34 Information Security jobs in the Philippines
Information Security Senior Auditor
Posted today
Job Viewed
Job Description
**Work with Us. Change the World.**
At AECOM, we're delivering a better world. Whether improving your commute, keeping the lights on, providing access to clean water, or transforming skylines, our work helps people and communities thrive. We are the world's trusted infrastructure consulting firm, partnering with clients to solve the world's most complex challenges and build legacies for future generations.
There has never been a better time to be at AECOM. With accelerating infrastructure investment worldwide, our services are in great demand. We invite you to bring your bold ideas and big dreams and become part of a global team of over 50,000 planners, designers, engineers, scientists, digital innovators, program and construction managers and other professionals delivering projects that create a positive and tangible impact around the world.
We're one global team driven by our common purpose to deliver a better world. Join us.
**Job Description**
**Job Brief**
The primary function is to perform advisory and assurance projects of Audit Services Group (ASG) focused on IT, information security and data privacy risks. ASG is responsible for evaluating the adequacy and effectiveness of the company's systems of internal controls that guide company activities toward accomplishing key business objectives.
**Duties and Responsibilities**
+ Participate in planning, scoping and execution of risk-based IT, information security, and data privacy assurance and advisory projects in accordance with the Institute of Internal Auditors (IIA) and ASG standards
+ Perform test of design and operating effectiveness of controls
+ Effectively communicate audit results to management
+ Work with stakeholders to develop actions plans that address root cause of findings
+ Anticipate the impact of new technologies and strategic initiatives of the Company on its information security and privacy risk profile
+ Demonstrate up-to-date knowledge in information security and privacy and apply this to the development, execution and improvement of audit programs and recommendations
+ Develop and maintain productive working relationships with stakeholders, while maintaining independence and objectivity.
+ Contribute to various department initiatives to streamline processes, improve stakeholder experience, and increase productivity.
+ Contribute specialized expertise to different assigned projects and may provide key updates to Project Lead and Manager.
**Qualifications**
**Minimum Requirements**
+ Bachelor's degree in management information systems, computer science, accounting, finance, or other IT related fields is required
+ At least 4 years of IT auditing, technology, information security, privacy or other relevant work experience is required
+ Must have strong verbal and written communication skills; fluency in English is required
+ Knowledge of auditing cloud services, encryption technology, mobile technology, application security, software development methodologies, and common security frameworks preferred
+ Ability to travel up to 30% including international travel (valid passport required)
+ Professional certifications (e.g., CIA, CISA, CISSP) are preferred
**Additional Information**
**About AECOM**
AECOM is proud to offer comprehensive benefits to meet the diverse needs of our employees. Depending on your employment status, AECOM benefits may include medical, dental, vision, life, AD&D, disability benefits, paid time off, leaves of absences, voluntary benefits, perks, flexible work options, well-being resources, employee assistance program, business travel insurance, service recognition awards, retirement savings plan, and employee stock purchase plan.
AECOM is the global infrastructure leader, committed to delivering a better world. As a trusted professional services firm powered by deep technical abilities, we solve our clients' complex challenges in water, environment, energy, transportation and buildings. Our teams partner with public- and private-sector clients to create innovative, sustainable and resilient solutions throughout the project lifecycle - from advisory, planning, design and engineering to program and construction management. AECOM is a Fortune 500 firm that had revenue of $16.1 billion in fiscal year 2024. Learn more at aecom.com.
**What makes AECOM a great place to work**
You will be part of a global team that champions your growth and career ambitions. Work on groundbreaking projects - both in your local community and on a global scale - that are transforming our industry and shaping the future. With cutting-edge technology and a network of experts, you'll have the resources to make a real impact. Our award-winning training and development programs are designed to expand your technical expertise and leadership skills, helping you build the career you've always envisioned. Here, you'll find a welcoming workplace built on respect, collaboration and community - where you have the freedom to grow in a world of opportunity.
As an Equal Opportunity Employer, we believe in your potential and are here to help you achieve it. All your information will be kept confidential according to EEO guidelines.
**ReqID:** J
**Business Line:** Geography OH
**Business Group:** DCS
**Strategic Business Unit:** GBS
**Career Area:** Finance
**Work Location Model:** Hybrid
Info Security Risk Consultant - IT or IS Compliance and Audit

Posted 2 days ago
Job Viewed
Job Description
Build out the Regulatory and Policy team and will support the expansion of coverage for NYDFS/HIPPASR and EIRA including addition of 34 legal entities and 1500+ applications, as well as the alignment of UHG policy to standard framework.
**Primary Responsibility:**
+ Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so
**Required Qualifications:**
+ Undergraduate degree or equivalent experience
+ College degree in Information Systems or similar
+ 5+ years of experience in IT audit, risk governance, or risk assessment
+ Experience working with risk assessment frameworks such as HIPAA, NIST, HITRUST, etc.
_At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission._
_Optum is a drug-free workplace. © 2025 Optum Global Solutions (Philippines) Inc. All rights reserved._
Principal Info Security Engineer

Posted 2 days ago
Job Viewed
Job Description
**Primary Responsibilities:**
+ Analyze, remediate, and approve firewall rules/policies in accordance with enterprise established standards and compliance requirements.
+ Making critical decisions on enterprise security policies
+ Utilizing the security monitoring tools to support audits (Ex: AlgoSec)
+ Reporting and reviewing the compliance status and taking remediation actions
+ Determine the severity and complexity of issues pertaining to the security and protection of systems data, (autonomously or as part of a team) to ensure the protections, conservation and accountability of proprietary, personal, or privileged electronic data
+ Collaborate with director, managers, and other technical personnel to ensure mitigation of security risks pertaining to the company
+ Defines, implements, audits, and maintains firewall security policies
+ Promote the development of innovative approaches and solutions to complex problems and issues
+ Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so
**Required Qualifications:**
+ 7+ years of Palo Alto Firewall experience
+ 5+ years of Cloud Security experience
+ 5+ years of Security Architect experience
+ 5+ years of Firewall rule/policy compliance and governance experience
+ 5+ years of Firewall rule analysis and remediation experience
+ Proven communication skills for team and customer engagement
+ Proven team player
**Preferred Qualifications:**
+ Splunk experience
+ AlgoSec experience
+ Proven leadership skills
**Other Requirements**
+ Needs to work 40+ hours per week
+ Required shift will be 8-5 CST
+ Needs to meet RTO requirements
_At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission._
_Optum is a drug-free workplace. © 2025 Optum Global Solutions (Philippines) Inc. All rights reserved._
Senior Research Scientist - Network Security

Posted 2 days ago
Job Viewed
Job Description
Senior Research Scientist - Network Security
**About** **Trellix:**
**Trellix, the trusted CISO ally, is redefining the future of cybersecurity and soulful work.** Our comprehensive, GenAI-powered platform helps organizations confronted by today's most advanced threats gain confidence in the protection and resilience of their operations. Along with an extensive partner ecosystem, we accelerate technology innovation through artificial intelligence, automation, and analytics to empower over 53,000 customers with responsibly architected security solutions.
We also recognize the importance of closing the 4-million-person cybersecurity talent gap. We aim to create a home for anyone seeking a meaningful future in cybersecurity and look for candidates across industries to join us in soulful work. More at .
**_Role Overview:_**
We are looking for a Senior Research Scientist to help us build and expand
Trellix Network Detection and Response. The ideal candidate is someone who is passionate about solving real problems by turning cutting edge research into operational production solutions. In this role, you will focus on analyzing network-based attacker behavior and develop innovative solutions to address emerging challenges in the field of networking.
**Responsibilities:**
+ Research attacker methodologies and develop innovative solutions to identify detection solutions
+ Knowledge on how machine learning can be applied in networking problems
+ Perform data analysis to measure efficacy and identify methodologies to improve existing solutions
+ Forward Looking Research - Researcher will help develop leading edge prototypes to solve emerging challenges.
+ Threat Analytics - Leverage threat intelligence from different sources, identify patterns to co-relate and establish the origin and flow of attacks.
+ Drive roadmap for detection efficacy and network research operation
**Requirements:**
+ Total 8 to 14years experience with at least three years direct or equivalent experience in areas of network-based threats and other aspects of cyber attacks.
+ Strong understanding of networking protocols (e.g., TCP/IP) and network architecture.
+ Proficiency in programming languages such as Python, C++, or Java.
+ Knowledge of cybersecurity principles and practices
+ Strong analytical, problem-solving, and communication skills
**Preferred:**
+ Hands-on reverse engineering and knowledge of operating system internals.
+ Red teaming experience on various techniques
+ Machine learning experience
**Additional Qualifications**
Above all, the right passion and attitude to solve new challenges
**_Company Benefits and Perks:_**
We believe that the best solutions are developed by teams who embrace each other's unique experiences, skills, and abilities. We work hard to create a dynamic workforce where we encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees.
+ Retirement Plans
+ Medical, Dental and Vision Coverage
+ Paid Time Off
+ Paid Parental Leave
+ Support for Community Involvement
We're serious about our commitment to a workplace where everyone can thrive and contribute to our industry-leading products and customer support, which is why we prohibit discrimination and harassment based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.
Senior Manager, SAP Basis Security Governance

Posted 2 days ago
Job Viewed
Job Description
MANILA NET PARK OFFICE
Job Description
We are seeking a highly skilled and experienced professional to assume the role of Senior Manager, SAP Basis Security Governance. In this strategic position, you will support our SAP systems' "second line of defense" activities, ensuring compliance, risk management, vulnerability management, and control effectiveness across the entire SAP ecosystem, including the platform, database, and operating system. You will be responsible for establishing P&G's SAP Security Risk and Compliance Management framework, including controls monitoring and automation. Your expertise will be crucial in maintaining the integrity of our SAP landscape and supporting the organization's overall risk management framework. The SAP Security Governance Team oversees, assesses, and manages risk and compliance activities, develops and deploys the Risk and Compliance Management framework, and serves as an expert in the SAP Risk and Compliance domain.
In your role, you will govern key access management, technology controls, hardening, business continuity, resilience, and cybersecurity efforts in collaboration with the Director of SAP Security Second Line of Defense. You will play a critical role in ensuring the integrity, confidentiality, and availability of our SAP systems by governing the design and implementation of robust security measures, managing SAP vulnerabilities, and ensuring compliance with relevant regulations and standards. Additionally, you will help develop vulnerability remediation and risk management processes, help establish SAP security baseline and oversee its implementation. This role requires strategic partnerships with first line of defense teams, internal stakeholders, and external partners to design, adopt, and integrate effective controls while promoting control automation. The ideal candidate will possess in-depth working knowledge of Basis architecture, industry trends, standards, and proficiency with the latest cybersecurity tools and processes, contributing to a secure and efficient SAP environment that supports our business processes and objectives.
Job Responsibilities
+ Provide technical governance and is responsible for reviewing and further evolving best practices, polices, standards, framework, guidelines and approach
+ Contributes to IT project governance reviews and provides the necessary application governance in support of our standards
+ Support the SAP Security Strategy and Governance Framework on an operational level, acting as both a controls framework specialist and control monitoring / automation tool specialist, supporting security related tasks across lines of defense
+ Support the development, deployment, and continuous improvement of SAP risk management strategies and frameworks.
+ Enforce compliance with relevant industry standards, regulations, and internal IT policies related to SAP systems.
+ Work closely with internal audit teams to ensure SAP-related audits are conducted effectively and timely, addressing any findings or deficiencies.
+ Design and implement robust control frameworks for SAP processes, collaborating with process owners and IT teams to ensure controls are practical and effective.
+ Deliver and maintain incident response plans for SAP systems, ensuring the organization is prepared to address potential security breaches or operational disruptions.
+ Establish proper governance to control and proactively spot problems, vulnerabilities, and changes in the underlying systems' risk profile.
+ Help application, product, and information owners understand the overall risk profile so that the proper controls may be introduced.
+ Proactively identify, assess, and manage inherent risks in our system and promote a risk-mitigating culture.
+ Identify threats, risks, vulnerabilities, and relevant mitigation methods to support risk decisions and carry out security risk assessment operations.
+ Stay up to date with SAP security trends, patches, and vulnerabilities to ensure the protection of SAP environments.
+ Recommend improvements to security policies, role configurations, and user access processes.
+ Foster strong working relationships with various customers, including IT, finance, legal, compliance, and external auditors, to align SAP second line of defense activities with broader organizational objectives.
+ Support Director of SAP Security Governance: Risk and Compliance Management and be a part of a high-performing team responsible for SAP risk management, controls, and compliance activities.
+ Support Director of SAP Security Governance: Risk and Compliance Management communicate risks and outages up to management and across lines of defense for remediation.
Job Qualifications
Required
+ Bachelor's degree in business, Information Systems, or a related field
+ Extensive experience (5+ years) in Audit, risk management, internal controls, compliance, or a related field, focusing on SAP systems.
+ Extensive and broad-based experience and expertise with all stacks of SAP infrastructure and Application stack with demonstrated understanding of SAP Security, Risk, and compliance control within a large and diverse enterprise environment or business community.
+ Knowledge of SAP Automation Tools such as; SAP Focus Run, SAP Solution Manager, Security Weaver, Security Bridge.
+ Solid understanding of SAP processes, modules, and configurations, including ECC, S/4HANA, BTP, SAP Platform Basis, HANA DB, Integration, OS, and related technologies.
+ Proficient in SAP security administration, encompassing OS and HANA database environments, including knowledge of authorization concepts, deployment, and implentation of security controls, conducting audits and vulnerability assessments, alignment to standard methodologies, user management, fix, collaboration with multi-functional teams, and risk mitigation.
Preferred
+ Master's degree preferred in business, Information Systems, or a related field.
+ Ideally, knowledge of the P&G information security framework and the SAP Enterprise Security Control Framework
+ Demonstrable record of accomplishment of leading and managing multi-functional teams, fostering collaboration, and achieving results.
+ Identifying key risks and controls, knowledge of Sarbanes Oxley readiness controls optimization, and configuring controls around security, business process, and within the GRC modules.
+ Knowledge of IT SAP security tools such as code scanners, GRC tools, or tools for SAP SoD monitoring.
+ Relevant certifications such as Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), SAP HANATEC or equivalent are a plus. Experience in working with regulatory requirements and industry standards (e.g., SOX, GDPR) about SAP systems.
+ Knowledge of the NIST cybersecurity framework.
+ Traditional/waterfall and agile project management skills, strong analytical and problem-solving abilities, with keen attention to detail
+ Leading teams to generate a vision, establish direction and motivate members, create an atmosphere of trust, leverage diverse views, coach staff, and encourage improvement and innovation.
About us
We produce globally recognized brands and we grow the best business leaders in the industry. With a portfolio of trusted brands as diverse as ours, it is paramount our leaders are able to lead with courage the vast array of brands, categories and functions. We serve consumers around the world with one of the strongest portfolios of trusted, quality, leadership brands, including Always®, Ariel®, Gillette®, Head & Shoulders®, Herbal Essences®, Oral-B®, Pampers®, Pantene®, Tampax® and more. Our community includes operations in approximately 70 countries worldwide.
Visit to know more.
We are an equal opportunity employer and value diversity at our company. We do not discriminate against individuals on the basis of race, color, gender, age, national origin, religion, sexual orientation, gender identity or expression, marital status, citizenship, disability, HIV/AIDS status, or any other legally protected factor.
Job Schedule
Full time
Job Number
R
Job Segmentation
Experienced Professionals (Job Segmentation)
Security Engineer I

Posted 2 days ago
Job Viewed
Job Description
The Security Engineer I is an entry-level position and will perform tasks centered on network environments.
SOC Security Engineer I
Responsibilities
Will be part of SOC team, building experience while leveraging the team's expertise to accelerate learning and understanding of the SOC and Information Security. The role will protect IT infrastructure from a range of cyber threats. Monitor networks and systems, detect security threats ('events'), analyze and assess alarms, and report on threats, intrusion attempts and false alarms, either resolving them or escalating them, depending on the severity.
+ Monitor and respond to security alerts generated by technologies such as SIEM, IDS, EDR or security reports sent directly to the information security mailboxes within a given SLA
+ Performing triage, in-depth analysis and investigation as guided by processes and playbooks
+ Assist with incident response and post incident reviews
+ Respond to security related service requests
+ Conduct security investigations using historical data
+ Conduct investigations with a wide range of data sets across multiple customer environments
+ Develop and maintain a strong relationship with the client, IT and Information Security teams.
Requirements
+ Bachelor's Degree holder
+ Excellent communication skills
+ Ability to work on a shift rotation, including working regular weekends and nightshifts
+ a passion for cyber security and a keen interest in IT
+ an understanding of the cyber security risks associated with various technologies and ways to manage them
+ a good working knowledge of various security technologies such as network and application firewalls, host intrusion prevention and anti-virus
+ analytical and problem-solving skills to identify and assess risks, threats, patterns and trends
+ verbal communication skills, including presentation skills, with an ability to communicate with a range of technical and non-technical team members and other relevant individuals
+ written communication skills, for example to write technical reports
+ excellent attention to detail
We are committed to providing a fair and accessible hiring process. If you have a disability or other need that requires accommodation or adjustment, please let us know by completing our Applicant Request Support Form or please contact .
Criminals may pose as recruiters asking for money or personal information. We never request money or banking details from job applicants. Learn more about spotting and avoiding scams here .
Please read our Candidate Privacy Policy .
We are an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law.
USA Job Seekers:
EEO Know Your Rights .
RELX is a global provider of information-based analytics and decision tools for professional and business customers, enabling them to make better decisions, get better results and be more productive.
Our purpose is to benefit society by developing products that help researchers advance scientific knowledge; doctors and nurses improve the lives of patients; lawyers promote the rule of law and achieve justice and fair results for their clients; businesses and governments prevent fraud; consumers access financial services and get fair prices on insurance; and customers learn about markets and complete transactions.
Our purpose guides our actions beyond the products that we develop. It defines us as a company. Every day across RELX our employees are inspired to undertake initiatives that make unique contributions to society and the communities in which we operate.
Security Engineer I

Posted 2 days ago
Job Viewed
Job Description
Will be part of SOC team, building experience while leveraging the team's expertise to accelerate learning and understanding of the SOC and Information Security. The role will protect IT infrastructure from a range of cyber threats. Monitor networks and systems, detect security threats ('events'), analyze and assess alarms, and report on threats, intrusion attempts and false alarms, either resolving them or escalating them, depending on the severity.
+ Monitor and respond to security alerts generated by technologies such as SIEM, IDS, EDR or security reports sent directly to the information security mailboxes within a given SLA
+ Performing triage, in-depth analysis and investigation as guided by processes and playbooks
+ Assist with incident response and post incident reviews
+ Respond to security related service requests
+ Conduct security investigations using historical data
+ Conduct investigations with a wide range of data sets across multiple customer environments
+ Develop and maintain a strong relationship with the client, IT and Information Security teams.
Requirements
+ Bachelor's degree holder
+ Excellent communication skills
+ Ability to work on a shift rotation, including working regular weekends and nightshifts
+ a passion for cyber security and a keen interest in IT
+ an understanding of the cyber security risks associated with various technologies and ways to manage them
+ a good working knowledge of various security technologies such as network and application firewalls, host intrusion prevention and anti-virus
+ analytical and problem-solving skills to identify and assess risks, threats, patterns and trends
+ verbal communication skills, including presentation skills, with an ability to communicate with a range of technical and non-technical team members and other relevant individuals
+ written communication skills, for example to write technical reports
+ excellent attention to detail
We are committed to providing a fair and accessible hiring process. If you have a disability or other need that requires accommodation or adjustment, please let us know by completing our Applicant Request Support Form or please contact .
Criminals may pose as recruiters asking for money or personal information. We never request money or banking details from job applicants. Learn more about spotting and avoiding scams here .
Please read our Candidate Privacy Policy .
We are an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law.
USA Job Seekers:
EEO Know Your Rights .
RELX is a global provider of information-based analytics and decision tools for professional and business customers, enabling them to make better decisions, get better results and be more productive.
Our purpose is to benefit society by developing products that help researchers advance scientific knowledge; doctors and nurses improve the lives of patients; lawyers promote the rule of law and achieve justice and fair results for their clients; businesses and governments prevent fraud; consumers access financial services and get fair prices on insurance; and customers learn about markets and complete transactions.
Our purpose guides our actions beyond the products that we develop. It defines us as a company. Every day across RELX our employees are inspired to undertake initiatives that make unique contributions to society and the communities in which we operate.
Be The First To Know
About the latest Information security Jobs in Philippines !
Data Privacy Compliance Analyst

Posted 2 days ago
Job Viewed
Job Description
To support the business in its efforts to integrate Compliance-by-Design into our business-as-usual practices, the RX Global Privacy Office have developed the Compliance Shared Service Centre to support the business in the completion of the various compliance, procurement and legal processes linked to the procurement of a new vendor or the development of internal tools / services.
Accountabilities:
+ To manage the global inbox of external privacy enquiries, ensuring that enquiries are quickly and accurately categorised by jurisdictional requirement and right exercised (assisted by the online form process and ServiceNow configuration);
+ To liaise with the appropriate BU SPOC to collate the relevant information in line with the request, as-well-as the policies, toolkits and templates provided by the Privacy Office;
+ To pull together a draft response / disclosure bundle, including any recommendations for exemptions in line with the relevant legislation, for approval by the relevant BU SPOC and the Privacy Office;
+ To keep accurate, comprehensive and timely case notes on actions taken, personnel contacted and exemptions applied (including justifications);
+ To respond to requests on behalf of each BU within the set timescales (28 calendar days for most jurisdictions);
+ To follow the escalation process set by the Privacy Office where SLAs are not met by BUs;
+ To provide the Privacy Office monthly MI measuring compliance with the various global requirements, broken down by BU (templates provided);
+ To raise any concerns, queries or issues for immediate attention of the Privacy Office; and
+ Assisting in audit reporting processes that are relevant to the above activities;
+ General updates, design flow, enhancements (as necessary) in the systems used
Qualifications:
+ Bachelor's Degree holder (any field)
+ Open to fresh graduates with excellent communication skills
+ Preferably with 1 year of solid experience in Customer Service functions under Technical, Financial, Insurance or the likes
+ Fluency and articulate or can confidently express itself in English
LexisNexis, a division of RELX, is an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law. We are committed to providing a fair and accessible hiring process. If you have a disability or other need that requires accommodation or adjustment, please let us know by completing our Applicant Request Support Form: , or please contact .
Please read our Candidate Privacy Policy ( .
RELX is a global provider of information-based analytics and decision tools for professional and business customers, enabling them to make better decisions, get better results and be more productive.
Our purpose is to benefit society by developing products that help researchers advance scientific knowledge; doctors and nurses improve the lives of patients; lawyers promote the rule of law and achieve justice and fair results for their clients; businesses and governments prevent fraud; consumers access financial services and get fair prices on insurance; and customers learn about markets and complete transactions.
Our purpose guides our actions beyond the products that we develop. It defines us as a company. Every day across RELX our employees are inspired to undertake initiatives that make unique contributions to society and the communities in which we operate.
Information Security Analyst II

Posted 2 days ago
Job Viewed
Job Description
To manage all RX security assessments and play a key part in ensuring RX's security compliance optimization. Monitor assessments while ensuring that Reed Exhibitions internal systems are compliant with RELX and industry standards. Proactively manage the third-party risk assessments, compliance evidence gathering of their IT services, infrastructure, applications and relevant services against their Security policies and related frameworks. Training and development will be provided in all areas of the role as required.
Key Responsibilities:
Security Assessment Management
+ Serve as an advanced technical advisor for third-party assessments, providing detailed security insights and solutions.
+ Perform in-depth security reviews and risk assessments for new and existing third-party vendors, ensuring compliance with organizational and regulatory requirements.
+ Demonstrate advanced knowledge in RELX security compliance policies and procedures.
+ Stay current with updates and developments in security standards such as OWASP Top 10, ISO27001, and SOC 2, and ensure their proper implementation across the organization.
+ Develop and deliver training and awareness on security policies and standards to business units.
+ Gain in-depth knowledge of the organization's major infrastructure security controls, ensuring they align with RELX Policies and Standards, industry best practices, and regulatory requirements.
+ Coordinate with technology/service owners and business owners to conduct annual security audits, vulnerability assessments, and penetration tests where applicable.
+ Work collaboratively within all business areas and key stakeholders to ensure the review and approach of all security governance, risk, and compliance scope is appropriate and proactive.
+ Ensure continuous monitoring and reporting of compliance and risk status against NIST2.0, RELX Framework, ISO27001, SOC2, PCI DSS, regional and global regulations, and all other relevant standards.
+ Support internal and external audits by providing detailed documentation and evidence of security controls and practices.
+ Perform RX Business Unit and Third-Party security audits according to the CISO office strategic plan and produce detailed documentation and evidence against security controls and practices tested.
+ Act as a point of escalation for security-related incidents, providing advanced security support and guidance to Level I Analysts and other team members.
+ Provide regular updates and at least monthly metric reports to senior management on security compliance and risk posture.
+ Escalation of high impact security issues to Security Compliance Manager.
Ideal candidate profile:
Technical Skills:
+ Bachelor's Degree holder.
+ Background in IT, compliance, and/or information security.
+ Ability to work across all levels of seniority within business teams to drive a working partnership.
+ Strong analytical and critical thinking skills.
+ Understanding of industry standards for IT security (e.g., ISO27001/2, SOC 2, PCI DSS).
+ Basic understanding of IT security applications (e.g., firewalls, intrusion detection, virus protection).
+ Understanding of IT security testing and vulnerability management, and Threat Modeling.
+ Understanding in Cloud Environment (e.g., AWS, Azure or GCP)
+ Understanding of Service Level Management.
+ Desired understanding of OneTrust portal or Similar.
+ With CompTIA Security+ or Similar or Higher.
Personal Skills:
+ Ability to work across all levels of seniority within the organization and suppliers to drive a working partnership.
+ Good communication skills at all levels, both oral and written.
+ Good interpersonal skills.
+ Ability to produce effective influence and persuasive arguments in support of security assessment process goals.
+ Highly driven and self-motivated individuals.
+ Skilled in project management and able to work independently in a fast-paced environment.
We are committed to providing a fair and accessible hiring process. If you have a disability or other need that requires accommodation or adjustment, please let us know by completing our Applicant Request Support Form or please contact .
Criminals may pose as recruiters asking for money or personal information. We never request money or banking details from job applicants. Learn more about spotting and avoiding scams here .
Please read our Candidate Privacy Policy .
We are an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law.
USA Job Seekers:
EEO Know Your Rights .
RELX is a global provider of information-based analytics and decision tools for professional and business customers, enabling them to make better decisions, get better results and be more productive.
Our purpose is to benefit society by developing products that help researchers advance scientific knowledge; doctors and nurses improve the lives of patients; lawyers promote the rule of law and achieve justice and fair results for their clients; businesses and governments prevent fraud; consumers access financial services and get fair prices on insurance; and customers learn about markets and complete transactions.
Our purpose guides our actions beyond the products that we develop. It defines us as a company. Every day across RELX our employees are inspired to undertake initiatives that make unique contributions to society and the communities in which we operate.
Security Detection Engineer Manager

Posted 2 days ago
Job Viewed
Job Description
**Are You Ready to Make It Happen at Mondelēz International?**
**Join our Mission to Lead the Future of Snacking. Make It Uniquely Yours.**
We are seeking a skilled and motivated Security Detection Manager to join our security team. In this role, you will be designing and implementing detection content to identify and mitigate security threats, leading a team of security detection developers, serving as the primary subject matter expert, and actively contributing individually to critical detection initiatives. The ideal candidate will have a strong background in cybersecurity, an in-depth understanding of threat landscapes, and experience with various security technologies and platforms.
**What you will bring**
A desire to drive your future and accelerate your career. You will bring experience and knowledge in:
· Design and develop detection rules and policies to identify cybersecurity threats across a wide range of platforms and technologies.
· Collaborate with security analysts, threat hunt, and threat intelligence to understand emerging threats and devise effective detection strategies.
· Perform continuous monitoring and analysis of the threat landscape to update and refine detection mechanisms.
· Work closely with the incident response team to provide actionable intelligence and improve response capabilities.
· Validate and tune detection content to minimize false positives and ensure high accuracy and efficiency.
· Lead and manage the team responsible for maintaining and enhancing the organization's security detection repository within the SIEM, ensuring it remains up to date with the latest threats and attack techniques.
· Stay abreast of the latest cybersecurity trends, tools, and technologies to continuously improve detection methodologies.
· Help make strategic decisions to address and prioritize security detection gaps and mature the overall security detection program.
**More about this role**
The role requires a blend of technical experience, creativity, leadership, and strategic thinking, making it an ideal fit for someone passionate about making a difference in our security platforms. If you're ready to take on this challenge and contribute to protecting critical assets and information, we want to hear from you.
**Job specific requirements:**
· Bachelor's degree in Computer Science, Information Security, or a related field.
· Advanced degrees or certifications (e.g., CISSP, GCDA, GCFA. GREM, OSCP) are a plus.
· At least 5 years of experience in cybersecurity, with a focus on threat detection, analysis, and incident response, including experience in a lead or managerial capacity.
· Strong knowledge of security information and event management (SIEM) systems, log management solutions, and detection platforms.
· Proficiency in scripting and programming languages such as Python, PowerShell, or Bash.
· Familiarity with attack patterns, tactics, techniques, and procedures (TTPs) used by cyber adversaries.
· Experience with cloud security and understanding of cloud-based threat detection strategies.
· Excellent analytical and problem-solving skills, with the ability to think creatively to develop innovative detection solutions.
· Strong communication and collaboration skills, with the ability to work effectively in a team environment and interact with other departments.
· Demonstrated ability to mentor team members, set strategic direction, and lead by example in technical execution.
No Relocation support available
**Business Unit Summary**
**At Mondelēz International, our purpose is to empower people to snack right by offering the right snack, for the right moment, made the right way. That means delivering a broad range of delicious, high-quality snacks that nourish life's moments, made with sustainable ingredients and packaging that consumers can feel good about.**
**We have a rich portfolio of strong brands globally and locally including many household names such as** **_Oreo_** **,** **_belVita_** **and** **_LU_** **biscuits;** **_Cadbury Dairy Milk_** **,** **_Milka_** **and** **_Toblerone_** **chocolate;** **_Sour Patch Kids_** **candy and** **_Trident_** **gum. We are proud to hold the top position globally in biscuits, chocolate and candy and the second top position in gum.**
**Our 80,000 makers and bakers are located in more** **than 80 countries** **and we sell our products in** **over 150 countries** **around the world. Our people are energized for growth and critical to us living our purpose and values. We are a diverse community that can make things happen-and happen fast.**
Mondelēz International is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation or preference, gender identity, national origin, disability status, protected veteran status, or any other characteristic protected by law.
**Job Type**
Regular
Information Security
Technology & Digital
At Mondelēz International, our purpose is to empower people to snack right through offering the right snack, for the right moment, made the right way. That means delivering a broader range of delicious, high-quality snacks that nourish life's moments, made with sustainable ingredients and packaging that consumers can feel good about.
We have a rich portfolio of strong brands - both global and local. Including many household names such as Oreo, belVita and LU biscuits; Cadbury Dairy Milk, Milka and Toblerone chocolate; Sour Patch Kids candy and Trident gum. We are proud to hold the number 1 position globally in biscuits, chocolate and candy as well as the No. 2 position in gum
Our 80,000 Makers and Bakers are located in our operations in more than 80 countries and are working to sell our products in over 150 countries around the world. They are energized for growth and critical to us living our purpose and values. We are a diverse community that can make things happen, and happen fast.
Join us and Make It An Opportunity!
Mondelez Global LLC is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected Veteran status, sexual orientation, gender identity, gender expression, genetic information, or any other characteristic protected by law. Applicants who require accommodation to participate in the job application process may contact for assistance.