14 Information Security jobs in the Philippines

COMPANY PROFILE: Develop significant traveler supplier ties outside of the United States. Known as one of the country's top travel companies.
br>Position: Information Security Engineer
Company Industry: Travel Industry
Work Location: Makati Site, QC, Alabang, Cebu, and Bacolod
Work Schedule: Flexible Schedule, Rotational Shift
Salary: Php 40,000-60,000
Work Set Up: Onsite/Hybrid

JOB REQUIREMENTS:
• Bachelor’s degree in Computer Science, Information Technology, or related fields.
• W th strong verbal and written communication skills, with technical writing experience. < r>• W th relevant certifications is advantage (e.g., CompTIA Security+, GSEC, CEH, CISSP, etc.) < r>• E perience in cloud, network, server and database security < r>
JOB RESPONSIBILITIES:
• O ersee the establishment, dissemination, and regular revisions to CTPI's information security policy. < r>• E sure policies are consistent with developing threats, industry best practices, and standards such as ISO 27001 and SOC 2. < r>• W rk with subject matter experts (SMEs) to identify vulnerabilities in networks, hardware, software, and procedures. < r>• P ovide security solutions and guidance for system and software development in accordance with ISDP policies. < r>• P ovide Level 1 cybersecurity incident response (CIRT), including threat analysis and security event evaluations. < r>• M ke recommendations regarding incident management and mitigation. < r>• P epare and present cybersecurity reports to management. < r>• S ay current on industry developments, technology, and processes to consistently strengthen CTPI's security posture. < r>
RECRUITMENT PROCESS: (ONLINE)
Initial Interview
Technical Assessment
Final Interview
Job offer

URGENT HIRING!
br>FRESH GRADUATES CAN ALSO APPLY!

Our company is looking for Site Acquisition Specialist that can start immediately.

Job Qualifications:
• Graduate of any four-year course. Fresh Graduates are welcome to apply (with experience is an advantage) < r>• Computer literate – MS/Excel/Power Point.
• Willing to render overtime if needed. < r>• Willing to do fieldwork and other duties assigned. < r>• Willing to undergo trainings (2 weeks) < r>
Site: NCR

Job Responsibilities:
• Conduct survey and proper joint technical survey document. < r>• Secure and coordinate with building/lot owner as to the rental and contract execution, government permits and licenses.

JOB DETAILS :
COMPANY PROFILE: A company which is a provider of healthcare technology that offers hospitals, health systems, and other healthcare providers. br>
Position: SOC Analyst
Company Industry: Healthcare & Medical industry
Work Location: Quezon City
Work Schedule: Night Shift / Rotating Schedule
Salary: Php 60,000–Php100,000 gross < r>Work Setup: Hybrid (4 days onsite, 1 day remote)

BENEFITS :
-Government Mandated Benefits
-Insurance
-13th Month Pay
-SL and VL
-Direct employment

JOB REQUIREMENTS:
• 2-4 years of experience in security operations, networking, or related InfoSec roles < r>• Strong knowledge of security, monitoring, and networking tools, protocols, and standards < r>• Experience with Network Security, Firewall Security, and Web Security (WAFs, proxies) < r>• Familiarity with industry standards such as ISO 27001, HIPAA, SOX < r>• Proven ability to investigate, document, and report information security issues < r>
JOB RESPONSIBILITIES:
• Monitor and analyze security incidents across network and systems < r>• Conduct investigations on potential security threats or breaches < r>• Implement and maintain security tools and threat detection systems < r>• Collaborate with teams to enhance the organization’s security posture

RECRUITMENT PROCESS (ONLINE):
• HR Interview < r>• Technical Assessment < r>• Hiring Manager Interview < r>• Job Offer

We’re looking for an experienced IT Security Manager to lead and strengthen our security operations. This role is critical in ensuring our systems, data, and infrastructure remain protected in a fast-evolving threat landscape. You'll be responsible for managing security frameworks, driving compliance initiatives, and leading incident response efforts. If you have a strong grasp of IT risk management, security architecture, and regulatory standards, we want to hear from you.
br>What You’ll Do: < r>Develop and enforce security policies, procedures, and standards across the organization
Manage risk assessments, audits, and compliance activities (e.g., ISO 27001, GDPR, or similar)
Monitor security tools and lead the response to potential threats or incidents
Oversee vulnerability assessments and penetration testing efforts
Collaborate with cross-functional teams to implement secure systems and practices
Keep up with the latest security trends, tools, and best practices
Provide guidance and training to internal teams on cybersecurity awareness

What We’re Looking For: < r>
Proven experience in IT security or cybersecurity leadership roles
Solid understanding of network security, endpoint protection, identity & access management, and cloud security
Hands-on experience with SIEM, firewalls, IDS/IPS, and other security tools
Familiarity with compliance standards and regulatory frameworks (e.g., ISO, NIST, PCI-DSS)
Strong communication and leadership skills
Relevant certifications (e.g., CISSP, CISM, CISA) are a plus
If you’re ready to take the lead on security initiatives and make an impact, apply now. Let’s build a safer digital future together.

_We're looking for an_ **_Information Security Manager, IT Controls GRC_** _to join our ETS Control and Governance team at MBPS. In this role, you are expected to define and maintain a standard access model for cloud resources, review and approve access requests every day within the committed SLA. You will enhance existing automation to make the review and approval task more efficient. Furthermore, you will drive remediation of deviations from the standard access model._
**Position Responsibilities:**
+ Define and communicate the standard access model for various access level to resources in the Public Cloud service.
+ Own the intake channels including SNOW Process and IaC Pipelines.
+ Manage access authorization for public cloud resources.
+ Perform access review and approval on a daily basis with the committed SLAs.
+ Develop/enhance automation for intake, review, and implementation.
+ Monitor assignment of privileged roles on a daily basis.
+ Discover and remediate deviations from approved access model in the existing environment.
+ Maintain an exception process and tracks temporary elevation of privileges.
**Required Qualifications:**
+ University/College graduate with 5 years of progressive experience related to identity and access management, cloud security
+ Strong security mindset, Knowledge and understanding of any industry standard Access Management Framework, Principal of Least Privileged Access, Just-in-Time Access, RBAC and ABAC etc.
+ Strong "automation-first" mindset. Writes automation(s) to streamline common tasks, tests, and workflows.
+ Knowledge of following cloud platforms and Devop tools: Azure, Terraform, Github, GitHub Actions, Python, JIRA, Confluence,
+ **_Amenable to work in UP Ayala Technohub (Quezon City)_**
+ **_Amenable to work in a hybrid set-up (3x a week onsite)_**
+ **_Amenable to work in a fixed night shift schedule_**
**Preferred Qualifications:**
+ Self-driven, able to meet objectives with a minimal amount of managerial oversight/supervision.
+ A team player who can interact with various internal functions such as business unit security officers, security engineers, reliability engineers, DevOps engineers.
+ Advocate constant learning from both success and failure, and encourages openness to change and continuous improvement
+ Proficient in English, both verbal and written
**When you join our team:**
+ We'll empower you to learn and grow the career you want.
+ We'll recognize and support you in a flexible environment where well-being and inclusion are more than just words.
+ As part of our global team, we'll support you in shaping the future you want to see.
**Acerca de Manulife y John Hancock**
Manulife Financial Corporation es un importante proveedor internacional de servicios financieros que ayuda a las personas a tomar decisiones de una manera más fácil y a vivir mejor. Para obtener más información acerca de nosotros, visite .
**Manulife es un empleador que ofrece igualdad de oportunidades**
En Manulife/John Hancock, valoramos nuestra diversidad. Nos esforzamos por atraer, formar y retener una fuerza laboral tan diversa como los clientes a los que prestamos servicios, y para fomentar un entorno laboral inclusivo en el que se aprovechen las fortalezas de las culturas y las personas. Estamos comprometidos con la equidad en las contrataciones, la retención de talento, el ascenso y la remuneración, y administramos todas nuestras prácticas y programas sin discriminación por motivos de raza, ascendencia, lugar de origen, color, origen étnico, ciudadanía, religión o creencias religiosas, credo, sexo (incluyendo el embarazo y las afecciones relacionadas con este), orientación sexual, características genéticas, condición de veterano, identidad de género, expresión de género, edad, estado civil, estatus familiar, discapacidad, o cualquier otro aspecto protegido por la ley vigente.
Nuestra prioridad es eliminar las barreras para garantizar la igualdad de acceso al empleo. Un representante de Recursos Humanos trabajará con los solicitantes que requieran una adaptación razonable durante el proceso de solicitud. Toda la información que se haya compartido durante el proceso de solicitud de adaptación se almacenará y utilizará de manera congruente con las leyes y las políticas de Manulife/John Hancock correspondientes. Para solicitar una adaptación razonable en el proceso de solicitud, envíenos un mensaje a .
**Modalidades de Trabajo**
Híbrido

_We're looking for an_ **_Information Security Manager, IT Controls GRC_** _to join our ETS Control and Governance team at MBPS. In this role, you are expected to define and maintain a standard access model for cloud resources, review and approve access requests every day within the committed SLA. You will enhance existing automation to make the review and approval task more efficient. Furthermore, you will drive remediation of deviations from the standard access model._
**Position Responsibilities:**
+ Define and communicate the standard access model for various access level to resources in the Public Cloud service.
+ Own the intake channels including SNOW Process and IaC Pipelines.
+ Manage access authorization for public cloud resources.
+ Perform access review and approval on a daily basis with the committed SLAs.
+ Develop/enhance automation for intake, review, and implementation.
+ Monitor assignment of privileged roles on a daily basis.
+ Discover and remediate deviations from approved access model in the existing environment.
+ Maintain an exception process and tracks temporary elevation of privileges.
**Required Qualifications:**
+ University/College graduate with 5 years of progressive experience related to identity and access management, cloud security
+ Strong security mindset, Knowledge and understanding of any industry standard Access Management Framework, Principal of Least Privileged Access, Just-in-Time Access, RBAC and ABAC etc.
+ Strong "automation-first" mindset. Writes automation(s) to streamline common tasks, tests, and workflows.
+ Knowledge of following cloud platforms and Devop tools: Azure, Terraform, Github, GitHub Actions, Python, JIRA, Confluence,
+ **_Amenable to work in UP Ayala Technohub (Quezon City)_**
+ **_Amenable to work in a hybrid set-up (3x a week onsite)_**
+ **_Amenable to work in a fixed night shift schedule_**
**Preferred Qualifications:**
+ Self-driven, able to meet objectives with a minimal amount of managerial oversight/supervision.
+ A team player who can interact with various internal functions such as business unit security officers, security engineers, reliability engineers, DevOps engineers.
+ Advocate constant learning from both success and failure, and encourages openness to change and continuous improvement
+ Proficient in English, both verbal and written
**When you join our team:**
+ We'll empower you to learn and grow the career you want.
+ We'll recognize and support you in a flexible environment where well-being and inclusion are more than just words.
+ As part of our global team, we'll support you in shaping the future you want to see.
**Acerca de Manulife y John Hancock**
Manulife Financial Corporation es un importante proveedor internacional de servicios financieros que ayuda a las personas a tomar decisiones de una manera más fácil y a vivir mejor. Para obtener más información acerca de nosotros, visite .
**Manulife es un empleador que ofrece igualdad de oportunidades**
En Manulife/John Hancock, valoramos nuestra diversidad. Nos esforzamos por atraer, formar y retener una fuerza laboral tan diversa como los clientes a los que prestamos servicios, y para fomentar un entorno laboral inclusivo en el que se aprovechen las fortalezas de las culturas y las personas. Estamos comprometidos con la equidad en las contrataciones, la retención de talento, el ascenso y la remuneración, y administramos todas nuestras prácticas y programas sin discriminación por motivos de raza, ascendencia, lugar de origen, color, origen étnico, ciudadanía, religión o creencias religiosas, credo, sexo (incluyendo el embarazo y las afecciones relacionadas con este), orientación sexual, características genéticas, condición de veterano, identidad de género, expresión de género, edad, estado civil, estatus familiar, discapacidad, o cualquier otro aspecto protegido por la ley vigente.
Nuestra prioridad es eliminar las barreras para garantizar la igualdad de acceso al empleo. Un representante de Recursos Humanos trabajará con los solicitantes que requieran una adaptación razonable durante el proceso de solicitud. Toda la información que se haya compartido durante el proceso de solicitud de adaptación se almacenará y utilizará de manera congruente con las leyes y las políticas de Manulife/John Hancock correspondientes. Para solicitar una adaptación razonable en el proceso de solicitud, envíenos un mensaje a .
**Modalidades de Trabajo**
Híbrido

Job Scope:
To manage all RX security assessments and play a key part in ensuring RX's security compliance optimization. Monitor assessments while ensuring that Reed Exhibitions internal systems are compliant with RELX and industry standards. Proactively manage the third-party risk assessments, compliance evidence gathering of their IT services, infrastructure, applications and relevant services against their Security policies and related frameworks. Training and development will be provided in all areas of the role as required.
Key Responsibilities:
Security Assessment Management
+ Serve as an advanced technical advisor for third-party assessments, providing detailed security insights and solutions.
+ Perform in-depth security reviews and risk assessments for new and existing third-party vendors, ensuring compliance with organizational and regulatory requirements.
+ Demonstrate advanced knowledge in RELX security compliance policies and procedures.
+ Stay current with updates and developments in security standards such as OWASP Top 10, ISO27001, and SOC 2, and ensure their proper implementation across the organization.
+ Develop and deliver training and awareness on security policies and standards to business units.
+ Gain in-depth knowledge of the organization's major infrastructure security controls, ensuring they align with RELX Policies and Standards, industry best practices, and regulatory requirements.
+ Coordinate with technology/service owners and business owners to conduct annual security audits, vulnerability assessments, and penetration tests where applicable.
+ Work collaboratively within all business areas and key stakeholders to ensure the review and approach of all security governance, risk, and compliance scope is appropriate and proactive.
+ Ensure continuous monitoring and reporting of compliance and risk status against NIST2.0, RELX Framework, ISO27001, SOC2, PCI DSS, regional and global regulations, and all other relevant standards.
+ Support internal and external audits by providing detailed documentation and evidence of security controls and practices.
+ Perform RX Business Unit and Third-Party security audits according to the CISO office strategic plan and produce detailed documentation and evidence against security controls and practices tested.
+ Act as a point of escalation for security-related incidents, providing advanced security support and guidance to Level I Analysts and other team members.
+ Provide regular updates and at least monthly metric reports to senior management on security compliance and risk posture.
+ Escalation of high impact security issues to Security Compliance Manager.
Ideal candidate profile:
Technical Skills:
+ Bachelor's Degree holder.
+ Background in IT, compliance, and/or information security.
+ Ability to work across all levels of seniority within business teams to drive a working partnership.
+ Strong analytical and critical thinking skills.
+ Understanding of industry standards for IT security (e.g., ISO27001/2, SOC 2, PCI DSS).
+ Basic understanding of IT security applications (e.g., firewalls, intrusion detection, virus protection).
+ Understanding of IT security testing and vulnerability management, and Threat Modeling.
+ Understanding in Cloud Environment (e.g., AWS, Azure or GCP)
+ Understanding of Service Level Management.
+ Desired understanding of OneTrust portal or Similar.
+ With CompTIA Security+ or Similar or Higher.
Personal Skills:
+ Ability to work across all levels of seniority within the organization and suppliers to drive a working partnership.
+ Good communication skills at all levels, both oral and written.
+ Good interpersonal skills.
+ Ability to produce effective influence and persuasive arguments in support of security assessment process goals.
+ Highly driven and self-motivated individuals.
+ Skilled in project management and able to work independently in a fast-paced environment.
We are committed to providing a fair and accessible hiring process. If you have a disability or other need that requires accommodation or adjustment, please let us know by completing our Applicant Request Support Form or please contact 1- .
Criminals may pose as recruiters asking for money or personal information. We never request money or banking details from job applicants. Learn more about spotting and avoiding scams here .
Please read our Candidate Privacy Policy .
We are an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law.
USA Job Seekers:
EEO Know Your Rights .
RELX is a global provider of information-based analytics and decision tools for professional and business customers, enabling them to make better decisions, get better results and be more productive.
Our purpose is to benefit society by developing products that help researchers advance scientific knowledge; doctors and nurses improve the lives of patients; lawyers promote the rule of law and achieve justice and fair results for their clients; businesses and governments prevent fraud; consumers access financial services and get fair prices on insurance; and customers learn about markets and complete transactions.
Our purpose guides our actions beyond the products that we develop. It defines us as a company. Every day across RELX our employees are inspired to undertake initiatives that make unique contributions to society and the communities in which we operate.

**_What Information Security and Risk contributes to Cardinal Health_**
Information Technology oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value.
Information Security and Risk develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure or destruction. This job family develops system back-up and disaster recovery plans. Information Technology also conducts incident response, threat management, vulnerability scanning, virus management and intrusion detection and completes risk assessments.
**JOB TITLE** : Sr. Analyst - Vulnerability Management
Working together, we can make a difference in healthcare for our customers and communities. Your contributions, along with colleagues around the world, are helping make healthcare safer and more productive every day.
**Track/Level** : P2
**Job Family** : Information Security
**What Information Security contributes to Cardinal Health?**
+ We exist to ensure availability, integrity and confidentiality of healthcare infrastructure that safeguards the patient.
+ We promote a culture that protects information assets, manages risk and embeds security in people, process and technology
+ Defines solutions that balance information security requirements against business needs.
+ Investigates and resolves security incidents and recommends enhancements to improve security.
**What is expected of you in this role?**
+ Facilitates the coordination of remediation efforts, prioritizing remediation efforts based on risk.
+ Generate and communicate reporting around remediation efforts
+ Serves as vulnerability management analyst for assigned information systems and computer networks.
+ The individual in this position must be self-motivated and will have the opportunity to serve as a strong contributor in the analysis, coordination, and remediation of system vulnerabilities.
+ Analyzes vulnerabilities and characterizes risk to networks, operating systems, applications, databases, and other information system components.
+ Engages with stakeholders and system owners to facilitate vulnerability discovery through manual review and/or the use of vulnerability scanners.
**Required Qualifications**
+ Familiarity with Understanding of vulnerabilities and remediation techniques
+ Strong written and verbal communication skills with an ability to communicate technical details in a clear and understandable manner
+ Aptitude for data driven storytelling and their respective recommendations
**Preferred Qualifications**
Bachelor's degree in related field
Familiarity with vulnerability management tools (Rapid 7, Nessus, Qualys, etc.)
1+ years' experience in specific domains of information security
CompTIA Security + Certification
_Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._
_Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._
_To read and review this privacy notice click_ here (

Data Loss Prevention Analyst
**Position Title:** **Data Loss Prevention Analyst**
**About Advanced Energy**
Advanced Energy Industries, Inc. (NASDAQ: AEIS), enables design breakthroughs and drives growth for leading semiconductor and industrial customers. Our precision power and control technologies, along with our applications know-how, inspire close partnerships and innovation in thin-film and industrial manufacturing. We are proud of our rich heritage, award-winning technologies, and we value the talents and contributions of all Advanced Energy's employees worldwide.
**Responsibilities**
+ Collaborate with the business to identify improvements in existing technical models geared towards data protection
+ Identify gaps and weaknesses on current alerting platforms and recommend improvements to ensure evolving capabilities
+ Identify gaps and weaknesses on User Behavior Analytics (UBA) and Data Loss Prevention platforms
+ Continually review existing risk scoring models and adjust accordingly to ensure proper focus on significant security events and business needs
+ Identify and define clear metrics and Key Performance Indicators (KPI) surrounding the data protection program's success criteria to be shared at the executive level
+ Work closely with partners in cyber security and business stakeholders to ensure focus on data protection is considered with current and new projects
+ Prepare cases, briefs, and investigative reports for dissemination to executives and partners in legal and human resources
+ Convey security concepts related to information protection, data classification, information labeling, and other related concepts to both technical and non-technical audiences
**Qualifications**
+ Bachelor's degree in computer science, Information Technology, or related field
+ Minimum 1-3 years' of Data classification and tagging experience
+ Minimum 5 - 7 years' work experience in a field related to cybersecurity, data protection, insider threat, counterintelligence, or similar role preferred.
+ Minimum 5 years' Data analytics experience
+ Subject matter expert or lead experience
+ Must have experience with data classification and tagging
+ Strong analytical skills to identify complex security issues and respond at the same level with a technical understanding of when to escalate impacting data security events
+ Excellent oral communication, writing and presentation skills
+ Experience with commercial Data Loss Prevention and User Activity Monitoring (UAM) tools, including configuring alerts, monitoring activity, creating data protection rules, and reporting
+ Self-motivated and capable of independent work while operating in a geographically and culturally diverse peer group
+ Possess functional knowledge and administrative experience on Windows endpoints
+ Awareness of PCI/CISP programs, Security and Operations framework certification preferred
+ Experience conducting data triage of anomalous events collected by UAM and Data Loss Prevention tools and creating new rules or policies to optimize alerting and reporting
+ With experience with the following:
+ Digital Forensics and investigations experience
+ Conducting or leading investigations
+ Counterintelligence investigators or counterintelligence analysts experience with data analytics tools and data bases, graduate of FLETC, DCITA, JCITA, DoD, other US Federal Government, Intelligence Community CI analysis or other formal CI training courses or programs
+ Proofpoint DLP, Zscaler DLP, and Tessian mail security
As part of our total rewards philosophy, we believe in offering and maintaining competitive compensation and benefits programs for our employees in order to attract and retain a talented, highly engaged workforce. Our compensation programs are focused on equitable, fair pay practices including market-based base pay, an annual pay-for-performance incentive plan, we offer a strong benefits package in each of the countries in which we operate.
**Advanced Energy is committed to diversity in its workforce including Equal Employment Opportunity for Minorities, Females, Protected Veterans, and Individuals with Disabilities.**
**We are committed to protecting and respecting your privacy. We take your privacy seriously and will only use your personal information to administer your application in accordance with the RA No. 10173 also known as the Data Privacy Act of 2012.**