11 Security Analysis jobs in the Philippines

Job Scope:
To manage all RX security assessments and play a key part in ensuring RX's security compliance optimization. Monitor assessments while ensuring that Reed Exhibitions internal systems are compliant with RELX and industry standards. Proactively manage the third-party risk assessments, compliance evidence gathering of their IT services, infrastructure, applications and relevant services against their Security policies and related frameworks. Training and development will be provided in all areas of the role as required.
Key Responsibilities:
Security Assessment Management
+ Serve as an advanced technical advisor for third-party assessments, providing detailed security insights and solutions.
+ Perform in-depth security reviews and risk assessments for new and existing third-party vendors, ensuring compliance with organizational and regulatory requirements.
+ Demonstrate advanced knowledge in RELX security compliance policies and procedures.
+ Stay current with updates and developments in security standards such as OWASP Top 10, ISO27001, and SOC 2, and ensure their proper implementation across the organization.
+ Develop and deliver training and awareness on security policies and standards to business units.
+ Gain in-depth knowledge of the organization's major infrastructure security controls, ensuring they align with RELX Policies and Standards, industry best practices, and regulatory requirements.
+ Coordinate with technology/service owners and business owners to conduct annual security audits, vulnerability assessments, and penetration tests where applicable.
+ Work collaboratively within all business areas and key stakeholders to ensure the review and approach of all security governance, risk, and compliance scope is appropriate and proactive.
+ Ensure continuous monitoring and reporting of compliance and risk status against NIST2.0, RELX Framework, ISO27001, SOC2, PCI DSS, regional and global regulations, and all other relevant standards.
+ Support internal and external audits by providing detailed documentation and evidence of security controls and practices.
+ Perform RX Business Unit and Third-Party security audits according to the CISO office strategic plan and produce detailed documentation and evidence against security controls and practices tested.
+ Act as a point of escalation for security-related incidents, providing advanced security support and guidance to Level I Analysts and other team members.
+ Provide regular updates and at least monthly metric reports to senior management on security compliance and risk posture.
+ Escalation of high impact security issues to Security Compliance Manager.
Ideal candidate profile:
Technical Skills:
+ Bachelor's Degree holder.
+ Background in IT, compliance, and/or information security.
+ Ability to work across all levels of seniority within business teams to drive a working partnership.
+ Strong analytical and critical thinking skills.
+ Understanding of industry standards for IT security (e.g., ISO27001/2, SOC 2, PCI DSS).
+ Basic understanding of IT security applications (e.g., firewalls, intrusion detection, virus protection).
+ Understanding of IT security testing and vulnerability management, and Threat Modeling.
+ Understanding in Cloud Environment (e.g., AWS, Azure or GCP)
+ Understanding of Service Level Management.
+ Desired understanding of OneTrust portal or Similar.
+ With CompTIA Security+ or Similar or Higher.
Personal Skills:
+ Ability to work across all levels of seniority within the organization and suppliers to drive a working partnership.
+ Good communication skills at all levels, both oral and written.
+ Good interpersonal skills.
+ Ability to produce effective influence and persuasive arguments in support of security assessment process goals.
+ Highly driven and self-motivated individuals.
+ Skilled in project management and able to work independently in a fast-paced environment.
We are committed to providing a fair and accessible hiring process. If you have a disability or other need that requires accommodation or adjustment, please let us know by completing our Applicant Request Support Form or please contact 1- .
Criminals may pose as recruiters asking for money or personal information. We never request money or banking details from job applicants. Learn more about spotting and avoiding scams here .
Please read our Candidate Privacy Policy .
We are an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law.
USA Job Seekers:
EEO Know Your Rights .
RELX is a global provider of information-based analytics and decision tools for professional and business customers, enabling them to make better decisions, get better results and be more productive.
Our purpose is to benefit society by developing products that help researchers advance scientific knowledge; doctors and nurses improve the lives of patients; lawyers promote the rule of law and achieve justice and fair results for their clients; businesses and governments prevent fraud; consumers access financial services and get fair prices on insurance; and customers learn about markets and complete transactions.
Our purpose guides our actions beyond the products that we develop. It defines us as a company. Every day across RELX our employees are inspired to undertake initiatives that make unique contributions to society and the communities in which we operate.

About the role: As a Cyber Security Analyst – Tier 1 in the Security Operations Center (SOC), you will be the first responder for business-impacting cyber security incidents that arise in our customers' environments. Fast, effective, and courteous service is the lifeblood of our organization, and this position requires nothing less. Your technical acumen will be challenged daily. Quick thinkers who can make decisions on their feet will be successful in this job.
br>What You’ll Do: < r>- Monitor cyber security tools to identify, triage, and report security incidents to customers.
- Leverage available cyber security capabilities to contain security incidents to prevent the lateral spread of malware or lateral movement of attackers.
- Conduct cyber security investigations to identify and rule out false positive security incidents.
- Provide additional cyber security investigatory support to customers as needed.
- Work with a team of like-minded professionals to monitor customer ticket queues and triage tickets that need immediate attention. We service customers as small as 10 users, up to multi-national enterprises.
- Follow pre-defined playbooks and runbooks and collaborate with other technical resources, where appropriate.
- Monitor and process event tickets on a prioritized basis as to the customer impact and urgency of these events.
- Remain cognizant of customer service-level agreements, and strive to meet or exceed them on a regular basis.
- Participate in Incident Management by providing situational reports (sitreps) via ticket updates and/or customer-facing communications.
- Provide first level technical resolution for cyber security incidents.
- Collaborate with our Network Operations Center (NOC) as needed, to document incidents, maintenance, and problems.
- Utilize various systems management tools to monitor availability, reliability, and performance of customer environments.
- Demonstrate problem solving skills that contribute towards the resolution of any issues that arise.
- Quickly assess an issue and form an understanding of the likely root cause in unfamiliar technical environments and technologies.
- Investigate, resolve, and/or escalate matters of significance pertaining to customer alerts and events.
- Document solutions, processes, procedures and present them in writing, verbally on the phone or in-person.
- Commit to professional growth and development by maintaining and/or obtaining new industry specific certifications.

What Skills & Experience You’ll Need: < r>- Experience with monitoring and using a SIEM
Azure Sentinel preferred (Splunk, Elastic, QRadar are nice to have)
- Experience supporting and administering the following is highly desired:
> Crowdstrike (or a similar nextgen endpoint solution)
> Azure or AWS cloud environments, including compute, storage, networking basics, and backups.
> Microsoft O365
> Windows Server OS: Windows 2012 through Windows 2019, including ADDS, DNS, DHCP, DFS, file/print services, PowerShell basics.
- Networking Basics (CompTIA Network+ equivalent).
- At least one of the following industry certifications highly desired: Security+, Network+, CEH, GCIH.
- A curious disposition.
- Strong documentation, reporting, analytical and problem-solving skills.
- The ability to effectively engage in customer-facing communications.

Preferred Qualifications:
- Experience with any of the following tools: Kaseya VSA, Auvik.
- Experience working in IT enterprises that use industry frameworks such as ITIL, COBIT, or MOF.

Who we are:
br>eFlexervices is a BPO company with a legacy spanning 24 years. We've honed our craft in providing exceptional quality and building unshakable trust. At eFlex, we're not just a BPO company – we're your partners in success. Our approach is all about finding the perfect match between talent and the organizations we support. We're not just investing in our work; we're investing in people, optimizing performance, and maximizing efficiency. We are all about exceptional quality and unwavering trust. < r>
What we are looking for:

Are you ready to take your expertise to the next level? At eFlexervices, we're not just hiring a Technical Security & Compliance Analyst – we're empowering your talent to deliver quality and performance. Join us in shaping the success and making an impact that truly matters. < r>
The Technical Security & Compliance Analyst is a critical role focused on maintaining and enhancing an organization's security posture and regulatory adherence by managing technical and operational compliance activities for standards like SOC 2, ISO 27001, HIPAA, and GDPR. This involves the meticulous implementation, continuous monitoring, and thorough documentation of technical controls to protect sensitive data and systems, with all findings recorded in a compliance automation platform. The role demands a deep understanding of security frameworks, regulatory requirements, and technical infrastructure, serving as a vital link between technical and audit teams to mitigate risks, ensure data privacy, and uphold the organization's commitment to security and compliance.

What you’ll be doing: < r>
Operate and maintain the compliance automation tool (e.g., Vanta, Scytale, Secureframe).
Ensure device compliance (encryption, antivirus, MDM policies) across all endpoints.
Conduct periodic access reviews and enforce MFA.
Perform regular vulnerability scans and coordinate remediation with IT/dev teams.
Maintain secure configurations for cloud infrastructure.
Collect and upload technical evidence for audits.
Assist with incident detection, investigation, and response.
Collaborate with internal teams to close compliance gaps.

Qualifications and Requirements:

Bachelor’s degree in IT, Computer Science, Cybersecurity or related field. < r>2+ years in IT security, compliance, or systems administration.
Relevant security certifications such as Security+, CISA, CRISC, CISM, CISSP
Familiarity with SOC 2, ISO 27001, HIPAA, and GDPR preferred.
Experience with compliance or GRC tools is a plus.
Strong knowledge of endpoint, network, and cloud security.
Highly organized with strong attention to detail.
Proactive problem solver who can work independently.
Strong analytical and problem-solving skills

Benefits and Perks:

At eFlex, we're not just a workplace – we're a community of playmakers, committed to fostering growth, learning, and personal connections. Here's what's in store for you: < r>
Living Our Values: We don't just talk the talk; we walk the walk. From learning and personal growth to caring deeply about our team and clients, our values are the compass guiding our vibrant workplace.

Competitive Compensation: Your hard work deserves recognition. Enjoy a competitive salary and benefits package, including comprehensive HMO coverage and optical reimbursements.

Flexible Work Options: Work your way! If you're outside Baguio City, embrace a permanent work-from-home setup. For those within Baguio, our hybrid work model offers the best of both worlds.

Wellness Matters: Recharge and refresh! Our flexible vacation and sick leaves empower you to prioritize your well-being, ensuring a healthy work-life balance.

Pathways to Success: Your journey with us is brimming with growth opportunities. We're dedicated to nurturing your career and supporting your rise through the ranks.

Ready to embark on an enriching journey? Join the eFlex family and experience a workplace that values your individuality and success. Let's thrive together!

**OPENTEXT - THE INFORMATION COMPANY**

As the Information Company, our mission at OpenText is to create software solutions and deliver services that redefine the future of digital. Be part of a winning team that leads the way in Enterprise Information Management.

**Principal Security Compliance Analyst**

**Opentext - The Information Company**

As the Information Company, our mission at OpenText is to create software solutions and deliver services that redefine the future of digital. Be part of a winning team that leads the way in Enterprise Information Management.

**The Opportunity**

The Principal Security Compliance Analyst will have the opportunity to impact meaningfully contribute to the OpenText Compliance Program in accordance with ISO 27001, PCI-DSS, SOC1/2, HIPAA, SOC2+HITRUST, SWIFT, Cyber Essentials+ and FedRAMP. The Principal Security Compliance Analyst plays a key role in the continued development and maturity of an ever-growing Security Compliance Program that supports the delivery of compliance certifications to support customer security requirements. In this role, you will be involved in leading and sustaining the various compliance programs by working collaboratively with internal teams, SMEs, external customers, vendors, auditors and other stakeholders.

**You Are Great At**
- Setting strategic direction for audit readiness, managing compliance programs, driving continuous improvement activities, delivering dashboarding & reporting metrics.
- Effectively communicating compliance program results, including assessment status, workflow, remediation, and reporting, to a broad audience including peers and senior leaders.
- Coordinating the overarching annual audit plan with internal and external auditors to support delivery of multiple, simultaneous audits and certifications (both new and existing) within the Open Text portfolio
- Supporting delivery of audit milestones to ensure audit timelines stay on target by proactively identifying and coordination resolution of roadblocks, compliance risk.
- Collaborating cross-functionally with technology and business stakeholders to drive, track, and resolve all aspects of compliance readiness and audit execution.
- Participating in, or potentially leading, gap assessment, compliance readiness, and compliance monitoring activities.
- Developing metrics and dashboards for reporting on assigned compliance programs

**What It Takes**
- 7+ years of experience in IT audit and/or compliance, with a concentration on leading multiple, simultaneous audit engagements for a Cloud Service Provider, encompassing multiple frameworks
- Detailed understanding of evaluating the design and effectiveness of controls and experience working with auditors/regulators for compliance assessments
- Experience leading preparation for and/or managing assessment activities (SOC 2, ISO 27001, PCI DSS, HIPAA/HITRUST, SOX, SWIFT, FedRAMP etc.) for assigned cloud services through assessment planning, assessment fieldwork, and final report delivery
- Experience building certification roadmaps based on customer requirements, compliance documentation, and ensuring that committed assessments are delivered on schedule.
- Strong experience planning and overseeing projects to ensure they are completed in a timely fashion
- Ability to effectively communicate risks and issues and provide regular reporting on project status.
- Experience with GRC Tools & Compliance Automation is a plus.
- Strong technical, analytical, interpersonal, communication and writing skills.
- Effective team collaboration plus the ability to coach and mentor others.
- Strong personal characteristics as demonstrated by the following: Owners mindset, achievement-oriented, self-controlled, self-confident, flexible, approachable, and dedicated.
- Required industry standard certifications (CISSP, CISA, ISO 27001 Lead Implementer/Auditor) or equivalent
- Bachelor’s Degree in Information Technology, Business, or related vocations.

**Global Job Posting Footers**:

- Subject to applicable laws and regulations, OpenText’s global vaccination policy requires all employees to be fully vaccinated against COVID-19 to enter an OpenText office. Accommodations may be available for specific roles.

At OpenText we understand and value diversity in our employees and are proud to be an Equal Opportunity Employer.

Subject to applicable laws and regulations, OpenText’s Global Vaccination Policy requires all employees to be fully vaccinated against Covid 19 in order to enter an OpenText office. Accommodations may be available.

**Job Description**
**Are You Ready to Make It Happen at Mondelēz International?**
**Join our Mission to Lead the Future of Snacking. Make It Uniquely Yours.**
You work with the information security team as a competent and experienced information security and compliance specialist.
**How you will contribute**
You will assess information security risks in line with internal policy and external best practices, and support security of information and IT assets by testing security systems and applying security standards, policies, and procedures. Under the guidance of Global Information Security Lead, you will implement cyber security technology and provide day-to-day business support. If relevant to your role, you will manage third-party providers to ensure that any internal or third-party adhere to standards. You will also provide information security training to appropriate teams.
**What you will bring**
A desire to drive your future and accelerate your career. You will bring experience and knowledge in:
+ Information security, compliance and risk management
+ Security solutions and their applicability to Mondelēz International
+ Security strategies, awareness campaigns, policies/standards and governance
+ Communicating effectively with technical specialists, leaders and peers
+ Analytical and problem-solving abilities
+ Being a team player by supporting and leading to achieve common goals
**More about this role**
**What you need to know about this position:**
Performs advanced (senior-level) cybersecurity analysis work. Work involves protecting cybersecurity assets and delivering cybersecurity incident detection, incident response, threat assessment, cyber intelligence, software security, and vulnerability assessment services. May supervise the work of others. Works under limited supervision, with considerable latitude for the use of initiative and independent judgment. The Sr. Analyst job classification series is a subset of information security, which focuses on protecting data from cyber-related attacks. Employees typically monitor for any trace of invasion or improper access of data by performing threat and incident detection, incident response, and forensics activities. In contrast, the SOC Analyst III job classification series does not focus only on protecting data from cyber-related attacks; rather, employees in that series are responsible for protecting information throughout the business process. Employees typically perform governance, risk assessments, and compliance, which involves developing and documenting system security plans, policy development, and process analysis. Other tasks related to this role will be needed.
**What extra ingredients you will bring:**
**Education / Certifications:**
**Job specific requirements:**
**Travel requirements:**
**Work schedule:**
No Relocation support available
**Business Unit Summary**
**At Mondelēz International, our purpose is to empower people to snack right by offering the right snack, for the right moment, made the right way. That means delivering a broad range of delicious, high-quality snacks that nourish life's moments, made with sustainable ingredients and packaging that consumers can feel good about.**
**We have a rich portfolio of strong brands globally and locally including many household names such as** **_Oreo_** **,** **_belVita_** **and** **_LU_** **biscuits;** **_Cadbury Dairy Milk_** **,** **_Milka_** **and** **_Toblerone_** **chocolate;** **_Sour Patch Kids_** **candy and** **_Trident_** **gum. We are proud to hold the top position globally in biscuits, chocolate and candy and the second top position in gum.**
**Our 80,000 makers and bakers are located in more** **than 80 countries** **and we sell our products in** **over 150 countries** **around the world. Our people are energized for growth and critical to us living our purpose and values. We are a diverse community that can make things happen-and happen fast.**
Mondelēz International is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation or preference, gender identity, national origin, disability status, protected veteran status, or any other characteristic protected by law.
**Job Type**
Regular
Relationship Management
Global Business Services
At Mondelēz International, our purpose is to empower people to snack right through offering the right snack, for the right moment, made the right way. That means delivering a broader range of delicious, high-quality snacks that nourish life's moments, made with sustainable ingredients and packaging that consumers can feel good about.
We have a rich portfolio of strong brands - both global and local. Including many household names such as Oreo, belVita and LU biscuits; Cadbury Dairy Milk, Milka and Toblerone chocolate; Sour Patch Kids candy and Trident gum. We are proud to hold the number 1 position globally in biscuits, chocolate and candy as well as the No. 2 position in gum
Our 80,000 Makers and Bakers are located in our operations in more than 80 countries and are working to sell our products in over 150 countries around the world. They are energized for growth and critical to us living our purpose and values. We are a diverse community that can make things happen, and happen fast.
Join us and Make It An Opportunity!
Mondelez Global LLC is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected Veteran status, sexual orientation, gender identity, gender expression, genetic information, or any other characteristic protected by law. Applicants who require accommodation to participate in the job application process may contact for assistance.

**Job Description**
**Are You Ready to Make It Happen at Mondelēz International?**
**Join our Mission to Lead the Future of Snacking. Make It Matter.**
You work closely with functions and business units to develop roadmaps and to plan agreed-to outcomes. In this role, you ensure that commitments are met, and serve as the point of contact for Mondelēz International Digital Services.
**How you will contribute**
You will serve as the point of contact for issues and challenges that arise in the processes used in the shared services team and/or with third-party suppliers. In addition, you will support internal and external continuous improvement initiatives and manage business projects through to completion. You will also provide business consultancy and manage operational processes by ensuring that key performance indicators and performance management targets are met, and by sharing best practices and taking responsibility in the super key user community.
**What you will bring**
A desire to drive your future and accelerate your career. You will bring experience and knowledge in:
+ Shared services in a global environment
+ Building and maintaining effective partnerships with internal stakeholders and suppliers
+ Customer service and effectively leading relationships with demanding customers
+ Communicating effectively, organizational, problem-solving, analytical and multi-tasking skills
+ Operating effectively in a changing environment and using initiative and personal resourcefulness to proactively manage contingency or "emergency" situations
+ Using data to make recommendations and decisions
+ Key performance indicators, managerial reporting, forecasting and budgeting
**More about this role**
**What you need to know about this position:**
**What extra ingredients you will bring:**
**Education / Certifications:**
**Job specific requirements:**
**Travel requirements:**
**Work schedule:**
No Relocation support available
**Business Unit Summary**
**At Mondelēz International, our purpose is to empower people to snack right by offering the right snack, for the right moment, made the right way. That means delivering a broad range of delicious, high-quality snacks that nourish life's moments, made with sustainable ingredients and packaging that consumers can feel good about.**
**We have a rich portfolio of strong brands globally and locally including many household names such as** **_Oreo_** **,** **_belVita_** **and** **_LU_** **biscuits;** **_Cadbury Dairy Milk_** **,** **_Milka_** **and** **_Toblerone_** **chocolate;** **_Sour Patch Kids_** **candy and** **_Trident_** **gum. We are proud to hold the top position globally in biscuits, chocolate and candy and the second top position in gum.**
**Our 80,000 makers and bakers are located in more** **than 80 countries** **and we sell our products in** **over 150 countries** **around the world. Our people are energized for growth and critical to us living our purpose and values. We are a diverse community that can make things happen-and happen fast.**
Mondelēz International is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation or preference, gender identity, national origin, disability status, protected veteran status, or any other characteristic protected by law.
**Job Type**
Regular
Relationship Management
Global Business Services
At Mondelēz International, our purpose is to empower people to snack right through offering the right snack, for the right moment, made the right way. That means delivering a broader range of delicious, high-quality snacks that nourish life's moments, made with sustainable ingredients and packaging that consumers can feel good about.
We have a rich portfolio of strong brands - both global and local. Including many household names such as Oreo, belVita and LU biscuits; Cadbury Dairy Milk, Milka and Toblerone chocolate; Sour Patch Kids candy and Trident gum. We are proud to hold the number 1 position globally in biscuits, chocolate and candy as well as the No. 2 position in gum
Our 80,000 Makers and Bakers are located in our operations in more than 80 countries and are working to sell our products in over 150 countries around the world. They are energized for growth and critical to us living our purpose and values. We are a diverse community that can make things happen, and happen fast.
Join us and Make It An Opportunity!
Mondelez Global LLC is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected Veteran status, sexual orientation, gender identity, gender expression, genetic information, or any other characteristic protected by law. Applicants who require accommodation to participate in the job application process may contact for assistance.