16 Security Consultant jobs in the Philippines

**Introduction**
We are seeking a highly skilled and experienced Cloud Security Consultant who will be responsible for the governance, strategy, and advisory aspects of cloud security. The individual will drive the adoption and continuous improvement of the Cloud Security Framework while overseeing the effective use of CSPM, CWP, and SSPM platforms across AWS, Azure, and GCP.
**Your role and responsibilities**
As a Cloud Security Consultant you will play a crucial role in strategic security planning, ensuring compliance with industry regulations and frameworks, and driving continuous improvement through automation and orchestration.This encompasses managing key performance indicators (KPIs), conducting regular security exercises, and collaborating effectively with other IT and security teams to enhance overall security monitoring and response capabilities. The ideal candidate will possess a deep understanding of current and emerging cyber threats and a proven ability to lead and motivate a team in a fast-paced, high-pressure environment.
Your primary responsibilities include:
Cloud Security Management and Compliance: Define, maintain, and enhance the organization's Cloud Security Framework in alignment with regulatory (e.g., BSP, DPA) and industry (e.g., NIST, CSA) standards. Provide cloud security governance across multi-cloud platforms (AWS, Azure, GCP). Oversee baseline and periodic posture assessments and trend analysis reporting. Oversee compliance reporting activities aligned with regulatory frameworks (PCI DSS, GDPR, NIST, CIS).
Cloud Security Optimization: Lead the development, tuning, and optimization of Prisma Cloud CSPM policies for AWS, Azure, and GCP. Lead onboarding and security posture policy configuration of the SSPM platform for key SaaS apps.
Threat Intelligence and Continuous Improvement: Design detection strategies and RQL-based investigation playbooks. Oversee CWPP alert tuning and ensure alignment with the client's governance protocols. Define and regularly tune posture rules and detection logic based on evolving threats. Continuously assess policy relevance against service updates and compliance mandates.
Cross-Team Collaboration: Collaborate with engineering, SOC, and risk/compliance teams to ensure policy enforcement and incident response readiness. Provide technical guidance to engineers conducting audit log analysis, threat hunts, and RCA activities.
Incident Management and Communication: Track and report on key cloud security KPIs, metrics, and control effectiveness. Review and refine policies, standards, SOPs, and guidelines related to cloud operations. Lead knowledge transfer sessions.
**Required technical and professional expertise**
Technical Requirements:
* More than 5 years in cloud security consulting, architecture, or posture management.
* Proven and extensive experience with Prisma Cloud (CSPM/CWPP) and SSPM platforms.
* Hands-on experience integrating alerts into SIEM/SOAR tools like Google SecOps.
* Familiar with cloud-native and hybrid environment architecture in AWS, Azure, or GCP
* Familiar with compliance frameworks: NIST CSF, CIS, GDPR, PCI DSS.
* Experience integrating alerts and posture signals into SIEM/ITSM (e.g., Chronicle, Splunk, ServiceNow)
Soft Skills:
* Strong analytical and problem-solving abilities with keen attention to detail.
* Excellent communication and collaboration skills, with the ability to interact effectively with stakeholders at all levels.
* Capable of managing multiple priorities in a fast-paced, dynamic environment.
**Preferred technical and professional experience**
Certifications: CCSP, GCSA, CISSP, CRISC, CISA, AWS/Azure/GCP Security Specialty ( or any cloud platform-specific certs), Prisma Cloud Certification (e.g., Palo Alto Networks Certified Cloud Security Engineer-PCCSE), Google Cybersecurity Professional Certificate or SIEM-specific trainings (e.g., Chronicle)
IBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.

**Introduction**
We are seeking a highly skilled and experienced Cloud Security Consultant who will be responsible for the governance, strategy, and advisory aspects of cloud security. The individual will drive the adoption and continuous improvement of the Cloud Security Framework while overseeing the effective use of CSPM, CWP, and SSPM platforms across AWS, Azure, and GCP.
**Your role and responsibilities**
As a Cloud Security Consultant you will play a crucial role in strategic security planning, ensuring compliance with industry regulations and frameworks, and driving continuous improvement through automation and orchestration.This encompasses managing key performance indicators (KPIs), conducting regular security exercises, and collaborating effectively with other IT and security teams to enhance overall security monitoring and response capabilities. The ideal candidate will possess a deep understanding of current and emerging cyber threats and a proven ability to lead and motivate a team in a fast-paced, high-pressure environment.
Your primary responsibilities include:
Cloud Security Management and Compliance: Define, maintain, and enhance the organization's Cloud Security Framework in alignment with regulatory (e.g., BSP, DPA) and industry (e.g., NIST, CSA) standards. Provide cloud security governance across multi-cloud platforms (AWS, Azure, GCP). Oversee baseline and periodic posture assessments and trend analysis reporting. Oversee compliance reporting activities aligned with regulatory frameworks (PCI DSS, GDPR, NIST, CIS).
Cloud Security Optimization: Lead the development, tuning, and optimization of Prisma Cloud CSPM policies for AWS, Azure, and GCP. Lead onboarding and security posture policy configuration of the SSPM platform for key SaaS apps.
Threat Intelligence and Continuous Improvement: Design detection strategies and RQL-based investigation playbooks. Oversee CWPP alert tuning and ensure alignment with the client's governance protocols. Define and regularly tune posture rules and detection logic based on evolving threats. Continuously assess policy relevance against service updates and compliance mandates.
Cross-Team Collaboration: Collaborate with engineering, SOC, and risk/compliance teams to ensure policy enforcement and incident response readiness. Provide technical guidance to engineers conducting audit log analysis, threat hunts, and RCA activities.
Incident Management and Communication: Track and report on key cloud security KPIs, metrics, and control effectiveness. Review and refine policies, standards, SOPs, and guidelines related to cloud operations. Lead knowledge transfer sessions.
**Required technical and professional expertise**
Technical Requirements:
* More than 5 years in cloud security consulting, architecture, or posture management.
* Proven and extensive experience with Prisma Cloud (CSPM/CWPP) and SSPM platforms.
* Hands-on experience integrating alerts into SIEM/SOAR tools like Google SecOps.
* Familiar with cloud-native and hybrid environment architecture in AWS, Azure, or GCP
* Familiar with compliance frameworks: NIST CSF, CIS, GDPR, PCI DSS.
* Experience integrating alerts and posture signals into SIEM/ITSM (e.g., Chronicle, Splunk, ServiceNow)
Soft Skills:
* Strong analytical and problem-solving abilities with keen attention to detail.
* Excellent communication and collaboration skills, with the ability to interact effectively with stakeholders at all levels.
* Capable of managing multiple priorities in a fast-paced, dynamic environment.
**Preferred technical and professional experience**
Certifications: CCSP, GCSA, CISSP, CRISC, CISA, AWS/Azure/GCP Security Specialty ( or any cloud platform-specific certs), Prisma Cloud Certification (e.g., Palo Alto Networks Certified Cloud Security Engineer-PCCSE), Google Cybersecurity Professional Certificate or SIEM-specific trainings (e.g., Chronicle)
IBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start **Caring. Connecting. Growing together.**
**Primary Responsibilities:**
+ Perform audits to identify control gaps and implement corrective action plans
+ Ensure alignment of security policies/standards with IT infrastructure frameworks (e.g., ISO 2700x, NIST, ITIL)
+ Monitor compliance with corrective action plans, and address non-compliance issues appropriately
+ Demonstrate understanding of discovery technologies to identify system vulnerabilities (e.g. scanning tools)
+ Establish appropriate security controls based on defined data classifications to align with applicable laws/regulations/standards
+ Facilitate/lead security incident investigation
+ Analyze business requirements and ensure that solutions meet established security policies and controls
+ Maintain metrics and ensure reporting as appropriate
+ Maintain current knowledge on information security topics and their applicability program requirements
+ Communicate professionally with stakeholders/end users through multiple communication
+ Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so
**Required Qualifications:**
+ Bachelor's degree or higher level of education
+ 6+ years of Information security experience
+ Experience with ISO27001 (ISMS), ISO31000 (Risk management), HITRUST CSF, NIST Cybersecurity Framework, SOC Type1/2
+ Auditing skills and the ability to manage risk assessments / projects independently.
+ Proven excellent communication skills both verbal and written
+ Good presentation skills particularly ability to present technology elements in manner personnel can follow and act
**Preferred Qualification:**
+ CISSP, CISA or ISO27001 Lead Implementer or Lead Auditor certification.
_At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone - of every race, gender, sexuality, age, location and income - deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission._
_Optum is a drug-free workplace. © 2025 Optum Global Solutions (Philippines) Inc. All rights reserved._

Description
The Amazon Web Services Professional Services (ProServe) team is seeking a skilled Delivery Consultant to join our team at Amazon Web Services (AWS). In this role, you'll work closely with customers to design, implement, and manage AWS solutions that meet their technical requirements and business objectives. You'll be a key player in driving customer success through their cloud journey, providing technical expertise and best practices throughout the project lifecycle.
Possessing a deep understanding of AWS products and services, as a Delivery Consultant you will be proficient in architecting complex, scalable, and secure solutions tailored to meet the specific needs of each customer. You'll work closely with stakeholders to gather requirements, assess current infrastructure, and propose effective migration strategies to AWS. As trusted advisors to our customers, providing guidance on industry trends, emerging technologies, and innovative solutions, you will be responsible for leading the implementation process, ensuring adherence to best practices, optimizing performance, and managing risks throughout the project.
The AWS Professional Services organization is a global team of experts that help customers realize their desired business outcomes when using the AWS Cloud. We work together with customer teams and the AWS Partner Network (APN) to execute enterprise cloud computing initiatives. Our team provides assistance through a collection of offerings which help customers achieve specific outcomes related to enterprise cloud adoption. We also deliver focused guidance through our global specialty practices, which cover a variety of solutions, technologies, and industries.
Key job responsibilities
As an experienced technology professional, you will be responsible for:
- Designing and implementing complex, scalable, and secure AWS solutions tailored to customer needs
- Providing technical guidance and troubleshooting support throughout project delivery
- Collaborating with stakeholders to gather requirements and propose effective migration strategies
- Acting as a trusted advisor to customers on industry trends and emerging technologies
- Sharing knowledge within the organization through mentoring, training, and creating reusable artifacts
A day in the life
Working with customers to understand their business challenges around security "in" the cloud and to help design / architect technical solutions to address those business needs.
Support Amazonians and customers across ASEAN region in ongoing projects as the field security SME to consult with and provide prescriptive guidance on standards of good practice around AWS's well-architected, secure and resilient design principles to ensure all customer deliverables and work products are secure by design and in practice.
Lead builders in innovation and build initiatives to deliver innovative solutions to address emerging business needs.
About the team
Diverse Experiences
AWS values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn't followed a traditional path, or includes alternative experiences, don't let it stop you from applying.
Why AWS?
Amazon Web Services (AWS) is the world's most comprehensive and broadly adopted cloud platform. We pioneered cloud computing and never stopped innovating - that's why customers from the most successful startups to Global 500 companies trust our robust suite of products and services to power their businesses.
Inclusive Team Culture
Here at AWS, it's in our nature to learn and be curious. Our employee-led affinity groups foster a culture of inclusion that empower us to be proud of our differences. Ongoing events and learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences, inspire us to never stop embracing our uniqueness.
Mentorship & Career Growth
We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there's nothing we can't achieve in the cloud.
Basic Qualifications
- 10 years' experience in IT security, compliance, or risk management.
- BA/BS degree or equivalent experience.
- Hands-on technical expertise in technology automation, implementation, integration, and/or deployment.
Preferred Qualifications
- AWS experience preferred, with proficiency in a wide range of AWS services (e.g., EC2, S3, RDS, Lambda, IAM, VPC, CloudFormation)
- AWS Professional level certifications (e.g., Solutions Architect Professional) preferred
- Experience with automation and scripting (e.g., Terraform, Python) and knowledge of security and compliance standards (e.g., HIPAA, GDPR)
- Strong communication skills with the ability to explain technical concepts to both technical and non-technical audiences
- Hands-on technical expertise in building and deploying security solutions, capabilities and infrastructure.
- Implementation experience with enterprise security solutions such as SSO, Federation, WAF, IPS, Anti-DDOS, and SIEM and understanding architectural implications of meeting industry standards such as PCI DSS, ISO 27001, GDPR, and NIST frameworks and relevant regulatory frameworks such as Thailand's Personal Data Protection Act B.E. 2562 (2019), BOT Notifications SorNorSor 21/2562, 6/2561, 11/2561, etc.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner.

**BASIC FUNCTIONS**:
1. The Solutions Analyst will support both Sales team and Customers by providing deep dive technical consulting during the pre-selling stage with focus on Network and Security Core Solutions.

2. The Solutions Consultant will provide technical consultation to clients and support the sales team in positioning and selling solutions. Architecting the solution focused on networking and security based on company’s products and services.

**ROLES and RESPONSIBILITIES**:

- Provide pre-sales support assistance to the Customer and Sales Teams on assigned product categories within defined service levels (Core Products).
- Proactively develops and exhibits proficient use of resources, systems and communication skills in order to consistently deliver a quality customer experience.
- Uses knowledge to inform and educate customers to further assist the sales process
- Demonstrates time management skills to effectively accomplish assigned tasks.
- Provide technical support to field sales teams during the sales process. Accountable for the technical validity and interoperability of the solution and the direct relationship with the customers’ strategic business plans.
- Prepares detailed product specifications and diagrams
- Assist in providing low-level design
- Coordinates internal specialists and inter-department activities.
- Customarily and regularly engaged at client facilities and delivers high impact presentations leveraging strong technical skills.
- Conduct POC for assigned product categories within defined service levels (Core Products).
- Attend technical training and enablements conducted by partners and conducts deep dive technical enablements to the customers
- Design, installation/configuration, and troubleshooting proposed solutions during the (Proof of Concept) POC stage
- Manage/Lead POC deployments
- Provides accurate and reliable recommendations to technical problems
- Applies best practices in implementing and providing support during POC
- Generates different types of documentations such as activity status reports and other relevant POC documentations.

**Qualifications**:

- **Required skill(s): Network design and deployment, Security, Cisco Routers, Firewall.**:

- At least 3 year(s) of working experience in the related field is required for this position.
- **Applicants must be willing to work in BGC,Taguig.**:

- **Hybrid Setup (mixed Work from Home and On-site)**:

- Preferably Experienced Employees specializing in IT/Computer - Network/System/Database Admin or equivalent.
- 2 Full-Time position(s) available.

**Job Types**: Full-time, Permanent

**Salary**: Php35,000.00 - Php55,000.00 per month

Schedule:

- 8 hour shift
- Day shift

Supplemental Pay:

- 13th month salary
- Overtime pay
- Performance bonus

Ability to commute/relocate:

- Taguig City: Reliably commute or planning to relocate before starting work (preferred)

**Experience**:

- Network security: 3 years (preferred)
- Presales / Solutions Consultant: 2 years (preferred)

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start **Caring. Connecting. Growing together.**
**Primary Responsibilities:**
+ Ensure third-party supplier's compliance to business requirements - business agreement, policies, procedures, and regulations
+ Lead third-party supplier security risk assessment and remediation activities
+ Research, understand and analyze information security risks applicable to a supplier
+ Conduct discovery call and perform risk-based assessment
+ Review evidence and supporting documentations from the supplier
+ Communicate identified security gaps, provide recommendations, and monitor/track progress until its completion
+ Collaborate with internal stakeholders and management for any process deviations, delays, or escalations
+ Oversee and supervise assigned analyst's work to ensure risk assessment and remediation activities are carried out effectively and efficiently
+ Perform reviews of risk assessment documentation and remediation completion
+ Attend and observe risk assessment and remediation meetings
+ Provide support, guidance and assistance to any inquiries, concerns, or challenges
+ Track completion and ensure that SLA is met
+ Assist with the execution of the Information Risk Governance program
+ Participate in solving complex problems, address issues and challenges
+ Develop or support solutions for process improvement
+ Contribute to training program implementation
+ Lead or participates on special projects
+ Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so
**Required Qualifications:**
+ 5+ years of experience in IT or IS compliance/audit
+ 5+ years of experience with various compliance frameworks and regulations like HITRUST, ISO 27001, SOC 2 Type II, PCI DSS, NIST, etc.
+ Advance level experience in MS Office 365
+ Knowledge and understanding of different security products (MFA, encryption, threat & vulnerability, antivirus, network protection, etc.)
+ Proven solid communication (listening, verbal, written) and presentation skills
+ Proven ability to develop effective relationships with team members, suppliers, and internal stakeholders
**Preferred Qualification:**
+ Certifications: Sec+, CISA, CRISC, CISM, ISO 27001 Lead Auditor, ISC2 CC
_At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes - an enterprise priority reflected in our mission._
_Optum is a drug-free workplace. © 2025 Optum Global Solutions (Philippines) Inc. All rights reserved._

COMPANY PROFILE: Develop significant traveler supplier ties outside of the United States. Known as one of the country's top travel companies.
br>Position: Information Security Engineer
Company Industry: Travel Industry
Work Location: Makati Site, QC, Alabang, Cebu, and Bacolod
Work Schedule: Flexible Schedule, Rotational Shift
Salary: Php 40,000-60,000
Work Set Up: Onsite/Hybrid

JOB REQUIREMENTS:
• Bachelor’s degree in Computer Science, Information Technology, or related fields.
• W th strong verbal and written communication skills, with technical writing experience. < r>• W th relevant certifications is advantage (e.g., CompTIA Security+, GSEC, CEH, CISSP, etc.) < r>• E perience in cloud, network, server and database security < r>
JOB RESPONSIBILITIES:
• O ersee the establishment, dissemination, and regular revisions to CTPI's information security policy. < r>• E sure policies are consistent with developing threats, industry best practices, and standards such as ISO 27001 and SOC 2. < r>• W rk with subject matter experts (SMEs) to identify vulnerabilities in networks, hardware, software, and procedures. < r>• P ovide security solutions and guidance for system and software development in accordance with ISDP policies. < r>• P ovide Level 1 cybersecurity incident response (CIRT), including threat analysis and security event evaluations. < r>• M ke recommendations regarding incident management and mitigation. < r>• P epare and present cybersecurity reports to management. < r>• S ay current on industry developments, technology, and processes to consistently strengthen CTPI's security posture. < r>
RECRUITMENT PROCESS: (ONLINE)
Initial Interview
Technical Assessment
Final Interview
Job offer

**_What User Access Management contributes to Cardinal Health_**
The User Access Management team is responsible for managing identity and attributes for employees, contractors, customers, vendors, etc.
Ensures compliance with Cardinal Health security requirements for applications in the organization in relation to identity and access.
Analysts within the team ensure the right access to the right applications at the appropriate time through provisioning efforts, IdentityIQ management, SAP, and approval enforcement.
**_Functional Competencies_**
+ Maintain efforts to streamline the user provisioning processes.
+ Improve the transparency of access for our entitlement owners and managers.
+ Serve as the point of escalation from the business and IT; execute the provisioning steps needed to ensure an efficient and compliant process.
+ Partner with application teams to provide security, governance, and provisioning services enterprise-wide.
+ Minimum cross knowledge to provide process improvement of how the ENTIRE team works together to streamline job functions.
**_Activities/accountabilities include the following:_**
+ Partners with application teams to create/streamline provisioning processes.
+ Serve as liaison between business and IT to determine appropriate access for users, including user consultations, SoD checks, and access determination.
+ Able to take a group of users, review the access and identify changes that can be made to ensure consistency and repeatability in provisioning that group.
+ Ensures the consistency and cleanliness of the environments we manage.
+ Ensures all documentation on tasks performed has been updated and published in a shared location.
+ Act as an advocate for access controls and identity access management (IAM) services, ensuring correct/appropriate standards and processes are being adhered to
+ Achieve quality review standards of no repeat errors.
+ Initiate regular reviews of user to role mappings to ensure access meets the security design and security/access related problem resolution.
+ Focus on automation opportunities/improvements.
**_Qualifications_**
+ Application access support/administration
+ Functional experience with security principles, specifically access management.
+ Process improvement and lean principles.
_Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._
_Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._
_To read and review this privacy notice click_ here (

The Security Operations analyst job role requires a very motivated goal driven individual with strong interpersonal, communication and organizational skills. Must be detail oriented, with a strong work ethic, able to work with mínimal supervision. The role also requires an individual who will act as a security liaison with groups within and outside of JobTarget IT. The Security Analyst’s primary job role is to reduce risk to JobTarget Information Systems, Platforms and Applications through the understanding and the adherence to a risk management framework and to provide governance through the drafting and socialization of security standards, guidelines, policies, and procedures.

**What We Can Offer**:

- Salary Range (Php 62,500 to Php80,500)
- 20 Paid Time Off with 5 convertible to cash at the end of the year
- HMO (with 2 dependents - co paid)
- Group Life and Accident Insurance
- Other exciting monetary allowances
- Great team, culture, and environment and tons of opportunity for career growth

**Work Schedule**: Day/Night

**Work Type**: Remote / Office-Based / Both

**Position To Fill**: One

**What You'll Do**:
Reducing risk through governance and education:

- Responsible for being the Subject Matter Expert (SME) for Information Security Incident Response Actions, ensuring incidents are properly triaged, addressed, tracked, and closed.
- Create Incident Response Playbooks and help in developing Standard Operating Procedures (SOP).
- Responsible for performing internal and external security assessments/testing to validate the effectiveness of current security infrastructure using commonly available security assessment tools and make recommendations to remediate identified risks or vulnerabilities.
- Responsible for review and audit of assets such as VPN, Firewall, & IDS/IPS Configuration & Management.
- Responsible for assisting in the development of appropriate security related policies, procedures, guidelines, standards, benchmarks/metrics and/or processes for network infrastructure, servers, firewalls, intrusion detection/prevention (IDS/IPS) appliances and software.
- Responsible for assisting in various projects to ensure corporate governance of security and compliance with applicable regulations.
- Generates Information Security metrics and reports for executive leadership
- Liaisons with Legal for vendor management, e-discovery, and basic forensics
- Directs Security Awareness Training for employees
- Develops policy documentation

**What You Need to Qualify**:
**Core Skills**:

- Acts responsibly with sensitive and confidential information
- Is creative and resourceful as a problem solver
- Consistently demonstrates the drive to deliver successfully even under difficult timelines
- Has strong analytical, methodical, investigative and auditing skills
- Knows when to make practical rational decisions that reduce risk to JobTarget information and Information systems
- Good written and verbal communications skills
- Good technical writing skills
- A critical logical thinker who is efficient and methodical

**TECHNICAL SKILLS**

Good understanding of the following:

- Background in a security governance model such as NIST, ISO, PCI, or HIPPA.
- Experience in developing cybersecurity policies and procedures
- Familiarity with risk management frameworks.
- Familiarity with Asset Management
- Able to define and understand various lines of business and the relationship to cybersecurity roles, responsibilities, and risk management decisions.
- Familiarity with access control management and strategies
- Able to manage vulnerability remediation through use of mitigation strategies
- Familiarity with security control assessments and procedures
- Ability to perform audits of systems, software, and security controls
- Familiarity with administering a corporate security awareness training program
- Experience with vetting vendors and vendor management
- Familiarity with legal and regulatory compliance requirements.
- HIDS/NIDS
- Network Monitoring Tools
- Case Management System
- Web Security Gateway
- Data Loss Prevention
- Network Access Control
- Encryption
- Vulnerability Identification

**Job Experience**:

- 5 years in a role within Information Technology
- 1-3 years documentation experience

**Desired Technical Certifications**:

- Security+ or equivalent

**Desired Education**:

- Bachelor’s Degree Required or equivalent experience

**Job Types**: Full-time, Permanent

**Salary**: Php62,500.00 - Php80,500.00 per month

**Benefits**:

- Health insurance
- Life insurance
- Opportunities for promotion

Schedule:

- 8 hour shift

Supplemental pay types:

- 13th month salary