1,182 IT Security Specialists jobs in the Philippines

It is the spirit of Bayanihan that drives us to continue our legacy of excellence and commitment to care. As an organization, we achieve our successes through good, honest, and persevering hard work - TOGETHER. It is in this way in which our company was built; we progressed as the country's leading Pharmaceutical company, not by sheer luck, but by pure perseverance, integrity, and brotherhood. Grow with us, and be a part of the Bayanihan spirit.

Role Overview:

• Pushes for vendor's compliance with the company's information security and data privacy policies by performing contract reviews and onsite audit
• Develops consultative relationships with different departments to educate them about risk management and/or implement risk management best practices to prevent or mitigate loss related to data leakage
• Ensures that all committed resolutions of different divisions are monitored, reported and resolved on time
• Leads and conducts security awareness programs and deliver it across the enterprise
• Establishes mandatory policies, minimum standards and/or written guidance related to information security and data privacy best practices.
• Governs projects in order to minimize compliance risks that often results from project plans that does not adhere to a proper security risk assessment. This includes analyzing the business and IT specifications in order to prescribe the appropriate information security controls.
• Represents Information Security in discussions with different stakeholders and extend assistance to educate relevant users on how to comply to the different information security and data privacy policies of the company
• Acts as the project manager for initiatives owned by the Information Security division
• Works with IT and all relevant business stakeholders in addressing security incidents, breaches and different cyber threats reported by the security operations team

Required Qualifications:

• Graduate of Computer Engineering, Computer Science, Information Technology or other relevant science, technical and engineering courses
• With at least 2 years of information security / data privacy practice
• Can easily transition to a fast-paced environment and familiarize himself on business matters that can affect the security posture of the company
• Can communicate, present, and negotiate effectively, with strong command of the English language, both written and oral
• Has a keen eye on details with strong planning and analytical skills
• Knowledgeable in securing Network, Identity Access, Cloud systems, Endpoint devices, web and mobile applications
• Familiarity with security frameworks and privacy regulations (e.g. NIST Cybersecurity framework, CIS-CSC, ISO27001, Data Privacy Act) and risk management methodologies
• Relevant experience in Identity Access Management and Information Security Incident Response handling is a plus.
• Experience in designing and securing cloud platforms hosted in Amazon, Azure and Google

We are committed to providing our employees with the best possible experience. As a LEARNING ORGANIZATION, we are eager to support your development and create the most fitting career path for you. As DESIGNERS AND DRIVERS OF INNOVATION, we are keen to provide you with opportunities to positively transform processes that will intensify business growth. As a NURTURING FAMILY, we are passionate about conducting programs that can promote your wellness, and help you be the best that you can be. As BELIEVERS OF OUR PURPOSE, we are and we will always remain earnest in giving meaningful tasks that will keep you delighted and fulfilled - at work and beyond.

It is the spirit of Bayanihan that drives us to continue our legacy of excellence and commitment to care. As an organization, we achieve our successes through good, honest, and persevering hard work - TOGETHER. It is in this way in which our company was built; we progressed as the country's leading Pharmaceutical company, not by sheer luck, but by pure perseverance, integrity, and brotherhood. Grow with us, and be a part of the Bayanihan spirit.

Role Overview

• Pushes for vendor's compliance with the company's information security and data privacy policies by performing contract reviews and onsite audit
• Develops consultative relationships with different departments to educate them about risk management and/or implement risk management best practices to prevent or mitigate loss related to data leakage
• Ensures that all committed resolutions of different divisions are monitored, reported and resolved on time
• Leads and conducts security awareness programs and deliver it across the enterprise
• Establishes mandatory policies, minimum standards and/or written guidance related to information security and data privacy best practices.
• Governs projects in order to minimize compliance risks that often results from project plans that does not adhere to a proper security risk assessment. This includes analyzing the business and IT specifications in order to prescribe the appropriate information security controls.
• Represents Information Security in discussions with different stakeholders and extend assistance to educate relevant users on how to comply to the different information security and data privacy policies of the company
• Acts as the project manager for initiatives owned by the Information Security division
• Works with IT and all relevant business stakeholders in addressing security incidents, breaches and different cyber threats reported by the security operations team

Required Qualifications

• Graduate of Computer Engineering, Computer Science, Information Technology or other relevant science, technical and engineering courses
• With at least 2 years of information security / data privacy practice
• Can easily transition to a fast-paced environment and familiarize himself on business matters that can affect the security posture of the company
• Can communicate, present, and negotiate effectively, with strong command of the English language, both written and oral
• Has a keen eye on details with strong planning and analytical skills
• Knowledgeable in securing Network, Identity Access, Cloud systems, Endpoint devices, web and mobile applications
• Familiarity with security frameworks and privacy regulations (e.g. NIST Cybersecurity framework, CIS-CSC, ISO27001, Data Privacy Act) and risk management methodologies
• Relevant experience in Identity Access Management and Information Security Incident Response handling is a plus.
• Experience in designing and securing cloud platforms hosted in Amazon, Azure and Google

We are committed to providing our employees with the best possible experience. As a LEARNING ORGANIZATION, we are eager to support your development and create the most fitting career path for you. As DESIGNERS AND DRIVERS OF INNOVATION, we are keen to provide you with opportunities to positively transform processes that will intensify business growth. As a NURTURING FAMILY, we are passionate about conducting programs that can promote your wellness, and help you be the best that you can be. As BELIEVERS OF OUR PURPOSE, we are and we will always remain earnest in giving meaningful tasks that will keep you delighted and fulfilled - at work and beyond.

Education
Bachelor's Degree of Information Technology or any related IT course.

Qualifications
Qualifications

• Proven experience in designing, implementing, and maintaining scalable IAM solutions and platforms
• Expertise in developing and enforcing access control policies and procedures
• Hands-on experience with implementing automated workflows for identity and access requests
• Proficiency in IAM tools such as SailPoint, Microsoft Entra ID, and Aveksa
• Strong background in IAM automation and scripting (e.g., Python, PowerShell, Java), including API integrations
• Familiarity with cloud security and IAM frameworks across Azure, AWS, and Google Cloud environments

Duties And Responsibilities
Role Definition
Plans, designs and implements cybersecurity strategies and solutions to prevent critical damage to the organization brought by cyber-attacks.

Responsibilities

• Develops and implements security controls, systems, remote access solutions, and infrastructure architecture in alignment with defined requirements and guidelines; configures network controls to protect the organization's environment in a timely manner.
• Provides recommendations for security products, services, and procedures to enhance system architecture and security controls; conducts testing and evaluation of new cybersecurity technologies and controls.
• Collaborates with cybersecurity and technology teams to deploy vulnerability mitigations and support integration activities; leverages industry standards and frameworks to identify capabilities and technologies that strengthen cyber defenses across diverse scenarios.
• Implements security systems by defining intrusion detection methodologies and preparing both preventive and reactive measures.
• Reviews security technologies, tools, and services, and provides recommendations to the broader security team based on security, financial, and operational metrics.
• Defines processes and architectures for securing networks, applications, and infrastructure; builds firewalls and implements intrusion detection systems in complex environments.

Role Definition

Plans, designs and implements cybersecurity strategies and solutions to prevent critical damage to the organization brought by cyber-attacks.

Responsibilities

• Develops and implements security controls, systems, remote access solutions, and infrastructure architecture in alignment with defined requirements and guidelines; configures network controls to protect the organization's environment in a timely manner.
• Provides recommendations for security products, services, and procedures to enhance system architecture and security controls; conducts testing and evaluation of new cybersecurity technologies and controls.
• Collaborates with cybersecurity and technology teams to deploy vulnerability mitigations and support integration activities; leverages industry standards and frameworks to identify capabilities and technologies that strengthen cyber defenses across diverse scenarios.
• Implements security systems by defining intrusion detection methodologies and preparing both preventive and reactive measures.
• Reviews security technologies, tools, and services, and provides recommendations to the broader security team based on security, financial, and operational metrics.
• Defines processes and architectures for securing networks, applications, and infrastructure; builds firewalls and implements intrusion detection systems in complex environments.

Qualifications

• Proven experience in designing, implementing, and maintaining scalable
  IAM
  solutions and platforms
• Expertise in developing and enforcing access control policies and procedures
• Hands-on experience with implementing automated workflows for identity and access requests
• Proficiency in IAM tools such as SailPoint, Microsoft Entra ID, and Aveksa
• Strong background in IAM automation and scripting (e.g., Python, PowerShell, Java), including API integrations
• Familiarity with cloud security and IAM frameworks across Azure, AWS, and Google Cloud environments

Skills & Experience

Mandatory

o Knowledge of latest ISO 27001 standard, PCI DSS, and HIPAA.

o Internal and External audit experience of ISO standards ISO 27001.

o Knowledge and audit experience of HIPAA compliance and HITRUST requirements.

o Should have knowledge/hand on experience on working on SOC 2/ HITRUST/PCI DSS,

requirements.

o Should have hands-on experience in VAPT, Vulnerability management, and cyber

security management.

o Should have knowledge of the basic ITGC controls/Information Security.

o Certified Lead Auditor for ISMS and Certified PCI DSS implementor.

o Experience in coordinating with vendors and internal stakeholders for different

compliance and information security tasks.

o Should have knowledge of BCP/DR and conduct BCP tests.

o Experience in handling Risk Management Audits, Risk Registers, BIA processes.

o Knowledge and experience of Risk Management standards i.e. ISO 31000.

o Knowledge and experience of all BCM implementation based on ISO 22301.

o Good written and verbal communication skills.

Desired

o Knowledge of Information Security.

o Knowledge of PCI DSS and VAPT assessments.

o Knowledge of SOC 2, HIPAA and HITRUST Audits.

o Hands on experience of managing BCP incidents.

Job Type: Full-time

Pay: Up to Php130,000.00 per month

Benefits:

• Paid training

Work Location: In person

As the
AVP for Internal Audit and Regulatory Response,
you will help sustain the operational requirements of the Security and Architecture Group (SAG) - MNL Governance, Risk and Compliance, including the Audit and Controls Assurance function. Currently, these responsibilities are being handled full-time by one person and part-time by the SAG MNL Head. With the addition of a new permanent staff member, we are expanding our capacity to focus more deeply on regulatory compliance and advisory efforts.

How You'll Make an Impact

• Assists the Cybersecurity Manager in preparing regular reports to Management, including internal controls assessments, analysis of newly released Information Security or Cybersecurity regulations, and policy compliance with Head Office and regional standards for the MNL Branch.
• Supports in monitoring control programs and remediation activities and help coordinate internal and external system and information security audits.
• Help maintain IS policies and procedures and assist in administering reviews related to overall system security compliance programs.
• Conduct assessments to identify potential risk and root causes of ineffective IS controls and provide actionable recommendations for resolution.
• Perform other duties as assigned by GPAPD Management and Cybersecurity Manager, as needed.

What Sets You Apart

• Graduate of Computer Science, Accountancy, or related course
• Solid understanding and hands-on experience with Identity Access Management (IAM)
• Brings at least 5 years of experience in Information Security, Technology Risk, or Operational Risk
• Upholds ethical business practices, doing the right thing while ensuring full compliance with internal controls and legal/regulatory standards
• Strong problem-solving skills and can adapt quickly when demands and priorities shift
• You use relevant information to make sound, informed recommendations
• You collaborate well with others and communicate effectively across teams and cultures
• You're open-minded and flexible in your interactions with others
• You have a good aptitude for learning and mastering new technology
• Oral and written communication skills are clear, professional, and effective

OPENTEXT - THE INFORMATION COMPANY

OpenText is a global leader in information management, where innovation, creativity, and collaboration are the key components of our corporate culture. As a member of our team, you will have the opportunity to partner with the most highly regarded companies in the world, tackle complex issues, and contribute to projects that shape the future of digital transformation.

AI-First. Future-Driven. Human-Centered.

At OpenText, AI is at the heart of everything we do—powering innovation, transforming work, and empowering digital knowledge workers. We're hiring talent that AI can't replace to help us shape the future of information management. Join us.

The Opportunity:

The Manager, Security Operation Center is a member of the Information Protection Center team reporting to the Sr. Manager, Information Security. This position works across Corporate and Production teams to ensure the successful implementation of security tools, services, and technology. The Security operations center manager provides oversight and management of the SOC including security operations management and security incident response, incident detection and analysis, containment, and eradication of cybersecurity incidents. This position will manage resources, priorities, and internal projects, and manage the team directly when responding to business-critical security incidents. Ideally, this role will 8-5pm eastern standard time.

You Are Great At:

• Defining, managing, and implementing a comprehensive SOC service
• Be a leader in the expansion and growth of the SOC
• Lead the response to significant Security incidents, ensuring the SOC teams effective response
• Collaborate with client technical teams for issue resolution and mitigation
• Organizing and prioritizing assessments of security controls and services to ensure accurate coverage reporting and identification of coverage gaps
• Review personnel resources daily to assess workload and quality of work
• Coordinate with Incident Response, Threat Intelligence and Threat Hunting teams to create post-incident feedback loop to educate SOC analysts and enhance detection capability
• Implementing tools and processes to automate and visualize security metrics, reporting, and dashboards for varying audiences
• Develop and maintain Standard Operating Procedures for security analyst roles and responsibilities
• Interfacing with internal audit and compliance teams to produce required security artifacts
• Overseeing technical coordination/project management for security initiatives, projects, and integration of security tools and services
• Coordinating risk assessments for requested deviation to security policy/controls
• Security monitoring, managing security cases& tickets, security incident analysis, and other security tasks.
• Responding to incidents varying from endpoint to server systems
• Researching security advisories, e.g., CERT, and delivering appropriate course of action
• Creating documentation to ensure all team members can perform required tasks
• Creating meaningful and detailed metrics based on security events or activities
• Collecting evidence and artifacts to meet compliance requirements (ISO, SOX, HIPAA, SOC, etc.)
• Optimizing day-to-day shift resources and needs
• Ensuring appropriate staffing and coverage for assigned shifts
• Managing and communicating up effectively to leadership regarding staffing needs, events that occurred, etc

What It Takes:

• Creating and refining metrics to articulate and measure SOC performance.
• Knowledge and experience managing a SOC and security operations
• Experience in a delivery, operational or security program management role and previous experience in a leadership or supervisory role
• Demonstrated experience generating metrics to measure service and program effectiveness
• Understanding of compliance frameworks, like PCI, ISO 27001, NIST, etc.
• Excellent analytical skills, troubleshooting and problem solving
• Must be able to work in a fast paced and changing environment while handling multiple tasks, priorities, and directives. Capable of working under pressure.
• Excellent English writing and verbal communication skills
• BS in Computer Science, Cyber Security, or Information Security preferred
• 7+ years of information security experience
• 4+ years of experience working in a Security Operations Center
• 3+ years of experience managing a Security Operations Center
• CISSP, CISA, CISM, or other industry certifications preferred

OpenText's efforts to build an inclusive work environment go beyond simply complying with applicable laws. Our Employment Equity and Diversity Policy provides direction on maintaining a working environment that is inclusive of everyone, regardless of culture, national origin, race, color, gender, gender identification, sexual orientation, family status, age, veteran status, disability, religion, or other basis protected by applicable laws.

If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please contact us Our proactive approach fosters collaboration, innovation, and personal growth, enriching OpenText's vibrant workplace.

Responsibilities:

• Actively monitor, detect, and respond to security alerts and incidents per defined SLA.
• Incidents are acknowledged and responded to within the agreed response SLO
• Perform alert triage and analysis including asset and custodian identification, reputational checking, and alert validation
• Perform containment and eradication within the agreed response SLO
• Ensures resolution of incidents within the defined SLOs
• Utilize IR toolsets such as ServiceNow, EAS, IPS, WAF, NAC, Firewall etc
• Timely submission of Operational Performance reports/dashboards/value reports for consumption of management

Qualifications:

• Bachelor's degree of Information Technology, Computer Science, Computer Engineering
• At least 1-2 years' work experience in Incident Response
• Knowledgeable in Security Monitoring and Service Management Tools

Details:
Job Description

A Information Security Analyst, also known as a Security Incident Responder, is responsible for identifying, investigating, and responding to security incidents within an organization. Their primary role is to protect information systems and data from threats such as cyberattacks, breaches, and unauthorized access.

Key Responsibilities Include:

• Monitoring security alerts and network activity to identify potential incidents or threats.
• Investigating anomalies and determining the nature and scope of security incidents.
• Responding rapidly to security incidents, containing threats, eradicating malicious activity, and recovering affected systems.
• Conducting digital forensics and root cause analysis to understand how an incident occurred.
• Documenting incidents, actions taken, and lessons learned to improve future response efforts.
• Collaborating with IT, legal, and compliance teams to ensure proper response and reporting.
• Developing and updating incident response plans, playbooks, and security procedures.
• Staying up-to-date with the latest cyber threats, vulnerabilities, and best practices.

Cybersecurity responders play a critical frontline role in defending organizations against ever-evolving cyber threats, helping minimize damage and ensuring business continuity.

Job Requirements

Details:

• 2-3 years of proven experience in Security Incident Response within a professional environment
• Strong knowledge of major operating systems, including Windows, Linux, and macOS
• In-depth understanding of network protocols and architectures (such as TCP/IP, DNS, VPN, etc.)
• Demonstrated experience working with Security Information and Event Management (SIEM) tools (e.g., Splunk, Microsoft Sentinel)
• Hands-on expertise in incident detection, analysis, response, and recovery processes
• Ability to conduct root cause analysis and recommend appropriate remediation steps
• Must have at least one recognized security certification
• Familiarity with cybersecurity frameworks and best practices is a plus
• Excellent problem-solving skills, with the ability to work calmly and efficiently under pressure
• Willingness to work in shifting schedules, including nights, weekends, and holidays
• Strong written and verbal communication skills, with the ability to document and convey technical information clearly to various audiences