting of compliance and risk status against NIST2.0, RELX Framework, ISO27001, SOC2, PCI DSS, regional and global regulations, and all other relevant standards.
+ Support internal and external audits by providing detailed documentation and evidence of security controls and practices.
+ Perform RX Business Unit and Third-Party security audits according to the CISO office strategic plan and produce detailed documentation and evidence against security controls and practices tested.
+ Act as a point of escalation for security-related incidents, providing advanced security support and guidance to Level I Analysts and other team members.
+ Provide regular updates and at least monthly metric reports to senior management on security compliance and risk posture.
+ Escalation of high impact security issues to Security Compliance Manager.
Ideal candidate profile:
Technical Skills:
+ Bachelor's Degree holder.
+ Background in IT, compliance, and/or information security.
+ Ability to work across all levels of seniority within business teams to drive a working partnership.
+ Strong analytical and critical thinking skills.
+ Understanding of industry standards for IT security (e.g., ISO27001/2, SOC 2, PCI DSS).
+ Basic understanding of IT security applications (e.g., firewalls, intrusion detection, virus protection).
+ Understanding of IT security testing and vulnerability management, and Threat Modeling.
+ Understanding in Cloud Environment (e.g., AWS, Azure or GCP)
+ Understanding of Service Level Management.
+ Desired understanding of OneTrust portal or Similar.
+ With CompTIA Security+ or Similar or Higher.
Personal Skills:
+ Ability to work across all levels of seniority within the organization and suppliers to drive a working partnership.
+ Good communication skills at all levels, both oral and written.
+ Good interpersonal skills.
+ Ability to produce effective influence and persuasive arguments in support of security assessment process goals.
+ Highly driven and self-motivated individuals.
+ Skilled in project management and able to work independently in a fast-paced environment.
We are committed to providing a fair and accessible hiring process. If you have a disability or other need that requires accommodation or adjustment, please let us know by completing our Applicant Request Support Form or please contact 1- .
Criminals may pose as recruiters asking for money or personal information. We never request money or banking details from job applicants. Learn more about spotting and avoiding scams here .
Please read our Candidate Privacy Policy .
We are an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law.
USA Job Seekers:
EEO Know Your Rights .
RELX is a global provider of information-based analytics and decision tools for professional and business customers, enabling them to make better decisions, get better results and be more productive.
Our purpose is to benefit society by developing products that help researchers advance scientific knowledge; doctors and nurses improve the lives of patients; lawyers promote the rule of law and achieve justice and fair results for their clients; businesses and governments prevent fraud; consumers access financial services and get fair prices on insurance; and customers learn about markets and complete transactions.
Our purpose guides our actions beyond the products that we develop. It defines us as a company. Every day across RELX our employees are inspired to undertake initiatives that make unique contributions to society and the communities in which we operate.
To manage all RX security assessments and play a key part in ensuring RX's security compliance optimization. Monitor assessments while ensuring that Reed Exhibitions internal systems are compliant with RELX and industry standards. Proactively manage the third-party risk assessments, compliance evidence gathering of their IT services, infrastructure, applications and relevant services against their Security policies and related frameworks. Training and development will be provided in all areas of the role as required.
Key Responsibilities:
Security Assessment Management
+ Serve as an advanced technical advisor for third-party assessments, providing detailed security insights and solutions.
+ Perform in-depth security reviews and risk assessments for new and existing third-party vendors, ensuring compliance with organizational and regulatory requirements.
+ Demonstrate advanced knowledge in RELX security compliance policies and procedures.
+ Stay current with updates and developments in security standards such as OWASP Top 10, ISO27001, and SOC 2, and ensure their proper implementation across the organization.
+ Develop and deliver training and awareness on security policies and standards to business units.
+ Gain in-depth knowledge of the organization's major infrastructure security controls, ensuring they align with RELX Policies and Standards, industry best practices, and regulatory requirements.
+ Coordinate with technology/service owners and business owners to conduct annual security audits, vulnerability assessments, and penetration tests where applicable.
+ Work collaboratively within all business areas and key stakeholders to ensure the review and approach of all security governance, risk, and compliance scope is appropriate and proactive.
+ Ensure continuous monitoring and reporting of compliance and risk status against NIST2.0, RELX Framework, ISO27001, SOC2, PCI DSS, regional and global regulations, and all other relevant standards.
+ Support internal and external audits by providing detailed documentation and evidence of security controls and practices.
+ Perform RX Business Unit and Third-Party security audits according to the CISO office strategic plan and produce detailed documentation and evidence against security controls and practices tested.
+ Act as a point of escalation for security-related incidents, providing advanced security support and guidance to Level I Analysts and other team members.
+ Provide regular updates and at least monthly metric reports to senior management on security compliance and risk posture.
+ Escalation of high impact security issues to Security Compliance Manager.
Ideal candidate profile:
Technical Skills:
+ Bachelor's Degree holder.
+ Background in IT, compliance, and/or information security.
+ Ability to work across all levels of seniority within business teams to drive a working partnership.
+ Strong analytical and critical thinking skills.
+ Understanding of industry standards for IT security (e.g., ISO27001/2, SOC 2, PCI DSS).
+ Basic understanding of IT security applications (e.g., firewalls, intrusion detection, virus protection).
+ Understanding of IT security testing and vulnerability management, and Threat Modeling.
+ Understanding in Cloud Environment (e.g., AWS, Azure or GCP)
+ Understanding of Service Level Management.
+ Desired understanding of OneTrust portal or Similar.
+ With CompTIA Security+ or Similar or Higher.
Personal Skills:
+ Ability to work across all levels of seniority within the organization and suppliers to drive a working partnership.
+ Good communication skills at all levels, both oral and written.
+ Good interpersonal skills.
+ Ability to produce effective influence and persuasive arguments in support of security assessment process goals.
+ Highly driven and self-motivated individuals.
+ Skilled in project management and able to work independently in a fast-paced environment.
We are committed to providing a fair and accessible hiring process. If you have a disability or other need that requires accommodation or adjustment, please let us know by completing our Applicant Request Support Form or please contact 1- .
Criminals may pose as recruiters asking for money or personal information. We never request money or banking details from job applicants. Learn more about spotting and avoiding scams here .
Please read our Candidate Privacy Policy .
We are an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law.
USA Job Seekers:
EEO Know Your Rights .
RELX is a global provider of information-based analytics and decision tools for professional and business customers, enabling them to make better decisions, get better results and be more productive.
Our purpose is to benefit society by developing products that help researchers advance scientific knowledge; doctors and nurses improve the lives of patients; lawyers promote the rule of law and achieve justice and fair results for their clients; businesses and governments prevent fraud; consumers access financial services and get fair prices on insurance; and customers learn about markets and complete transactions.
Our purpose guides our actions beyond the products that we develop. It defines us as a company. Every day across RELX our employees are inspired to undertake initiatives that make unique contributions to society and the communities in which we operate.
This advertiser has chosen not to accept applicants from your region.
0
Security Analyst
Makati, National Capital Region
MediLink Network Inc.
Posted today
Job Viewed
Job Description
The **Security Engineer** will join our technical operations team to help us design, implement, maintain, and support our technology infrastructure securely both on cloud and on-premise. They help safeguard the organization's computer networks and systems. They plan and carry out security measures to monitor and protect sensitive data and systems from infiltration and cyber-attacks. The engineer in this role would need to be able to independently see tasks under the direction of the technical operations management.
**DUTIES AND RESPONSIBILITIES**
- Partners with members of the engineering organization to design, test, deploy and maintain scalable, robust software platforms and services
- Evaluates new technologies and processes that enhance security capabilities
- Helps automate and streamline the operations and processes
- Builds and maintain tools for deployment, monitoring and operations
- Helps plan and carry out an organization’s information security strategy
- Develops a set of security standards and best practices for the organization, and recommend security enhancements to management as needed
- Constantly monitors the organization’s networks and systems for security breaches or intrusions
- Develops strategies to respond to and recover from a security breach
- Helps monitor, test, and maintain the infrastructure
- Responsible for educating the workforce on information security through training and building awareness
QUALIFICATIONS
Must-haves:
- 5+ years of overall professional experience in the IT industry
- Background and experience in Windows and Linux System Administration
- Experience in performing vulnerability assessment and penetration testing
- Experience in maintaining network and security devices
- Familiar with network, database, and security concepts
Skills required:
- Expert in performing vulnerability assessment and penetration testing
- Expertise with cloud and virtualization technologies
- Expertise with security concepts and principles
- Expertise with endpoint security solutions
- Expertise with automation
- Ability to multi-task
- Has a keen eye for details
- Strong organizational skills
- Ability to communicate with peers and management
Why should you #JoinMediLink?
MediLink Network, Inc. is a health-tech company whose mission is to enable efficient, accessible, and affordable healthcare with the end goal of building a stronger healthcare community that benefits all its stakeholders.
MediLinkers, our employees, get to immerse themselves in this mission by utilizing their skills and talents to ensure that the much-needed technological products and systems are provided for the advancement of healthcare. With that in mind, you will also be a key player in that significant change and you will constantly be surrounded by innovative people from different departments.
You can expect to have opportunities to expand your learning and work on several valuable projects too. The health ecosystem we are serving is a huge network so there are various ways for you to grow in the organization.
**Benefits**:
- Flexible schedule
- Flextime
- Opportunities for promotion
- Promotion to permanent employee
- Work from home
Schedule:
- 8 hour shift
- Monday to Friday
Supplemental pay types:
- 13th month salary
- Overtime pay
- Performance bonus
Ability to commute/relocate:
- Makati City: Reliably commute or planning to relocate before starting work (required)
**DUTIES AND RESPONSIBILITIES**
- Partners with members of the engineering organization to design, test, deploy and maintain scalable, robust software platforms and services
- Evaluates new technologies and processes that enhance security capabilities
- Helps automate and streamline the operations and processes
- Builds and maintain tools for deployment, monitoring and operations
- Helps plan and carry out an organization’s information security strategy
- Develops a set of security standards and best practices for the organization, and recommend security enhancements to management as needed
- Constantly monitors the organization’s networks and systems for security breaches or intrusions
- Develops strategies to respond to and recover from a security breach
- Helps monitor, test, and maintain the infrastructure
- Responsible for educating the workforce on information security through training and building awareness
QUALIFICATIONS
Must-haves:
- 5+ years of overall professional experience in the IT industry
- Background and experience in Windows and Linux System Administration
- Experience in performing vulnerability assessment and penetration testing
- Experience in maintaining network and security devices
- Familiar with network, database, and security concepts
Skills required:
- Expert in performing vulnerability assessment and penetration testing
- Expertise with cloud and virtualization technologies
- Expertise with security concepts and principles
- Expertise with endpoint security solutions
- Expertise with automation
- Ability to multi-task
- Has a keen eye for details
- Strong organizational skills
- Ability to communicate with peers and management
Why should you #JoinMediLink?
MediLink Network, Inc. is a health-tech company whose mission is to enable efficient, accessible, and affordable healthcare with the end goal of building a stronger healthcare community that benefits all its stakeholders.
MediLinkers, our employees, get to immerse themselves in this mission by utilizing their skills and talents to ensure that the much-needed technological products and systems are provided for the advancement of healthcare. With that in mind, you will also be a key player in that significant change and you will constantly be surrounded by innovative people from different departments.
You can expect to have opportunities to expand your learning and work on several valuable projects too. The health ecosystem we are serving is a huge network so there are various ways for you to grow in the organization.
**Benefits**:
- Flexible schedule
- Flextime
- Opportunities for promotion
- Promotion to permanent employee
- Work from home
Schedule:
- 8 hour shift
- Monday to Friday
Supplemental pay types:
- 13th month salary
- Overtime pay
- Performance bonus
Ability to commute/relocate:
- Makati City: Reliably commute or planning to relocate before starting work (required)
This advertiser has chosen not to accept applicants from your region.
1
Jr. Security Analyst
Hunter's Hub Inc.
Posted today
Job Viewed
Job Description
MAIN RESPONSIBILITIES:
- Plan, execute and lead security audits across an organization
- Inspect and evaluate access on financial and information systems, management procedures and
security controls
- Evaluate the efficiency, effectiveness and compliance of operation processes with corporate security
policies and related government regulations
- Execute and properly document the audit process on a variety of computing environments and
- Assess the exposures resulting from ineffective or missing control practices
- Accurately interpret audit results against defined criteria
- Weigh the relevancy, accuracy and perspective of conclusions against audit evidence
- Provide a written audit findings
- Develop rigorous “best practice” recommendations to improve security on all levels
- Work with management to ensure security recommendations comply with company procedure
- Collaborate with departments to improve security compliance, manage risk and bolster effectiveness
- Working on Europe Shift.
**Benefits**:
- Health insurance
Schedule:
- 8 hour shift
Ability to commute/relocate:
- Alabang: Reliably commute or planning to relocate before starting work (required)
- Plan, execute and lead security audits across an organization
- Inspect and evaluate access on financial and information systems, management procedures and
security controls
- Evaluate the efficiency, effectiveness and compliance of operation processes with corporate security
policies and related government regulations
- Execute and properly document the audit process on a variety of computing environments and
- Assess the exposures resulting from ineffective or missing control practices
- Accurately interpret audit results against defined criteria
- Weigh the relevancy, accuracy and perspective of conclusions against audit evidence
- Provide a written audit findings
- Develop rigorous “best practice” recommendations to improve security on all levels
- Work with management to ensure security recommendations comply with company procedure
- Collaborate with departments to improve security compliance, manage risk and bolster effectiveness
- Working on Europe Shift.
**Benefits**:
- Health insurance
Schedule:
- 8 hour shift
Ability to commute/relocate:
- Alabang: Reliably commute or planning to relocate before starting work (required)
This advertiser has chosen not to accept applicants from your region.
2
Ict Security Analyst
Taguig, National Capital Region
Ericsson
Posted today
Job Viewed
Job Description
Ericsson Philippines
Location:Taguig, Philippines
Work rights: Local Employment Contract
Travel requirement: None
**About this opportunity**
We are now looking for an Information and Communication Technology (ICT) Security Analyst. In this role, you will ensure proper protection of information assets, accessed through the Ericsson IT environment. You will be a key player by providing IT security operations, expertise, support and solutions, based on the IT Security requirements and enabling compliance with applicable internal /external requirements, laws, regulations and standards.
**What you will do**
- Vulnerability management in SAP SOX Applications and DB layers
- Implement, coordinate, and detail SOX controls related to access management in global SAP.
- Implement, coordinate, and document internal controls related to access management in global SAP.
- Perform internal security controls and monitoring
- Be part of IT Security Access Control internal work streams to complete our strategy
- Provide authority guidance and information to stakeholders on SAP R&A processes, e.g., user administration processes, demand to solution processes, incident & support handling processes etc.
**Secondary responsibilities**:
- Support SAP implementation projects for companies/units supported related to user role mapping, expert guidance, and release system preparations
- Maintain support information published on official support sites
- Manage content in ordering systems and catalogs based on companies’ business need
- Perform system segregation of duty (SoD) analysis and take action on high risks and unmitigated risks in collaboration with Ericsson business and ERP Security.
- Coordinate and distribute system segregation of duty (SoD) reports to company stakeholders
**You will bring**
- A Bachelor’s degree or similar experience serves as an important knowledge base for this job
- Customer first mentality, growth mindset, known for high quality work, enjoy problem solving, process & rule oriented, standout colleague, perform fact-based decisions and being a good communicator.
- Self-starter with the desire to be part of delivering extraordinary services, creating a driven edge for Ericsson
- Excellent communication skills, as the role involves communication and interaction with end-users, business managers and support functions
- Specific knowledge of one or several Ericsson business processes/sub-processes are valued
- Experience from support functions or service delivery (1st/2nd/3rd line support)
- Solid understanding of SOX and the importance of consistency to such requirements and other regulatory requirements is valued
**Additional Requirements**:
- Project and stakeholder management
- Process improvement
- User access management and administration experience.
- Reports automation via MS Excel/Visual Basic.
- Basic MS Access background.
- Familiar with reporting methodologies.
**What´s in it for you?**
Here at Ericsson, our culture is built on over a century of courageous decisions. With us, you will no longer be dreaming of what the future holds - you will be redefining it. You won’t develop for the status quo, but will build what replaces it. Joining us is a way to move your career in any direction you want; with hundreds of career opportunities in locations all over the world, in a place where co-creation and collaboration are embedded into the walls. You will find yourself in a speak-up environment where empathy and humanness serve as cornerstones for how we work, and where work-life balance is a priority. Welcome to an inclusive, global company where your opportunity to make an impact is endless.
**What happens once you apply?**
**What's in it for you?**
Here at Ericsson, our culture is built on over a century of courageous decisions With us, you will no longer be dreaming of what the future holds you will be redefining it You won’t develop for the status quo but will build what replaces it Joining us is a way to move your career in any direction you want with hundreds of career opportunities in locations all over the world, in a place where co creation and collaboration are embedded into the walls You will find yourself in a speak up environment where empathy and humanness serve as cornerstones for how we work, and where work life balance is a priority Welcome to an inclusive, global company where your opportunity to make an impact is endless.
“**We are proud to announce at Ericsson Philippines has been name #8 in the country and**, our employees have once again voted us as a Great Place to Work® and we have been officially Certified in 2021. **Every year, more than 10,000 organizations from over 60 countries partner with the Great Place to Work® Institute for assessment, benchmarking and planning actions to strengthen their workplace culture and this Certification acknowledges our employees value their employee experience and our workplace culture.”
**What happens once you a
Location:Taguig, Philippines
Work rights: Local Employment Contract
Travel requirement: None
**About this opportunity**
We are now looking for an Information and Communication Technology (ICT) Security Analyst. In this role, you will ensure proper protection of information assets, accessed through the Ericsson IT environment. You will be a key player by providing IT security operations, expertise, support and solutions, based on the IT Security requirements and enabling compliance with applicable internal /external requirements, laws, regulations and standards.
**What you will do**
- Vulnerability management in SAP SOX Applications and DB layers
- Implement, coordinate, and detail SOX controls related to access management in global SAP.
- Implement, coordinate, and document internal controls related to access management in global SAP.
- Perform internal security controls and monitoring
- Be part of IT Security Access Control internal work streams to complete our strategy
- Provide authority guidance and information to stakeholders on SAP R&A processes, e.g., user administration processes, demand to solution processes, incident & support handling processes etc.
**Secondary responsibilities**:
- Support SAP implementation projects for companies/units supported related to user role mapping, expert guidance, and release system preparations
- Maintain support information published on official support sites
- Manage content in ordering systems and catalogs based on companies’ business need
- Perform system segregation of duty (SoD) analysis and take action on high risks and unmitigated risks in collaboration with Ericsson business and ERP Security.
- Coordinate and distribute system segregation of duty (SoD) reports to company stakeholders
**You will bring**
- A Bachelor’s degree or similar experience serves as an important knowledge base for this job
- Customer first mentality, growth mindset, known for high quality work, enjoy problem solving, process & rule oriented, standout colleague, perform fact-based decisions and being a good communicator.
- Self-starter with the desire to be part of delivering extraordinary services, creating a driven edge for Ericsson
- Excellent communication skills, as the role involves communication and interaction with end-users, business managers and support functions
- Specific knowledge of one or several Ericsson business processes/sub-processes are valued
- Experience from support functions or service delivery (1st/2nd/3rd line support)
- Solid understanding of SOX and the importance of consistency to such requirements and other regulatory requirements is valued
**Additional Requirements**:
- Project and stakeholder management
- Process improvement
- User access management and administration experience.
- Reports automation via MS Excel/Visual Basic.
- Basic MS Access background.
- Familiar with reporting methodologies.
**What´s in it for you?**
Here at Ericsson, our culture is built on over a century of courageous decisions. With us, you will no longer be dreaming of what the future holds - you will be redefining it. You won’t develop for the status quo, but will build what replaces it. Joining us is a way to move your career in any direction you want; with hundreds of career opportunities in locations all over the world, in a place where co-creation and collaboration are embedded into the walls. You will find yourself in a speak-up environment where empathy and humanness serve as cornerstones for how we work, and where work-life balance is a priority. Welcome to an inclusive, global company where your opportunity to make an impact is endless.
**What happens once you apply?**
**What's in it for you?**
Here at Ericsson, our culture is built on over a century of courageous decisions With us, you will no longer be dreaming of what the future holds you will be redefining it You won’t develop for the status quo but will build what replaces it Joining us is a way to move your career in any direction you want with hundreds of career opportunities in locations all over the world, in a place where co creation and collaboration are embedded into the walls You will find yourself in a speak up environment where empathy and humanness serve as cornerstones for how we work, and where work life balance is a priority Welcome to an inclusive, global company where your opportunity to make an impact is endless.
“**We are proud to announce at Ericsson Philippines has been name #8 in the country and**, our employees have once again voted us as a Great Place to Work® and we have been officially Certified in 2021. **Every year, more than 10,000 organizations from over 60 countries partner with the Great Place to Work® Institute for assessment, benchmarking and planning actions to strengthen their workplace culture and this Certification acknowledges our employees value their employee experience and our workplace culture.”
**What happens once you a
This advertiser has chosen not to accept applicants from your region.
3
Analyst, Information Security
Cardinal Health
Posted 12 days ago
Job Viewed
Job Description
**_What User Access Management contributes to Cardinal Health_**
The User Access Management team is responsible for managing identity and attributes for employees, contractors, customers, vendors, etc.
Ensures compliance with Cardinal Health security requirements for applications in the organization in relation to identity and access.
Analysts within the team ensure the right access to the right applications at the appropriate time through provisioning efforts, IdentityIQ management, SAP, and approval enforcement.
**_Functional Competencies_**
+ Maintain efforts to streamline the user provisioning processes.
+ Improve the transparency of access for our entitlement owners and managers.
+ Serve as the point of escalation from the business and IT; execute the provisioning steps needed to ensure an efficient and compliant process.
+ Partner with application teams to provide security, governance, and provisioning services enterprise-wide.
+ Minimum cross knowledge to provide process improvement of how the ENTIRE team works together to streamline job functions.
**_Activities/accountabilities include the following:_**
+ Partners with application teams to create/streamline provisioning processes.
+ Serve as liaison between business and IT to determine appropriate access for users, including user consultations, SoD checks, and access determination.
+ Able to take a group of users, review the access and identify changes that can be made to ensure consistency and repeatability in provisioning that group.
+ Ensures the consistency and cleanliness of the environments we manage.
+ Ensures all documentation on tasks performed has been updated and published in a shared location.
+ Act as an advocate for access controls and identity access management (IAM) services, ensuring correct/appropriate standards and processes are being adhered to
+ Achieve quality review standards of no repeat errors.
+ Initiate regular reviews of user to role mappings to ensure access meets the security design and security/access related problem resolution.
+ Focus on automation opportunities/improvements.
**_Qualifications_**
+ Application access support/administration
+ Functional experience with security principles, specifically access management.
+ Process improvement and lean principles.
_Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._
_Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._
_To read and review this privacy notice click_ here (
The User Access Management team is responsible for managing identity and attributes for employees, contractors, customers, vendors, etc.
Ensures compliance with Cardinal Health security requirements for applications in the organization in relation to identity and access.
Analysts within the team ensure the right access to the right applications at the appropriate time through provisioning efforts, IdentityIQ management, SAP, and approval enforcement.
**_Functional Competencies_**
+ Maintain efforts to streamline the user provisioning processes.
+ Improve the transparency of access for our entitlement owners and managers.
+ Serve as the point of escalation from the business and IT; execute the provisioning steps needed to ensure an efficient and compliant process.
+ Partner with application teams to provide security, governance, and provisioning services enterprise-wide.
+ Minimum cross knowledge to provide process improvement of how the ENTIRE team works together to streamline job functions.
**_Activities/accountabilities include the following:_**
+ Partners with application teams to create/streamline provisioning processes.
+ Serve as liaison between business and IT to determine appropriate access for users, including user consultations, SoD checks, and access determination.
+ Able to take a group of users, review the access and identify changes that can be made to ensure consistency and repeatability in provisioning that group.
+ Ensures the consistency and cleanliness of the environments we manage.
+ Ensures all documentation on tasks performed has been updated and published in a shared location.
+ Act as an advocate for access controls and identity access management (IAM) services, ensuring correct/appropriate standards and processes are being adhered to
+ Achieve quality review standards of no repeat errors.
+ Initiate regular reviews of user to role mappings to ensure access meets the security design and security/access related problem resolution.
+ Focus on automation opportunities/improvements.
**_Qualifications_**
+ Application access support/administration
+ Functional experience with security principles, specifically access management.
+ Process improvement and lean principles.
_Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._
_Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._
_To read and review this privacy notice click_ here (
This advertiser has chosen not to accept applicants from your region.
4
Cyber Security Analyst 1 (Onsite)
Pampanga, Pampanga
Seidotech Solutions Corp.
Posted 11 days ago
Job Viewed
Job Description
About the role: As a Cyber Security Analyst – Tier 1 in the Security Operations Center (SOC), you will be the first responder for business-impacting cyber security incidents that arise in our customers' environments. Fast, effective, and courteous service is the lifeblood of our organization, and this position requires nothing less. Your technical acumen will be challenged daily. Quick thinkers who can make decisions on their feet will be successful in this job.
br>What You’ll Do: < r>- Monitor cyber security tools to identify, triage, and report security incidents to customers.
- Leverage available cyber security capabilities to contain security incidents to prevent the lateral spread of malware or lateral movement of attackers.
- Conduct cyber security investigations to identify and rule out false positive security incidents.
- Provide additional cyber security investigatory support to customers as needed.
- Work with a team of like-minded professionals to monitor customer ticket queues and triage tickets that need immediate attention. We service customers as small as 10 users, up to multi-national enterprises.
- Follow pre-defined playbooks and runbooks and collaborate with other technical resources, where appropriate.
- Monitor and process event tickets on a prioritized basis as to the customer impact and urgency of these events.
- Remain cognizant of customer service-level agreements, and strive to meet or exceed them on a regular basis.
- Participate in Incident Management by providing situational reports (sitreps) via ticket updates and/or customer-facing communications.
- Provide first level technical resolution for cyber security incidents.
- Collaborate with our Network Operations Center (NOC) as needed, to document incidents, maintenance, and problems.
- Utilize various systems management tools to monitor availability, reliability, and performance of customer environments.
- Demonstrate problem solving skills that contribute towards the resolution of any issues that arise.
- Quickly assess an issue and form an understanding of the likely root cause in unfamiliar technical environments and technologies.
- Investigate, resolve, and/or escalate matters of significance pertaining to customer alerts and events.
- Document solutions, processes, procedures and present them in writing, verbally on the phone or in-person.
- Commit to professional growth and development by maintaining and/or obtaining new industry specific certifications.
What Skills & Experience You’ll Need: < r>- Experience with monitoring and using a SIEM
Azure Sentinel preferred (Splunk, Elastic, QRadar are nice to have)
- Experience supporting and administering the following is highly desired:
> Crowdstrike (or a similar nextgen endpoint solution)
> Azure or AWS cloud environments, including compute, storage, networking basics, and backups.
> Microsoft O365
> Windows Server OS: Windows 2012 through Windows 2019, including ADDS, DNS, DHCP, DFS, file/print services, PowerShell basics.
- Networking Basics (CompTIA Network+ equivalent).
- At least one of the following industry certifications highly desired: Security+, Network+, CEH, GCIH.
- A curious disposition.
- Strong documentation, reporting, analytical and problem-solving skills.
- The ability to effectively engage in customer-facing communications.
Preferred Qualifications:
- Experience with any of the following tools: Kaseya VSA, Auvik.
- Experience working in IT enterprises that use industry frameworks such as ITIL, COBIT, or MOF.
br>What You’ll Do: < r>- Monitor cyber security tools to identify, triage, and report security incidents to customers.
- Leverage available cyber security capabilities to contain security incidents to prevent the lateral spread of malware or lateral movement of attackers.
- Conduct cyber security investigations to identify and rule out false positive security incidents.
- Provide additional cyber security investigatory support to customers as needed.
- Work with a team of like-minded professionals to monitor customer ticket queues and triage tickets that need immediate attention. We service customers as small as 10 users, up to multi-national enterprises.
- Follow pre-defined playbooks and runbooks and collaborate with other technical resources, where appropriate.
- Monitor and process event tickets on a prioritized basis as to the customer impact and urgency of these events.
- Remain cognizant of customer service-level agreements, and strive to meet or exceed them on a regular basis.
- Participate in Incident Management by providing situational reports (sitreps) via ticket updates and/or customer-facing communications.
- Provide first level technical resolution for cyber security incidents.
- Collaborate with our Network Operations Center (NOC) as needed, to document incidents, maintenance, and problems.
- Utilize various systems management tools to monitor availability, reliability, and performance of customer environments.
- Demonstrate problem solving skills that contribute towards the resolution of any issues that arise.
- Quickly assess an issue and form an understanding of the likely root cause in unfamiliar technical environments and technologies.
- Investigate, resolve, and/or escalate matters of significance pertaining to customer alerts and events.
- Document solutions, processes, procedures and present them in writing, verbally on the phone or in-person.
- Commit to professional growth and development by maintaining and/or obtaining new industry specific certifications.
What Skills & Experience You’ll Need: < r>- Experience with monitoring and using a SIEM
Azure Sentinel preferred (Splunk, Elastic, QRadar are nice to have)
- Experience supporting and administering the following is highly desired:
> Crowdstrike (or a similar nextgen endpoint solution)
> Azure or AWS cloud environments, including compute, storage, networking basics, and backups.
> Microsoft O365
> Windows Server OS: Windows 2012 through Windows 2019, including ADDS, DNS, DHCP, DFS, file/print services, PowerShell basics.
- Networking Basics (CompTIA Network+ equivalent).
- At least one of the following industry certifications highly desired: Security+, Network+, CEH, GCIH.
- A curious disposition.
- Strong documentation, reporting, analytical and problem-solving skills.
- The ability to effectively engage in customer-facing communications.
Preferred Qualifications:
- Experience with any of the following tools: Kaseya VSA, Auvik.
- Experience working in IT enterprises that use industry frameworks such as ITIL, COBIT, or MOF.
This advertiser has chosen not to accept applicants from your region.
5
Information Security Engineer
Makati, National Capital Region
JK Network Services
Posted 21 days ago
Job Viewed
Job Description
COMPANY PROFILE: Develop significant traveler supplier ties outside of the United States. Known as one of the country's top travel companies.
br>Position: Information Security Engineer
Company Industry: Travel Industry
Work Location: Makati Site, QC, Alabang, Cebu, and Bacolod
Work Schedule: Flexible Schedule, Rotational Shift
Salary: Php 40,000-60,000
Work Set Up: Onsite/Hybrid
JOB REQUIREMENTS:
• Bachelor’s degree in Computer Science, Information Technology, or related fields.
• W th strong verbal and written communication skills, with technical writing experience. < r>• W th relevant certifications is advantage (e.g., CompTIA Security+, GSEC, CEH, CISSP, etc.) < r>• E perience in cloud, network, server and database security < r>
JOB RESPONSIBILITIES:
• O ersee the establishment, dissemination, and regular revisions to CTPI's information security policy. < r>• E sure policies are consistent with developing threats, industry best practices, and standards such as ISO 27001 and SOC 2. < r>• W rk with subject matter experts (SMEs) to identify vulnerabilities in networks, hardware, software, and procedures. < r>• P ovide security solutions and guidance for system and software development in accordance with ISDP policies. < r>• P ovide Level 1 cybersecurity incident response (CIRT), including threat analysis and security event evaluations. < r>• M ke recommendations regarding incident management and mitigation. < r>• P epare and present cybersecurity reports to management. < r>• S ay current on industry developments, technology, and processes to consistently strengthen CTPI's security posture. < r>
RECRUITMENT PROCESS: (ONLINE)
Initial Interview
Technical Assessment
Final Interview
Job offer
br>Position: Information Security Engineer
Company Industry: Travel Industry
Work Location: Makati Site, QC, Alabang, Cebu, and Bacolod
Work Schedule: Flexible Schedule, Rotational Shift
Salary: Php 40,000-60,000
Work Set Up: Onsite/Hybrid
JOB REQUIREMENTS:
• Bachelor’s degree in Computer Science, Information Technology, or related fields.
• W th strong verbal and written communication skills, with technical writing experience. < r>• W th relevant certifications is advantage (e.g., CompTIA Security+, GSEC, CEH, CISSP, etc.) < r>• E perience in cloud, network, server and database security < r>
JOB RESPONSIBILITIES:
• O ersee the establishment, dissemination, and regular revisions to CTPI's information security policy. < r>• E sure policies are consistent with developing threats, industry best practices, and standards such as ISO 27001 and SOC 2. < r>• W rk with subject matter experts (SMEs) to identify vulnerabilities in networks, hardware, software, and procedures. < r>• P ovide security solutions and guidance for system and software development in accordance with ISDP policies. < r>• P ovide Level 1 cybersecurity incident response (CIRT), including threat analysis and security event evaluations. < r>• M ke recommendations regarding incident management and mitigation. < r>• P epare and present cybersecurity reports to management. < r>• S ay current on industry developments, technology, and processes to consistently strengthen CTPI's security posture. < r>
RECRUITMENT PROCESS: (ONLINE)
Initial Interview
Technical Assessment
Final Interview
Job offer
This advertiser has chosen not to accept applicants from your region.
Be The First To Know
About the latest Ethical hacking Jobs in Philippines !
6
Information Security Specialist
San Pedro, Laguna
Yngen Datacom Corporation
Posted today
Job Viewed
Job Description
Develop a comprehensive plan and execute projects to secure the company’s computing network, including on premise and cloud.
- Monitor network data and usage to ensure compliance with security policies.
- Keep up to date with developments in IT security standards and threats
- Establish and maintain the company’s Information Security policies
- Collaborate with senior management, HR, Admin to improve information security
- Document any security breaches and asses their damage
- Create programs to educate colleagues on information security technologies and best practices for information security
**Job Qualifications**:
- Degree in Computer Science or any technology-related field
- With professional information security certification is an advantage
- 1 year of experience in an information security officer role
- Solid knowledge of various information security frameworks
- Effective verbal and written communication skills
- Excellent problem-solving and analytical skills
- Ability to educate a non-technical audience about various security measures
**Salary**: Php20,000.00 - Php25,000.00 per month
Schedule:
- 8 hour shift
- Monitor network data and usage to ensure compliance with security policies.
- Keep up to date with developments in IT security standards and threats
- Establish and maintain the company’s Information Security policies
- Collaborate with senior management, HR, Admin to improve information security
- Document any security breaches and asses their damage
- Create programs to educate colleagues on information security technologies and best practices for information security
**Job Qualifications**:
- Degree in Computer Science or any technology-related field
- With professional information security certification is an advantage
- 1 year of experience in an information security officer role
- Solid knowledge of various information security frameworks
- Effective verbal and written communication skills
- Excellent problem-solving and analytical skills
- Ability to educate a non-technical audience about various security measures
**Salary**: Php20,000.00 - Php25,000.00 per month
Schedule:
- 8 hour shift
This advertiser has chosen not to accept applicants from your region.
7
Information Security Head
Pasig, Palawan
Global Dominion Financing, Inc.
Posted today
Job Viewed
Job Description
**Education**:
At least Bachelor’s Degree in an Information Technology or any Information Security related field
**Experience**:
Preferably with 10 (ten) years related experience in Information Security on an Officer Level.
**Skills**:
- Proven working experience in information security in a banking sector with mathematical aptitude.
- Solid technical background with understanding and/or government laws and circulars
- Ability to drive a culture of quality and personal accountability.
- Solid organizational skills including attention to detail and multi-tasking skills
- Strong people and management skills to interact with staff, colleagues, cross-functional teams and third parties.
- Able to work equally well in self-managed and team based projects.
- Excellent client-facing and internal communication skills
- Excellent written, verbal communication and presentation skills
- Regularly interacts with immediate superior
**JOB DESCRITION**
- Lead other staff members in the program design and to effect initiatives, programs or projects to meet those management and business objectives.
- Conduct periodic assessments and regular monitoring of campus information security controls and practices to ensure compliance with Client policy and regulatory requirements.
- Make recommendations for improving controls and practices to reduce risks related to information security.
- Participate in review and analysis of security products and services and make recommendations based on the needs of the Client Community.
- Assist with development and maintenance of Service Level Agreements and Operating Level Agreements.
- Performing network and other systems vulnerability assessments
- Assist with the management of the ITS policy portfolio.
**Salary**: Php60,000.00 - Php120,000.00 per month
**Benefits**:
- Flextime
- Work from home
Schedule:
- 8 hour shift
Supplemental Pay:
- 13th month salary
- Anniversary bonus
- Bonus pay
- Commission pay
- Performance bonus
- Quarterly bonus
- Yearly bonus
Ability to commute/relocate:
- Pasig City: Reliably commute or planning to relocate before starting work (required)
At least Bachelor’s Degree in an Information Technology or any Information Security related field
**Experience**:
Preferably with 10 (ten) years related experience in Information Security on an Officer Level.
**Skills**:
- Proven working experience in information security in a banking sector with mathematical aptitude.
- Solid technical background with understanding and/or government laws and circulars
- Ability to drive a culture of quality and personal accountability.
- Solid organizational skills including attention to detail and multi-tasking skills
- Strong people and management skills to interact with staff, colleagues, cross-functional teams and third parties.
- Able to work equally well in self-managed and team based projects.
- Excellent client-facing and internal communication skills
- Excellent written, verbal communication and presentation skills
- Regularly interacts with immediate superior
**JOB DESCRITION**
- Lead other staff members in the program design and to effect initiatives, programs or projects to meet those management and business objectives.
- Conduct periodic assessments and regular monitoring of campus information security controls and practices to ensure compliance with Client policy and regulatory requirements.
- Make recommendations for improving controls and practices to reduce risks related to information security.
- Participate in review and analysis of security products and services and make recommendations based on the needs of the Client Community.
- Assist with development and maintenance of Service Level Agreements and Operating Level Agreements.
- Performing network and other systems vulnerability assessments
- Assist with the management of the ITS policy portfolio.
**Salary**: Php60,000.00 - Php120,000.00 per month
**Benefits**:
- Flextime
- Work from home
Schedule:
- 8 hour shift
Supplemental Pay:
- 13th month salary
- Anniversary bonus
- Bonus pay
- Commission pay
- Performance bonus
- Quarterly bonus
- Yearly bonus
Ability to commute/relocate:
- Pasig City: Reliably commute or planning to relocate before starting work (required)
This advertiser has chosen not to accept applicants from your region.
8
Information Security Specialist
Manila, Metropolitan Manila
Trustwave
Posted today
Job Viewed
Job Description
As a recognized global cyber defender that stops cyber threats all day, every day - we enable our clients to conduct their business, securely.
Trustwave detects threats that others can’t see, enabling us to respond quickly and protect our clients from the devastating impact of cyberattacks. We leverage our world-class team of security consultants, threat hunters and researchers, and our market-leading security operations platform, to relentlessly identify and isolate threats with the right telemetry at the right time for the right response.
**The Role**:
The **Information Security Specialist** function provides a single point of contact for all security-related activities for designated customer accounts, and takes a key role by providing hands-on guidance in the development and implementation of security reporting functions as related to designated accounts. The Information Security Specialist function possesses a combination of skills including: security reporting, general security expertise and project management skills.
**Responsibilities**:
- Manage day-to-day operations of Tenable or other vulnerability management tools. Ensure that all of the various environments within Customers have adequate scans and assessments performed. Work with technology owners and platform leads to ensure vulnerabilities and issues are patched and remediated in a timely manner.
- Research and recommend emerging security technologies/tools to address current and future threats relevant to the environment
- Participate in security incident response process when required.
- Develop a vulnerability reporting framework to communicate key data points vertically and horizontally.
- Provide a single point of contact to the account management and delivery teams for all operational security related reporting for the customer account.
- Oversee the implementation and management of operational security reporting activities.
- On a regular weekly basis, meet with the account team to review security reports, status, review any risks, issues, incidents, and outstanding activities.
- Provide security-related education to ensure security awareness and knowledge of customer applicable security policies and processes to internal teams. Answers questions and concerns regarding customer applicable security policies and processes.
- Ensure that opportunities to improve security are identified.
- Offer executive-level presentations for the account or client management and proactively keep Trustwave senior leadership abreast of all account concerns.
**Skills and Knowledge Requirements**:
Must have advanced skills/knowledge in several of the following areas:
- Information Security Operations
- PCI DSS Compliance
- Demonstrated Project Management Engagements
- Software Development Lifecycle
- Routers and access control devices
- Unix / Linux operating systems
- TCP/IP networking
- Intermediate Knowledge of Common Technologies (SIEM, WAF, IDS, IPS, IVS, Endpoint Security)
**Desired experience**:
- ** Must have** hands on Vulnerability Management tool experience such as Qualys/ Tenable/ Rapid 7 with at least 2-3 years of experience. 5 years of overall security industry experience is preferable.
- Excellent customer service skills
- Excellent analytical thinking and problem solving skills
- Strong communication skills
- Self-managed/directed and team oriented
- Strong project management skills
- Deadline and detail oriented
- Highly self-motivated
**Why join us?
Trustwave detects threats that others can’t see, enabling us to respond quickly and protect our clients from the devastating impact of cyberattacks. We leverage our world-class team of security consultants, threat hunters and researchers, and our market-leading security operations platform, to relentlessly identify and isolate threats with the right telemetry at the right time for the right response.
**The Role**:
The **Information Security Specialist** function provides a single point of contact for all security-related activities for designated customer accounts, and takes a key role by providing hands-on guidance in the development and implementation of security reporting functions as related to designated accounts. The Information Security Specialist function possesses a combination of skills including: security reporting, general security expertise and project management skills.
**Responsibilities**:
- Manage day-to-day operations of Tenable or other vulnerability management tools. Ensure that all of the various environments within Customers have adequate scans and assessments performed. Work with technology owners and platform leads to ensure vulnerabilities and issues are patched and remediated in a timely manner.
- Research and recommend emerging security technologies/tools to address current and future threats relevant to the environment
- Participate in security incident response process when required.
- Develop a vulnerability reporting framework to communicate key data points vertically and horizontally.
- Provide a single point of contact to the account management and delivery teams for all operational security related reporting for the customer account.
- Oversee the implementation and management of operational security reporting activities.
- On a regular weekly basis, meet with the account team to review security reports, status, review any risks, issues, incidents, and outstanding activities.
- Provide security-related education to ensure security awareness and knowledge of customer applicable security policies and processes to internal teams. Answers questions and concerns regarding customer applicable security policies and processes.
- Ensure that opportunities to improve security are identified.
- Offer executive-level presentations for the account or client management and proactively keep Trustwave senior leadership abreast of all account concerns.
**Skills and Knowledge Requirements**:
Must have advanced skills/knowledge in several of the following areas:
- Information Security Operations
- PCI DSS Compliance
- Demonstrated Project Management Engagements
- Software Development Lifecycle
- Routers and access control devices
- Unix / Linux operating systems
- TCP/IP networking
- Intermediate Knowledge of Common Technologies (SIEM, WAF, IDS, IPS, IVS, Endpoint Security)
**Desired experience**:
- ** Must have** hands on Vulnerability Management tool experience such as Qualys/ Tenable/ Rapid 7 with at least 2-3 years of experience. 5 years of overall security industry experience is preferable.
- Excellent customer service skills
- Excellent analytical thinking and problem solving skills
- Strong communication skills
- Self-managed/directed and team oriented
- Strong project management skills
- Deadline and detail oriented
- Highly self-motivated
**Why join us?
This advertiser has chosen not to accept applicants from your region.
9