168 Security Consulting jobs in the Philippines

Responsible for securing data, network, and applications in system development or system implementations. Perform threat modeling, business and technical process analysis, application security and architecture reviews to evaluate, identify vulnerabilities and enforce security controls in IT and application systems. Ensures coordination of penetration testing support and vulnerability validation scans of systems projects.

Key Responsibilities:

● Work closely with cross-functional teams - ITG Infrastructure team, ITG DevOps team, Developers, Solutions and Enterprise Architects, Technical Project Managers, Delivery Managers and Project Proponents.

● Helps to improve the security health of the application systems, information processing

facilities and connected services of the bank by:

● Providing security consulting services on information security related matters for on premise and cloud-based project implementations and deployments.

● Serves as project security technical point of contact for system development as it relates to automation, continuous integration/continuous deployment activities and products/services being developed and deployed across the full application development life cycle.

● Ensure enforcement of security requirements across all new application systems and API deployments.

● Performs threat modeling and business/technical process analysis to identify vulnerabilities/weaknesses on processes and technology implementations thru a documented analysis and assessment report.

● Standardize the technical, functional and administrative security requirements covering areas of application system, technical design and architecture.

● Ensures that the security requirements align with the business objective of the application systems to be implemented.

● Provides consulting on technical designs and solutions to address infrastructure security and application security related weaknesses.

● Collaborate with relevant stakeholders to implement security improvements.

● Collaborate with the appropriate subject matter expert in Security Architecture and Innovation Department in reviewing security architecture and addressing architecture concerns in a project.

● Ensures that source code reviews are performed and validated across all platforms and frameworks.

● Coordinates application vulnerability scanning and penetration testing remediation activities with ITG developers.

● Assist with vulnerability prioritization and provide guidance on resolution.

● Ensures that standard security requirements are kept updated.

● Maintains an expert knowledge in the field of Information Security and the related issues, systems, processes, products, and services. Stay current with best security practices.

● Collaborates with other ITG Servicing units and application teams to harden its operating systems and application systems to better protect user data when implemented.

● Proactively works with the Department Head in implementing programs for the continuous improvement of the bank's information security posture.

● Perform other information security governance, risk and compliance related duties and responsibilities as directed by the Department Head.

Qualifications

● Graduate of any college degree in Computer Science or Information Security, or related technical field of expertise.

● General understanding of regulatory compliance and how it relates to application security and privacy.

● Certification training may include CISA, CISM, SANS GIAC, CISSP, PCI-DSS, etc.)

● Understanding of network and application security risks and how to address them.

● History of designing, developing, or customizing application systems is a plus.

● Extensive and deep technical knowledge/understanding of system development, typically ranging from front-end user interfaces all the way to the back-end systems of both on premise and cloud deployment.

● Working knowledge of on premise and cloud architectures.

● Strong familiarity with web protocols and web services, networking concepts and encryption.

● Understanding of Microsoft, Linux/Unix security architecture.

● Strong attention to detail, analytical, and problem-solving skills. Thinking logically and intuitively; strong learning agility with the ability to learn new processes/patterns

● Result-orientated in terms of disposition for corrective action and security remediation.

● Have good teamwork and collaboration skills, a good team player with the ability to lead.

● Good written and verbal communication skills: to effectively articulate and explain complex security topics in simple language and easy to understand concepts.

● Possess excellent time management skills, thrive in a fast paced demanding environment

● Be a self-managed, self-starter with good organizational skills to include good follow-up skills

● Knowledge in using MS office tools such as PowerPoint, word, excel and project

POSITION TITLE

Security Consulting and Risk Officer

WORK LOCATION

BGC, Taguig City

WORK SET-UP

Full Onsite

Job Specifications

• Graduate of Computer Science, Information Security, or related technical field.
• General understanding of regulatory compliance, application security, and privacy.
• Knowledge of network and application security risks and mitigation methods.
• Experience in system development and customization (front-end to back-end, on-premise and cloud).
• Strong familiarity with Microsoft and Linux/Unix security architecture.
• Working knowledge of web protocols, web services, networking, and encryption.
• Relevant certifications preferred (e.g., CISA, CISM, CISSP, SANS GIAC, PCI-DSS).
• Excellent analytical, problem-solving, and learning agility.
• Strong teamwork, collaboration, and communication skills.
• Ability to thrive in a fast-paced environment with excellent time management.
• Self-starter with strong organizational and follow-up skills.

Job Types: Full-time, Temporary

Contract length: 12 months

Benefits:

• Health insurance

Application Question(s):

• EXPECTED SALARY?

Education:

• Bachelor's (Required)

Experience:

• Microsoft and Linux/Unix security architecture: 5 years (Preferred)

License/Certification:

• CISA, CISM, CISSP, SANS GIAC, PCI-DSS (Preferred)

Work Location: In person

GENERAL RESPONSIBILITIES

• Perform risk assessment for in-flight projects and identify potential risks and make recommendations to address the risks and ensure compliance with cybersecurity standards and best practices.
• Collaborate with project managers, proponents, and members of the project team on the security requirements and risk mitigation strategies.
• Ensure timely response and delivery of quality security assessment reports
• Monitor, track and report (SLOs) Service Level Objectives
• Track risk mitigation completion performed by the project members
• Facilitate risk acceptance review and approval process of security requirements that cannot be implemented or complied in time for production.
• Keep abreast on emerging threats and vulnerabilities to evaluate potential risks applicable to the organization.
• Provide mentorship, guidance and supervision to a pool of Risk Assessment analysts.
• Continuous improvement on risk assessment processes
• Provide support requirements for the assessment and implementation of risk management tools ex: GRC (Governance, Risk, and Compliance), Risk Assessment and Third Party Risk Management Tools, etc.

TECHNICAL COMPETENCIES

• Knowledge in operating systems and networking
• Knowledge in cloud environment is desirable.
• Knowledgeable on IT security domains based on industry standards ex: NIST Cybersecurity Framework, ISO /2, CIS (Center for Internet Security), etc.
• Risk based approach and methodology on security assessments
• Some experience in project management
• Basic understanding of threat modeling ex: STRIDE and similar

QUALIFICATIONS

• Bachelors degree in Computer Science, Engineering, Information Technology, etc. or Accountancy
• Four to five years work experience in Security Risk Management, IT (Information Technology) Technical Audit, or IT (Information Technology) Security and Solutioning
• Has excellent verbal and written communication skills.
• Has good presentation skill.
• Exhibits critical thinking.
• Strong leadership skills
• Any relevant Cyber Security certifications is preferred ex: CISSP, CISM, CISA, CRISC, ISO27000, and similar.
• Other relevant technical certification would also be an advantage.

Job Description:

Project Title : SAP Security Vulnerability assessment

Location : Metro Manila

Work setup : Hybrid

Summary:Responsible for applying security skills to design, build, and protect enterprise systems, applications, data, assets, and people. Your typical day will involve providing services to safeguard information, infrastructures, applications, and business processes against cyber threats.

Must have: Need 3+years of in SAP Security Vulnerability assessment

Roles & Responsibilities:

• Expected to perform independently and become an SME.

• Required active participation/contribution in team discussions.

• Contribute in providing solutions to work related problems.

• Develop and implement security measures to protect computer systems, networks, and data.

• Conduct vulnerability assessments and penetration testing to identify security weaknesses.

• Monitor security vulnerabilities and threats to proactively prevent security breaches.

• Collaborate with cross-functional teams to ensure security best practices are implemented.

• Stay updated on the latest security trends and technologies to enhance security posture.

Note: Interested candidate can directly reach out

Do you want to take the first step in making Filipinos' lives better everyday? Here in GCash we want to stay at the forefront of the FinTech industry by creating innovative, meaningful, and convenient financial solutions for the nation G ka ba? Join the G Nation today

• Develops a complete understanding of a company's technology and information systems.
• Identify and communicate current and emerging cybersecurity and fraud threats and risks that are relevant to GCASH.
• Design cybersecurity and fraud management architecture elements for GCASH to mitigate threats as they emerge.
• Plan, research and design robust cybersecurity and fraud management architectures for demands of GCASH
• Understands the business direction, threat landscape globally and regionally for the Fintech Industry.
• Collaborates with product teams and business to understand the business direction and anticipating Security and Fraud Risks relevant to whatever the direction business is moving towards.
• Formulates the new cybersecurity and fraud management blueprints to ensure business is able to pursue the plans at the same time managing the risks for GCASH.
• Conducts research on Emerging Technologies and their evolving threats to be used for the Threat Modeling process.)
• Creates and maintains Fraud and Security Blueprints for emerging and existing technology and information systems.
• Communicate the new Fraud and Security Blueprints to relevant teams/groups pervasively within GCASH.
• Responds to, and investigates, cybersecurity and fraud incidents and provides thorough post-event analyses in collaboration with the ISDP GGSOC team.
• Reviews current system cybersecurity and fraud measures and decides and oversees implementation of enhancements for GCASH.
• Receives escalation from Fraud and Security Consultants handling FSR and assess validity of escalations and assess potential controls to address the escalations.
• Regularly communicates vital information, cybersecurity and fraud management needs and priorities to upper management.

What We Offer
Opportunity for career growth and development in the #1 FinTech company in the country Working with a dynamic and highly collaborative team who want to change the game A company that values their people with highly competitive and flexible compensation and benefits package

Be #InGoodHands with Metrobank

Here at Metrobank, we don't simply hire employees—we hone future leaders. We provide opportunities that enhance your skills and unlock your talents, helping you evolve into a well-rounded individual. We supply you with all the pieces you need to do your best work, unleashing your full potential to help you secure your future and lead a fulfilling career. And with Metrobank's strong heart for the community, you have the chance to give back and make worthwhile contributions to our nation's economic and social development. With Metrobank, a meaningful life is within your reach

Position Title:
Security Assurance and Assessment Officer

Job Summary:

• Develop tactical plans and programs for the establishment and maintenance of the Bank's third party information security risk management framework and ensure alignment with the enterprise risk framework
• Performs third party security, system security and information asset based risk assessment. Analyze and review of complex bank processes, application system and network security implementation and third party relationships to identify potential risk including the determination of risk mitigation strategies
• Analysis and review of complex application system and network security implementation on the current production environments to identify potential risk including the determination of risk mitigation strategies
• Recommend strategies to control risks from inadequate protection of confidentiality, integrity and availability of the information assets, processing facilities and connected services

Role Exposure:

• Prepares tactical plans and/or programs in the conduct of information, third party and system security risk assessments
• Identify the Bank's critical assets, threats to these assets, vulnerabilities, and reviews adequacy of existing security controls to safeguard the confidentiality, integrity and availability of information
• Coordinate and assess the security performance of third-party vendors that collect, process, transmit, and store client data
• Performs threat modelling-based system security risk assessment for all IT systems and other IT assets, as applicable
• Analyze and assess the impact of changes in process, technical changes and systems enhancements and third party relationships.
• Reviews adequacy of existing security controls to safeguard the confidentiality, integrity and availability of information and information processing facilities to mitigate information security risk
• Formulates, recommends information security policies and procedures on physical, environmental and personnel security with respect to results of information security assessment activities
• Responsible for coordinating across all business units and stakeholders in gathering information in preparation to the conduct of information, third party and system security risk assessment
• Articulate security findings and risk remediation strategies through issuance of risk assessment report. Track and follow-up status of risk mitigation activities
• Ensures security risk register is maintained and kept updated including status of remediation activities
• Executes and monitors accomplishment of the risk assessment plans and programs
• Articulate security findings and risk remediation strategies through issuance of risk assessment report; writing comprehensive, concise and understandable to non-technical
• Tracking and follow up on status of mitigation activities
• Maintain and track library of records and documentation
• Investigation of applicable reported incidents related to information handling and data privacy
• Keep abreast of and apply information, IT and third party security trends and regulatory and compliance changes affecting the security of landscape, security best practices, threat landscape (emerging and existing) and apply them in daily work
• Review the work of other Security Quality and Assurance Risk Assessors; guides and mentors them
• Proactively works with the Department Head in implementing programs for the continuous improvement of the bank's information security plans and strategies
• Perform other information security risk management and compliance related duties and responsibilities as directed by the Department Head

Qualifications:

• Bachelor's Degree
• Experienced in IT general controls and auditing, preferably strong background on system security risk assessments
• Can perform information security risk-based prioritization decisions, analyze business risk, and can articulate complex business/risk trade-off recommendations and decisions
• Experienced on project security technical review and risk assessment
• Analytical and risk identification skills to analyze a variety of information security –related risk situations and develop recommendations on the best course of action
• Should also be abreast with security best practices and knowledge of common and emerging security threats
• Professional Certification may include CISA, CISM, CRISK, PCI-DSS, ISO-27001 LA or equivalent is an advantage

Other Details:

Rank:
Junior Officer

Unit:
Financial and Control Sector / Information Security Division / Security Quality Assurance and Risk Assessment Department

Location:
Metrobank Center, BGC, Taguig City

Kenvue is currently recruiting for:

This position reports into RM&C Manager and is based In Manila, Philippines.

At Kenvue, we realize the extraordinary power of everyday care. Built on over a century of heritage and rooted in science, we're the house of iconic brands - including NEUTROGENA, AVEENO, TYLENOL, LISTERINE, JOHNSON'S and BAND-AID that you already know and love. Science is our passion; care is our talent. Our global team is made by 22,000 diverse and brilliant people, passionate about insights, innovation and committed to deliver the best products to our customers. With expertise and empathy, being a Kenvuer means to have the power to impact life of millions of people every day. We put people first, care fiercely, earn trust with science and solve with courage – and have brilliant opportunities waiting for you Join us in shaping our future–and yours. For more information click here.

RM&C Senior Analyst will provide regional oversight and will work with team members on deliverables for the respective area of responsibility. They will be reporting to the regional Finance Compliance Manager on the finance compliance activities within the function or region. Expected to provide compliance oversight within the regional hubs for the Finance Compliance organization. Responsible for risk management while driving standardization across the region or function.

They are required to have deep knowledge in finance processes and controls, strong analytical and risk management skills. This professional is expected to guide compliance professionals in working with various business partners including senior leaders across the enterprise.

Maintain Operational Excellence:

• Adopts a strategic mindset for execution of daily tasks.
• Supports and prepares foundational analytics for evidence-based decision making.
• Demonstrates strong learning agility.
• Understands policies drives accountability on business compliance.
• Views issues with a risk-based lens and develops appropriate mitigation plan.
• Liaise and provide compliance status related to issues, policies, procedures, and recommendation as necessary to supervisor and stakeholders.
• Fulfill compliance requirements, which includes SOX Key Dates and Corporate requirements, as per Compliance SLA with the sectors. Complete all standard Compliance document requirements – RCM/DCMs, Hand-off's, SOPs, and submission of required SOX templates (system inventory templates, SOX questionnaires).
• Identify compliance risks in processes and controls and help ensure such risks are addressed.
• Help oversee the operational compliance to internal policies and procedures to assure that the current processes are operating under a state of control and in a manner consistent with applicable laws, regulations, and policy. Coordinate activities within established departmental policies.
• Manage multiple projects, when required, prioritizing, and adapting to business needs and understanding of business requirements is expected

Talent Management:

• Demonstrates influencing skills and credibility.
• Assist Associate Compliance Manager and/or Compliance Manager in the implementation of compliance initiatives and related activities such as, performing due diligence reviews, Risk Based Assessment monitoring, Audit, Corrective Action Planning & Remediation, Advisory, Training, and other compliance support needed by Finance/Accounting and Supply Chain.
• Coordinate compliance training as required. Enable/Support implementation of policies and standards across all sites within scope of role in the region.

Be a Trusted Business Partner:

• Exhibits an unbiased and integrated approach towards business partnering.
• Understands external environment and acts in an advisory / consultant capacity.
• Partner with Global Project Team in providing compliance support through various country deployments to enhance controls through standardization of tools & reports.
• Partner with other members of the Compliance team on the formulation of responses to corporate audits in order to address various audit observations. Collaborate with stakeholders in the identification and implementation of corrective actions. Ensure effective and timely completion of all corrective actions.

Create Game-Changing Innovation

• Demonstrates a self-motivated approach for process and continuous improvement.

Required Qualifications

• Generally, requires 4-6 Years Work Experience.
• At least 1-2 years of Management / Supervisory experience is required.
• Has specialized knowledge in underlying business processes and accounting background.
• Strong analytical and quantitative skills (ability to measure).
• Accounting background for Payroll and Finance for Risk Management, SOX, and User Access.
• Independent objective in thinking, strong professional ethics.
• Strong interpersonal skills and the ability to interact with employees at all levels.
• Ability to frame clear & concise communication across all relevant stakeholders.
• Be open to new ideas, rapid change and embracing new technologies.

Desired Qualifications

• Management / Supervisory experience.
• Familiarity in SOX documentation procedure and SOX certification is desirable.
• Planning, prioritization, and multitasking skills.
• Relevant professional certification(s) strongly preferred (i.e., CPP, CPA, CMA, CIA, etc.)
• Working knowledge of SAP (or other ERP's) an advantage.
• Digital/ intelligent automation capabilities.

• Competitive Benefit Package
• Paid Company Holidays, Paid Vacation, Volunteer Time, Summer Fridays & More
• Learning & Development Opportunities
• Employee Resource Groups
• This list could vary based on location/region

Kenvue is proud to be an Equal Opportunity Employer.  All qualified applicants will receive consideration for employment without regard to race, color, religion, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.

Responsibilities:

• Checks and approves the deposit of the reservation fee for approved sales.
• Checks the completeness of documents covering the property, and documents submitted by the Buyer, against the approval of the sale.
• Ensures compliance with AMLA/PEP/DOSRI/ RPT rules and other sales documentation related policies, as applicable.
• Prepares the sales documents.
• Assists buyer for the signing of the sales documents.
• Handles the collection from the buyer of the amount per Billing Statement (SOA) provided by Expense Maintenance Unit (EMU) / Taxes Team for the expenses / CWT/VAT buyer share advanced by the Bank.
• Prepares all the documents for the booking of the sale, turnover of the property to the buyer, release to the buyer of the collateral documents, and such other documents necessary to consummate the transaction.
• Endorses the installment accounts to Collection Team.
• Secures clearances from Accounting Unit for the cash and SCR fully paid accounts prior release of collateral documents.
• Prepares collateral release advice (CRA) for the release of collateral documents to the buyer.
• Encodes to RMS system the property and buyer's information as well as the reservation and payment details.
• Facilitates scanning / document management imaging (DMI) of sales documents.
• Processes requests for payments (RFP), including request for Purchase System (PS) vendor set up, for main bank accounts.
• Prepares endorsement of accounts to Taxes, and other teams, for the corresponding, CWT payment and other tasks related to the sale of the property.
• Handles all processes, including coordination with the buyer, after the approval of the sale
• Checks the sales documents, RFP, RMS entry details and CRA prepared by the Documentation Assistant.
• Attends to after-sales concerns of old buyers.
• Prepares reports as needed.

Qualifications:

• Must be a bachelors degree holder
• With at least 3 years of related work experience

Interested candidates must be willing to work onsite daily in Makati.

Duties and Responsibilities

ERM Process Development – Support in the development, implementation, maintenance, and continuous improvement of ERM processes and documentation. This includes actively participating in process improvement initiatives.

Status Reporting- Gather information on the status of implementation of risk management strategies and action plans and assist in drafting reports for presentation to the Board Risk Oversight Committee. Contribute to the analysis of risk management effectiveness.

Collaboration with the CRO: Collaborate with the CRO in updating and making recommendations to Board Risk Oversight Committee. Assist in preparing materials and insights to facilitate informed decision-making.

Policy Development: Support the development of ERM policies and related guidance as needed. Assist in ensuring that policies are up-to-date and effectively communicated throughout the organization.

On-site Verification: Assist in conducting periodic on-site verifications to ensure that risk management processes are performing as intended. Participate in assessments of whether risk measures reported are continuously reviewed by risk owners for effectiveness. Support the monitoring of compliance with established risk policies and procedures.

Market Analysis: Collect and research data on current economic, regulatory, and market events that may affect the risks affecting the Company's operations. Provide research findings to contribute to a comprehensive understanding of the risk landscape.

Data Retrieval and Analysis: Assist in retrieving internal business and financial reports as a basis for detecting events and trends affecting the risk of the Company. Support data analysis efforts to identify potential risks and opportunities for risk mitigation.

Academic / Technical Qualifications:

• Graduate of Accounting, Economics or Industrial Engineering.
• 2 to 3 prior experiences in accounting auditing or other relevant work experience
• Proficiency in word/excel PowerPoint application
• Above Average written and oral communication skills.

Job Types: Full-time, Permanent

Benefits:

• Company Christmas gift
• Company events
• Health insurance
• On-site parking
• Promotion to permanent employee
• Staff meals provided
• Transportation service provided

Work Location: In person