879 IT Security Specialists jobs in the Philippines

As the
AVP for Internal Audit and Regulatory Response,
you will help sustain the operational requirements of the Security and Architecture Group (SAG) - MNL Governance, Risk and Compliance, including the Audit and Controls Assurance function. Currently, these responsibilities are being handled full-time by one person and part-time by the SAG MNL Head. With the addition of a new permanent staff member, we are expanding our capacity to focus more deeply on regulatory compliance and advisory efforts.

How You'll Make an Impact

• Assists the Cybersecurity Manager in preparing regular reports to Management, including internal controls assessments, analysis of newly released Information Security or Cybersecurity regulations, and policy compliance with Head Office and regional standards for the MNL Branch.
• Supports in monitoring control programs and remediation activities and help coordinate internal and external system and information security audits.
• Help maintain IS policies and procedures and assist in administering reviews related to overall system security compliance programs.
• Conduct assessments to identify potential risk and root causes of ineffective IS controls and provide actionable recommendations for resolution.
• Perform other duties as assigned by GPAPD Management and Cybersecurity Manager, as needed.

What Sets You Apart

• Graduate of Computer Science, Accountancy, or related course
• Solid understanding and hands-on experience with Identity Access Management (IAM)
• Brings at least 5 years of experience in Information Security, Technology Risk, or Operational Risk
• Upholds ethical business practices, doing the right thing while ensuring full compliance with internal controls and legal/regulatory standards
• Strong problem-solving skills and can adapt quickly when demands and priorities shift
• You use relevant information to make sound, informed recommendations
• You collaborate well with others and communicate effectively across teams and cultures
• You're open-minded and flexible in your interactions with others
• You have a good aptitude for learning and mastering new technology
• Oral and written communication skills are clear, professional, and effective

JOB SUMMARY

ICT Information Security Specialist ensures Miescor United's ICT Systems and Infrastructure are consistently in compliance with key applicable standards, policies and procedures in terms of Business Continuity/Disaster Recovery and Information Security The Ruska and Information Security Associate shall assist in the development, implementation and maintenance of Miescor United ICT Risk and Management and InfoSec Program including self-test of critical ICT processes/controls to provide proactive resolutions.

KEY RESPONSIBILITIES

• Develop, organize and facilitate the activities of the work plan, identify and collate inputs, identify and study references, facilitate resolution of issues and contribute to the development, enhancement, update and implementation of framework, policies, guidelines, processes, procedures and standards on ICT Risk Management, Disaster Recovery, Business Continuity and Information Security
• Perform regular compliance audit on the established policies, guidelines, processes and procedures on ICT Risk Management, Disaster Recovery, Business Continuity and Information Security
• Develop and maintain an ICT Risk Registry
• Establish, operate and administer the Information Security management tools and systems
• Identify, gather and process data and information of actual and imminent Information Security breaches, perform resolution and establish corrective and preventive actions
• Contribute in the development and management of compliance on established through the conduct of periodic audit
• Ensure that security and business continuity concerns are adequately addressed in all systems and processes
• Participate and contribute to the continuous improvement program on processes, tools and work practices

JOB QUALIFCATIONS

• With Bachelor's Degree in Electronics, Computer Engineering, Computer Science, Information Technology
• With an experience in Identity Access Management
• With Project Management background

Company Description

Work with Us. Change the World.

At AECOM, we're delivering a better world. Whether improving your commute, keeping the lights on, providing access to clean water, or transforming skylines, our work helps people and communities thrive. We are the world's trusted infrastructure consulting firm, partnering with clients to solve the world's most complex challenges and build legacies for future generations.

There has never been a better time to be at AECOM. With accelerating infrastructure investment worldwide, our services are in great demand. We invite you to bring your bold ideas and big dreams and become part of a global team of over 50,000 planners, designers, engineers, scientists, digital innovators, program and construction managers and other professionals delivering projects that create a positive and tangible impact around the world.

We're one global team driven by our common purpose to deliver a better world. Join us.

Job Description

Job Brief

The primary function is to perform advisory and assurance projects of Audit Services Group (ASG) focused on IT, information security and data privacy risks. ASG is responsible for evaluating the adequacy and effectiveness of the company's systems of internal controls that guide company activities toward accomplishing key business objectives.

Duties and Responsibilities

• Participate in planning, scoping and execution of risk-based IT, information security, and data privacy assurance and advisory projects in accordance with the Institute of Internal Auditors (IIA) and ASG standards
• Perform test of design and operating effectiveness of controls
• Effectively communicate audit results to management
• Work with stakeholders to develop actions plans that address root cause of findings
• Anticipate the impact of new technologies and strategic initiatives of the Company on its information security and privacy risk profile
• Demonstrate up-to-date knowledge in information security and privacy and apply this to the development, execution and improvement of audit programs and recommendations
• Develop and maintain productive working relationships with stakeholders, while maintaining independence and objectivity.
• Contribute to various department initiatives to streamline processes, improve stakeholder experience, and increase productivity.
• Contribute specialized expertise to different assigned projects and may provide key updates to Project Lead and Manager.

Qualifications

Minimum Requirements

• Bachelor's degree in management information systems, computer science, accounting, finance, or other IT related fields is required
• 2-4 years of IT auditing, technology, information security, privacy or other relevant work experience is required
• Must have strong verbal and written communication skills; fluency in English is required
• Knowledge of auditing cloud services, encryption technology, mobile technology, application security, software development methodologies, and common security frameworks preferred
• Ability to travel up to 30% including international travel (valid passport required)
• Professional certifications (e.g., CIA, CISA, CISSP) are preferred

Additional Information

Shift schedule: Morning shift (9AM to 6PM)

About AECOM

AECOM is proud to offer comprehensive benefits to meet the diverse needs of our employees. Depending on your employment status, AECOM benefits may include medical, dental, vision, life, AD&D, disability benefits, paid time off, leaves of absences, voluntary benefits, perks, flexible work options, well-being resources, employee assistance program, business travel insurance, service recognition awards, retirement savings plan, and employee stock purchase plan.

AECOM is the global infrastructure leader, committed to delivering a better world. As a trusted professional services firm powered by deep technical abilities, we solve our clients' complex challenges in water, environment, energy, transportation and buildings. Our teams partner with public- and private-sector clients to create innovative, sustainable and resilient solutions throughout the project lifecycle – from advisory, planning, design and engineering to program and construction management. AECOM is a Fortune 500 firm that had revenue of $16.1 billion in fiscal year 2024. Learn more at

What makes AECOM a great place to work

You will be part of a global team that champions your growth and career ambitions. Work on groundbreaking projects - both in your local community and on a global scale - that are transforming our industry and shaping the future. With cutting-edge technology and a network of experts, you'll have the resources to make a real impact. Our award-winning training and development programs are designed to expand your technical expertise and leadership skills, helping you build the career you've always envisioned. Here, you'll find a welcoming workplace built on respect, collaboration and community - where you have the freedom to grow in a world of opportunity.

As an Equal Opportunity Employer, we believe in your potential and are here to help you achieve it. All your information will be kept confidential according to EEO guidelines.

We're Hiring: Cyber Security Access Management – Supervisor

Location:
Compliance Management Center

Division:
Access Management

Reports To:
Cyber Security Access Management – Manager

Supervises:
Cyber Security Access Management – Analyst

Are you ready to lead the charge in safeguarding digital identities and access? Join our Cyber Security Operations Group as an Access Management Supervisor and play a pivotal role in shaping and enforcing access governance across the organization. If you're passionate about identity and access management (IAM), process improvement, and cross-functional leadership, this is your opportunity to make a real impact.

What You'll Do

• Own and develop user access management processes, aligning with both company and industry best practices.
• Lead the implementation and enforcement of access management policies and procedures.
• Ensure timely, accurate, and complete submission of access-related reports.
• Coordinate and engage with key stakeholders (IAOs/IACs, UAM teams) and participate as a subject matter expert in audits.
• Oversee technology implementation for access, authentication, and authorization (IAM, PAM, Access Workflow, MFA, etc.).
• Research, evaluate, and integrate new access management technologies; automate manual processes where feasible.
• Maintain comprehensive documentation for access governance, compliance, and risk management.
• Conduct regular knowledge-sharing sessions and awareness campaigns.
• Supervise and mentor Access Management Analysts.

What You Bring

• Education:
  Bachelor's degree in Computer Science, Computer Engineering, IT, MIS, or any 4–5-year IT-related course.
• Experience:
  5–7 years in IT security and/or risk management, with hands-on experience in access, authentication, authorization, and identity technologies (IAM, PAM, MFA, etc.).
• Skills:
• Business and technical writing
• Security risk management
• User and privilege access management
• Identity and profile management
• Project management and resource planning
• Strong communication and technical writing skills (intermediate level)
• Certifications:
  CISA, CISM, CRISC, CISSP, or any IT security-related certification (required). Project management certification/training is a plus.
• Attributes:
  Critical thinking, initiative, cross-functional collaboration, and the ability to manage multiple projects and stakeholders.

What Success Looks Like

• Timely updates and documentation of access management policies, standards, and processes.
• Effective compliance and risk management, including audit resolution and gap closure.
• High stakeholder engagement and accountability.
• Successful delivery of access management projects and continuous process improvements.

Why Join Us?

This is more than a supervisory role—it's a mission to protect our digital ecosystem. You'll lead a team, drive innovation, and ensure that only the right people have the right access at the right time. If you're ready to take your career to the next level in cybersecurity leadership, we want you on our team.

Apply now and help us secure the future of digital access.

JOB TITLE: Information Security Manager

Location: Alabang, Muntinlupa City

Position Type: Full Time

Work Set up:  Onsite daily; Fixed weekends off

Schedule:General shift

Start Date:ASAP

Salary Package: 80, ,000 +10,000 allowances

Experienced IT Security and Compliance professional with over six years of experience in a similar role, including two years in a leadership capacity. Possesses strong knowledge of industry security standards and regulatory frameworks such as ISO 27001, NIST, ITIL, PCI-DSS, HIPAA, and GDPR. Demonstrates a deep understanding of the business risks and impacts associated with non-compliance, ensuring security practices align with both regulatory and operational goals.

• Lead the development, implementation, and maintenance of IT security policies and compliance programs.
• Ensure adherence to relevant security standards such as ISO 27001, NIST, and other regulatory requirements.
• Monitor compliance with frameworks including PCI-DSS, HIPAA, and GDPR across all IT operations.
• Conduct risk assessments and internal audits to identify vulnerabilities and ensure proper mitigation strategies.
• Provide guidance and training to teams on security and compliance best practices.
• Collaborate with cross-functional teams to address security gaps and improve compliance posture.
• Stay updated on emerging regulations and industry trends to proactively address potential compliance issues.
• Serve as a key point of contact during external audits and regulatory reviews.

• Minimum of 6 years of experience in IT security or compliance, with at least 2 years in a leadership or supervisory role
• Strong knowledge of security frameworks and standards such as ISO 27001, NIST, and ITIL
• Deep understanding of regulatory requirements including PCI-DSS, HIPAA, GDPR, etc.
• Solid grasp of the business and operational risks related to non-compliance
• Experience conducting risk assessments, audits, and implementing corrective action plans
• Excellent problem-solving, communication, and stakeholder management skills
• Bachelor's degree in Information Security, Computer Science, Information Technology, or related field (Certifications such as CISM, CISA, or CISSP are a plus)

About the role

Dumaguete Bank is seeking an experienced Information Security Officer to join our dynamic team in Dumaguete City, Negros Oriental. As the Information Security Officer, you will play a crucial role in ensuring the security and protection of our organisation's sensitive data and IT infrastructure. This full-time position is an excellent opportunity for a security professional to make a meaningful impact within a forward-thinking financial institution.

What you'll be doing

The Information Security Officer (ISO) will be responsible for aligning security initiatives with business objectives, ensuring that our banking operations are secure and compliant with statutory standards while meeting customer needs and maintaining high security standards across the Bank.

• Formulate the ISSP and ISP for approval by the Board and Senior Management and implement and manage the duly‐approved ISSP and ISP.
• Develop policies and procedures for access onboarding, modifications and offboarding across systems and monitor its execution and oversee the provisioning and deprovisioning of user access to enterprise and production applications and systems. Review and approve access requests and role-based access control matrices.
• Coordinate and work with IT Unit and officer across different departments to ensure that information security requirements support business needs and security systems and processes are working as intended.
• Monitor and enforce compliance with the ISP and the corresponding policies, standards and procedures across the organization and conduct security awareness and training programs catered to different sets of stakeholders.
• Educate, inform, and report to the Board and Senior Management relevant information security issues and concerns.
• Ensure that security controls and processes are embedded throughout the lifecycle of information, systems, applications, products and services.
• Conduct and assist in the effective implementation of information security incident response plan and assist in ensuring regulatory compliance and adherence to information security‐related laws, rules and regulations.

Key Responsibilities

• Strategic Alignment: Align security initiatives with business goals and objectives, ensuring that security measures support the overall mission of the Bank. Advocate for information security best practices and risk management solutions to enhance the Bank's overall security posture.
• Risk Management: Identify, assess, and mitigate security risks associated with banking operations. Develop and implement risk management strategies to protect sensitive information.
• Policy Development: Develop and enforce security policies, standards, and procedures to ensure compliance with international regulations and industry best practices.
• Security and Business Integration: Work closely with units, IT, and other stakeholders to integrate security into all aspects of the Bank's operations. Provide guidance and support to ensure security is considered in all business decisions. Act as a bridge between technical and business teams, ensuring alignment and smooth integration.
• Training and Awareness: Drive security awareness initiatives across the bank to foster a security-conscious culture
• Continuous Improvement: Continuously monitor the effectiveness of security measures, identify gaps, and recommend improvements. Work with internal teams to develop innovative solutions to enhance security across business operations.

What we're looking for

• Minimum of 2 years of experience in information security, ideally in the banking or financial services industry
• Strong technical expertise in security technologies, such as firewalls, intrusion detection/prevention systems, and identity and access management
• Proficiency in security risk assessment, vulnerability management, and incident response
• Excellent problem-solving, analytical, and critical thinking skills
• Strong communication and stakeholder management abilities
• Relevant certifications, such as CISSP, CISA, or CISM, are highly desirable but not required
• Tertiary degree in Computer Science, Information Technology, or a related field

If you are passionate about information security and ready to take on a challenging and rewarding role, we encourage you to apply now.

OPENTEXT - THE INFORMATION COMPANY

OpenText is a global leader in information management, where innovation, creativity, and collaboration are the key components of our corporate culture. As a member of our team, you will have the opportunity to partner with the most highly regarded companies in the world, tackle complex issues, and contribute to projects that shape the future of digital transformation.

AI-First. Future-Driven. Human-Centered.

At OpenText, AI is at the heart of everything we do—powering innovation, transforming work, and empowering digital knowledge workers. We're hiring talent that AI can't replace to help us shape the future of information management. Join us.

The Opportunity:

The Manager, Security Operation Center is a member of the Information Protection Center team reporting to the Sr. Manager, Information Security. This position works across Corporate and Production teams to ensure the successful implementation of security tools, services, and technology. The Security operations center manager provides oversight and management of the SOC including security operations management and security incident response, incident detection and analysis, containment, and eradication of cybersecurity incidents. This position will manage resources, priorities, and internal projects, and manage the team directly when responding to business-critical security incidents. Ideally, this role will 8-5pm eastern standard time.

You Are Great At:

• Defining, managing, and implementing a comprehensive SOC service
• Be a leader in the expansion and growth of the SOC
• Lead the response to significant Security incidents, ensuring the SOC teams effective response
• Collaborate with client technical teams for issue resolution and mitigation
• Organizing and prioritizing assessments of security controls and services to ensure accurate coverage reporting and identification of coverage gaps
• Review personnel resources daily to assess workload and quality of work
• Coordinate with Incident Response, Threat Intelligence and Threat Hunting teams to create post-incident feedback loop to educate SOC analysts and enhance detection capability
• Implementing tools and processes to automate and visualize security metrics, reporting, and dashboards for varying audiences
• Develop and maintain Standard Operating Procedures for security analyst roles and responsibilities
• Interfacing with internal audit and compliance teams to produce required security artifacts
• Overseeing technical coordination/project management for security initiatives, projects, and integration of security tools and services
• Coordinating risk assessments for requested deviation to security policy/controls
• Security monitoring, managing security cases& tickets, security incident analysis, and other security tasks.
• Responding to incidents varying from endpoint to server systems
• Researching security advisories, e.g., CERT, and delivering appropriate course of action
• Creating documentation to ensure all team members can perform required tasks
• Creating meaningful and detailed metrics based on security events or activities
• Collecting evidence and artifacts to meet compliance requirements (ISO, SOX, HIPAA, SOC, etc.)
• Optimizing day-to-day shift resources and needs
• Ensuring appropriate staffing and coverage for assigned shifts
• Managing and communicating up effectively to leadership regarding staffing needs, events that occurred, etc

What It Takes:

• Creating and refining metrics to articulate and measure SOC performance.
• Knowledge and experience managing a SOC and security operations
• Experience in a delivery, operational or security program management role and previous experience in a leadership or supervisory role
• Demonstrated experience generating metrics to measure service and program effectiveness
• Understanding of compliance frameworks, like PCI, ISO 27001, NIST, etc.
• Excellent analytical skills, troubleshooting and problem solving
• Must be able to work in a fast paced and changing environment while handling multiple tasks, priorities, and directives. Capable of working under pressure.
• Excellent English writing and verbal communication skills
• BS in Computer Science, Cyber Security, or Information Security preferred
• 7+ years of information security experience
• 4+ years of experience working in a Security Operations Center
• 3+ years of experience managing a Security Operations Center
• CISSP, CISA, CISM, or other industry certifications preferred

OpenText's efforts to build an inclusive work environment go beyond simply complying with applicable laws. Our Employment Equity and Diversity Policy provides direction on maintaining a working environment that is inclusive of everyone, regardless of culture, national origin, race, color, gender, gender identification, sexual orientation, family status, age, veteran status, disability, religion, or other basis protected by applicable laws.

If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please contact us Our proactive approach fosters collaboration, innovation, and personal growth, enriching OpenText's vibrant workplace.

Information Security Engineer III

Experience Level:
 5+ years

About the Role

We're looking for a highly skilled 
Information Security Engineer
 to strengthen and scale security across our cloud, application, and enterprise environments. In this role, you'll:

• Lead secure SDLC practices and embed security into every stage of the development lifecycle.
• Drive threat modeling, vulnerability management, and detection engineering.
• Operate and optimize key security platforms (EDR, DLP, SIEM, Email Security).
• Strengthen cloud and Microsoft 365 security, while ensuring enterprise resilience.

Key Responsibilities

Application & Cloud Security

• Integrate security into design, development, and deployment workflows.
• Conduct threat modeling and architecture reviews.
• Secure cloud platforms (AWS, Azure, Microsoft 365) through identity controls, hardening, and policy enforcement.

Security Platform Operations

• Operate and monitor EDR/XDR, DLP, SIEM, and email security platforms.
• Ensure tools are tuned, integrated, and delivering actionable insights.

Security Monitoring & Response

• Support day-to-day monitoring and incident investigations.
• Lead triage, containment, and remediation of threats.
• Contribute to detection tuning, post-incident reviews, and process improvements.

Threat & Vulnerability Management

• Identify, assess, and remediate vulnerabilities across endpoints, infrastructure, and cloud.
• Support patching strategy, scanning, and threat intel correlation.

Endpoint & Infrastructure Hardening

• Implement secure configurations for Windows/Linux endpoints, servers, and network appliances.
• Align with CIS benchmarks and industry best practices.

Detection Engineering & Risk Management

• Build and tune detection logic in SIEM/XDR platforms.
• Collaborate across teams to reduce false positives and improve fidelity.
• Contribute to business continuity and disaster recovery planning.

Qualifications

• 5+ years of progressive experience in information security (application, cloud, infrastructure).
• Strong experience managing and securing 
  cloud platforms
   (AWS, Azure, Microsoft 365).
• Hands-on expertise with 
  security tools
  : EDR/XDR, DLP, SIEM, email security, vulnerability scanners.
• Knowledge of 
  secure SDLC, application security testing, DevSecOps
   practices.
• Familiar with 
  IAM, zero trust, and conditional access
   frameworks.
• Exposure to 
  threat modeling methodologies
   (STRIDE, MITRE ATT&CK).
• Understanding of 
  compliance standards
   (NIST, ISO 27001, GDPR, SOC 2, PCI-DSS).

Why Join Us?

• Work on 
  high-impact security initiatives
   that safeguard financial systems worldwide.
• Grow with us through 
  certifications, training, and clear career pathways
  .
• Collaborate with 
  smart, driven colleagues
   solving complex security challenges.
• Thrive in a 
  hybrid setup
   (2x per month onsite) with a focus on trust and flexibility.
• Be part of a 
  Great Place to Work-certified company
   that values people, not just output.

Note on Data Privacy

By applying, you consent to the use of your personal data for recruitment purposes. Data may be shared with third-party services and our parent company, ETS London, for recruitment and assessment. For questions, contact our 
DPO at 
.

Responsibilities:

• Actively monitor, detect, and respond to security alerts and incidents per defined SLA.
• Incidents are acknowledged and responded to within the agreed response SLO
• Perform alert triage and analysis including asset and custodian identification, reputational checking, and alert validation
• Perform containment and eradication within the agreed response SLO
• Ensures resolution of incidents within the defined SLOs
• Utilize IR toolsets such as ServiceNow, EAS, IPS, WAF, NAC, Firewall etc
• Timely submission of Operational Performance reports/dashboards/value reports for consumption of management

Qualifications:

• Bachelor's degree of Information Technology, Computer Science, Computer Engineering
• At least 1-2 years' work experience in Incident Response
• Knowledgeable in Security Monitoring and Service Management Tools