19 Security Advisor jobs in the Philippines

**Introduction**
We are seeking a highly skilled and experienced Cloud Security Consultant who will be responsible for the governance, strategy, and advisory aspects of cloud security. The individual will drive the adoption and continuous improvement of the Cloud Security Framework while overseeing the effective use of CSPM, CWP, and SSPM platforms across AWS, Azure, and GCP.
**Your role and responsibilities**
As a Cloud Security Consultant you will play a crucial role in strategic security planning, ensuring compliance with industry regulations and frameworks, and driving continuous improvement through automation and orchestration.This encompasses managing key performance indicators (KPIs), conducting regular security exercises, and collaborating effectively with other IT and security teams to enhance overall security monitoring and response capabilities. The ideal candidate will possess a deep understanding of current and emerging cyber threats and a proven ability to lead and motivate a team in a fast-paced, high-pressure environment.
Your primary responsibilities include:
Cloud Security Management and Compliance: Define, maintain, and enhance the organization's Cloud Security Framework in alignment with regulatory (e.g., BSP, DPA) and industry (e.g., NIST, CSA) standards. Provide cloud security governance across multi-cloud platforms (AWS, Azure, GCP). Oversee baseline and periodic posture assessments and trend analysis reporting. Oversee compliance reporting activities aligned with regulatory frameworks (PCI DSS, GDPR, NIST, CIS).
Cloud Security Optimization: Lead the development, tuning, and optimization of Prisma Cloud CSPM policies for AWS, Azure, and GCP. Lead onboarding and security posture policy configuration of the SSPM platform for key SaaS apps.
Threat Intelligence and Continuous Improvement: Design detection strategies and RQL-based investigation playbooks. Oversee CWPP alert tuning and ensure alignment with the client's governance protocols. Define and regularly tune posture rules and detection logic based on evolving threats. Continuously assess policy relevance against service updates and compliance mandates.
Cross-Team Collaboration: Collaborate with engineering, SOC, and risk/compliance teams to ensure policy enforcement and incident response readiness. Provide technical guidance to engineers conducting audit log analysis, threat hunts, and RCA activities.
Incident Management and Communication: Track and report on key cloud security KPIs, metrics, and control effectiveness. Review and refine policies, standards, SOPs, and guidelines related to cloud operations. Lead knowledge transfer sessions.
**Required technical and professional expertise**
Technical Requirements:
* More than 5 years in cloud security consulting, architecture, or posture management.
* Proven and extensive experience with Prisma Cloud (CSPM/CWPP) and SSPM platforms.
* Hands-on experience integrating alerts into SIEM/SOAR tools like Google SecOps.
* Familiar with cloud-native and hybrid environment architecture in AWS, Azure, or GCP
* Familiar with compliance frameworks: NIST CSF, CIS, GDPR, PCI DSS.
* Experience integrating alerts and posture signals into SIEM/ITSM (e.g., Chronicle, Splunk, ServiceNow)
Soft Skills:
* Strong analytical and problem-solving abilities with keen attention to detail.
* Excellent communication and collaboration skills, with the ability to interact effectively with stakeholders at all levels.
* Capable of managing multiple priorities in a fast-paced, dynamic environment.
**Preferred technical and professional experience**
Certifications: CCSP, GCSA, CISSP, CRISC, CISA, AWS/Azure/GCP Security Specialty ( or any cloud platform-specific certs), Prisma Cloud Certification (e.g., Palo Alto Networks Certified Cloud Security Engineer-PCCSE), Google Cybersecurity Professional Certificate or SIEM-specific trainings (e.g., Chronicle)
IBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.

**Introduction**
We are seeking a highly skilled and experienced Cloud Security Consultant who will be responsible for the governance, strategy, and advisory aspects of cloud security. The individual will drive the adoption and continuous improvement of the Cloud Security Framework while overseeing the effective use of CSPM, CWP, and SSPM platforms across AWS, Azure, and GCP.
**Your role and responsibilities**
As a Cloud Security Consultant you will play a crucial role in strategic security planning, ensuring compliance with industry regulations and frameworks, and driving continuous improvement through automation and orchestration.This encompasses managing key performance indicators (KPIs), conducting regular security exercises, and collaborating effectively with other IT and security teams to enhance overall security monitoring and response capabilities. The ideal candidate will possess a deep understanding of current and emerging cyber threats and a proven ability to lead and motivate a team in a fast-paced, high-pressure environment.
Your primary responsibilities include:
Cloud Security Management and Compliance: Define, maintain, and enhance the organization's Cloud Security Framework in alignment with regulatory (e.g., BSP, DPA) and industry (e.g., NIST, CSA) standards. Provide cloud security governance across multi-cloud platforms (AWS, Azure, GCP). Oversee baseline and periodic posture assessments and trend analysis reporting. Oversee compliance reporting activities aligned with regulatory frameworks (PCI DSS, GDPR, NIST, CIS).
Cloud Security Optimization: Lead the development, tuning, and optimization of Prisma Cloud CSPM policies for AWS, Azure, and GCP. Lead onboarding and security posture policy configuration of the SSPM platform for key SaaS apps.
Threat Intelligence and Continuous Improvement: Design detection strategies and RQL-based investigation playbooks. Oversee CWPP alert tuning and ensure alignment with the client's governance protocols. Define and regularly tune posture rules and detection logic based on evolving threats. Continuously assess policy relevance against service updates and compliance mandates.
Cross-Team Collaboration: Collaborate with engineering, SOC, and risk/compliance teams to ensure policy enforcement and incident response readiness. Provide technical guidance to engineers conducting audit log analysis, threat hunts, and RCA activities.
Incident Management and Communication: Track and report on key cloud security KPIs, metrics, and control effectiveness. Review and refine policies, standards, SOPs, and guidelines related to cloud operations. Lead knowledge transfer sessions.
**Required technical and professional expertise**
Technical Requirements:
* More than 5 years in cloud security consulting, architecture, or posture management.
* Proven and extensive experience with Prisma Cloud (CSPM/CWPP) and SSPM platforms.
* Hands-on experience integrating alerts into SIEM/SOAR tools like Google SecOps.
* Familiar with cloud-native and hybrid environment architecture in AWS, Azure, or GCP
* Familiar with compliance frameworks: NIST CSF, CIS, GDPR, PCI DSS.
* Experience integrating alerts and posture signals into SIEM/ITSM (e.g., Chronicle, Splunk, ServiceNow)
Soft Skills:
* Strong analytical and problem-solving abilities with keen attention to detail.
* Excellent communication and collaboration skills, with the ability to interact effectively with stakeholders at all levels.
* Capable of managing multiple priorities in a fast-paced, dynamic environment.
**Preferred technical and professional experience**
Certifications: CCSP, GCSA, CISSP, CRISC, CISA, AWS/Azure/GCP Security Specialty ( or any cloud platform-specific certs), Prisma Cloud Certification (e.g., Palo Alto Networks Certified Cloud Security Engineer-PCCSE), Google Cybersecurity Professional Certificate or SIEM-specific trainings (e.g., Chronicle)
IBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.

COMPANY PROFILE: Develop significant traveler supplier ties outside of the United States. Known as one of the country's top travel companies.
br>Position: Information Security Engineer
Company Industry: Travel Industry
Work Location: Makati Site, QC, Alabang, Cebu, and Bacolod
Work Schedule: Flexible Schedule, Rotational Shift
Salary: Php 40,000-60,000
Work Set Up: Onsite/Hybrid

JOB REQUIREMENTS:
• Bachelor’s degree in Computer Science, Information Technology, or related fields.
• W th strong verbal and written communication skills, with technical writing experience. < r>• W th relevant certifications is advantage (e.g., CompTIA Security+, GSEC, CEH, CISSP, etc.) < r>• E perience in cloud, network, server and database security < r>
JOB RESPONSIBILITIES:
• O ersee the establishment, dissemination, and regular revisions to CTPI's information security policy. < r>• E sure policies are consistent with developing threats, industry best practices, and standards such as ISO 27001 and SOC 2. < r>• W rk with subject matter experts (SMEs) to identify vulnerabilities in networks, hardware, software, and procedures. < r>• P ovide security solutions and guidance for system and software development in accordance with ISDP policies. < r>• P ovide Level 1 cybersecurity incident response (CIRT), including threat analysis and security event evaluations. < r>• M ke recommendations regarding incident management and mitigation. < r>• P epare and present cybersecurity reports to management. < r>• S ay current on industry developments, technology, and processes to consistently strengthen CTPI's security posture. < r>
RECRUITMENT PROCESS: (ONLINE)
Initial Interview
Technical Assessment
Final Interview
Job offer

**_What User Access Management contributes to Cardinal Health_**
The User Access Management team is responsible for managing identity and attributes for employees, contractors, customers, vendors, etc.
Ensures compliance with Cardinal Health security requirements for applications in the organization in relation to identity and access.
Analysts within the team ensure the right access to the right applications at the appropriate time through provisioning efforts, IdentityIQ management, SAP, and approval enforcement.
**_Functional Competencies_**
+ Maintain efforts to streamline the user provisioning processes.
+ Improve the transparency of access for our entitlement owners and managers.
+ Serve as the point of escalation from the business and IT; execute the provisioning steps needed to ensure an efficient and compliant process.
+ Partner with application teams to provide security, governance, and provisioning services enterprise-wide.
+ Minimum cross knowledge to provide process improvement of how the ENTIRE team works together to streamline job functions.
**_Activities/accountabilities include the following:_**
+ Partners with application teams to create/streamline provisioning processes.
+ Serve as liaison between business and IT to determine appropriate access for users, including user consultations, SoD checks, and access determination.
+ Able to take a group of users, review the access and identify changes that can be made to ensure consistency and repeatability in provisioning that group.
+ Ensures the consistency and cleanliness of the environments we manage.
+ Ensures all documentation on tasks performed has been updated and published in a shared location.
+ Act as an advocate for access controls and identity access management (IAM) services, ensuring correct/appropriate standards and processes are being adhered to
+ Achieve quality review standards of no repeat errors.
+ Initiate regular reviews of user to role mappings to ensure access meets the security design and security/access related problem resolution.
+ Focus on automation opportunities/improvements.
**_Qualifications_**
+ Application access support/administration
+ Functional experience with security principles, specifically access management.
+ Process improvement and lean principles.
_Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._
_Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._
_To read and review this privacy notice click_ here (

The Information Security Specialist will be responsible in monitoring the systems and networks for security threats and issues, investigate security breaches and other cybersecurity incidents, install and configure security measures and operate software designed to protect systems and information infrastructure, including firewalls and data encryption programs, analyze network traffic, intrusion attempts, activity logs, and system alerts for trends, anomalies, and potential security breaches, perform spot audits to identify non-compliances and help ensure security policies and standards are strictly followed. He/she will also help improve security awareness in the assigned area.

**Job Type**: Permanent

**Information Security Manager**
Responsibilities and Duties
- Help design, implement, and maintain the organization's cybersecurity plan.
- Develop and direct implementation of security standards and best practices for the organization.
- Recommend security enhancements to Technology management.
- Manage a team of Infosec Specialists who will:

- Monitor the organization's networks for security breaches and investigate violations when they occur
- Deploy security tools (e.g., firewalls, data encryption), to protect sensitive information.
- Conduct Quarterly Security Health check
- Perform Information Security Risk Assessment
- Help ensure cybersecurity-related audit findings are mitigated

**Job Type**: Permanent

Qualification:

- Atleast 10 yrs demonstrated expertise in relevant information security technologies
- Experience on risk management, data protection, and Information Security
- Knowledge of key government regulations and local laws
- Experience in the implementation, support and operation of security technologies

**Benefits**:

- Health insurance
- Life insurance

Schedule:

- 8 hour shift
- Day shift
- Night shift

Ability to commute/relocate:

- Pasig City: Reliably commute or planning to relocate before starting work (required)

Position Overview:
As a Security Architect, you will engage across various domains within information security, focusing on: br>Evaluating and auditing existing security controls and solutions.
Designing and implementing new security measures.
Providing expert counsel within the department and beyond.
Assisting in the design and optimization of our SIEM/MDR solutions.
Conducting risk assessments for infrastructure, applications, and vendors.

Qualifications:
Bachelor's degree in any field; degrees in Information Security, Computer Science, or Software Engineering preferred but not mandatory.
Certifications such as Azure Architect, Azure Security, OSCP, OSEP, CISSP, Security+, ISO 27001, CISM, or CRISC are advantageous but not required.
Excellent English communication skills.
Knowledge in areas such as:
Risk Management
Third-Party Risk Management
Control Management
Security Frameworks (ISO 27001/27002/27005, NIST 800-53, NIST CSF)
Policy and Procedure Development
Infrastructure and Cloud Security (Azure)
MDR/SIEM/Log Analytics
Incident Response
Vulnerability and Penetration Testing
Identity and Access Management (IAM)
Technical Security and Risk Assessments
Disaster Recovery Planning
Willingness to engage with the CISO on professional matters.

Job Scope:
To manage all RX security assessments and play a key part in ensuring RX's security compliance optimization. Monitor assessments while ensuring that Reed Exhibitions internal systems are compliant with RELX and industry standards. Proactively manage the third-party risk assessments, compliance evidence gathering of their IT services, infrastructure, applications and relevant services against their Security policies and related frameworks. Training and development will be provided in all areas of the role as required.
Key Responsibilities:
Security Assessment Management
+ Serve as an advanced technical advisor for third-party assessments, providing detailed security insights and solutions.
+ Perform in-depth security reviews and risk assessments for new and existing third-party vendors, ensuring compliance with organizational and regulatory requirements.
+ Demonstrate advanced knowledge in RELX security compliance policies and procedures.
+ Stay current with updates and developments in security standards such as OWASP Top 10, ISO27001, and SOC 2, and ensure their proper implementation across the organization.
+ Develop and deliver training and awareness on security policies and standards to business units.
+ Gain in-depth knowledge of the organization's major infrastructure security controls, ensuring they align with RELX Policies and Standards, industry best practices, and regulatory requirements.
+ Coordinate with technology/service owners and business owners to conduct annual security audits, vulnerability assessments, and penetration tests where applicable.
+ Work collaboratively within all business areas and key stakeholders to ensure the review and approach of all security governance, risk, and compliance scope is appropriate and proactive.
+ Ensure continuous monitoring and reporting of compliance and risk status against NIST2.0, RELX Framework, ISO27001, SOC2, PCI DSS, regional and global regulations, and all other relevant standards.
+ Support internal and external audits by providing detailed documentation and evidence of security controls and practices.
+ Perform RX Business Unit and Third-Party security audits according to the CISO office strategic plan and produce detailed documentation and evidence against security controls and practices tested.
+ Act as a point of escalation for security-related incidents, providing advanced security support and guidance to Level I Analysts and other team members.
+ Provide regular updates and at least monthly metric reports to senior management on security compliance and risk posture.
+ Escalation of high impact security issues to Security Compliance Manager.
Ideal candidate profile:
Technical Skills:
+ Bachelor's Degree holder.
+ Background in IT, compliance, and/or information security.
+ Ability to work across all levels of seniority within business teams to drive a working partnership.
+ Strong analytical and critical thinking skills.
+ Understanding of industry standards for IT security (e.g., ISO27001/2, SOC 2, PCI DSS).
+ Basic understanding of IT security applications (e.g., firewalls, intrusion detection, virus protection).
+ Understanding of IT security testing and vulnerability management, and Threat Modeling.
+ Understanding in Cloud Environment (e.g., AWS, Azure or GCP)
+ Understanding of Service Level Management.
+ Desired understanding of OneTrust portal or Similar.
+ With CompTIA Security+ or Similar or Higher.
Personal Skills:
+ Ability to work across all levels of seniority within the organization and suppliers to drive a working partnership.
+ Good communication skills at all levels, both oral and written.
+ Good interpersonal skills.
+ Ability to produce effective influence and persuasive arguments in support of security assessment process goals.
+ Highly driven and self-motivated individuals.
+ Skilled in project management and able to work independently in a fast-paced environment.
We are committed to providing a fair and accessible hiring process. If you have a disability or other need that requires accommodation or adjustment, please let us know by completing our Applicant Request Support Form or please contact 1- .
Criminals may pose as recruiters asking for money or personal information. We never request money or banking details from job applicants. Learn more about spotting and avoiding scams here .
Please read our Candidate Privacy Policy .
We are an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law.
USA Job Seekers:
EEO Know Your Rights .
RELX is a global provider of information-based analytics and decision tools for professional and business customers, enabling them to make better decisions, get better results and be more productive.
Our purpose is to benefit society by developing products that help researchers advance scientific knowledge; doctors and nurses improve the lives of patients; lawyers promote the rule of law and achieve justice and fair results for their clients; businesses and governments prevent fraud; consumers access financial services and get fair prices on insurance; and customers learn about markets and complete transactions.
Our purpose guides our actions beyond the products that we develop. It defines us as a company. Every day across RELX our employees are inspired to undertake initiatives that make unique contributions to society and the communities in which we operate.