201 Vulnerability Assessment jobs in the Philippines

Job Description:

Project Title : SAP Security Vulnerability assessment

Location : Metro Manila

Work setup : Hybrid

Summary:Responsible for applying security skills to design, build, and protect enterprise systems, applications, data, assets, and people. Your typical day will involve providing services to safeguard information, infrastructures, applications, and business processes against cyber threats.

Must have: Need 3+years of in SAP Security Vulnerability assessment

Roles & Responsibilities:

• Expected to perform independently and become an SME.

• Required active participation/contribution in team discussions.

• Contribute in providing solutions to work related problems.

• Develop and implement security measures to protect computer systems, networks, and data.

• Conduct vulnerability assessments and penetration testing to identify security weaknesses.

• Monitor security vulnerabilities and threats to proactively prevent security breaches.

• Collaborate with cross-functional teams to ensure security best practices are implemented.

• Stay updated on the latest security trends and technologies to enhance security posture.

Note: Interested candidate can directly reach out

QUALIFICATIONS:

• At least 3-5 years as a VAPT Specialist/Offensive Security or other related roles.
• Hands-on experience in web and mobile application VAPT, following the OWASP Top 10 testing framework
• Proficient in using open-source and commercial security testing tools such as Kali Linux, Metasploit, Qualys, Nessus, Burp Suite, OWASP ZAP, etc.
• Working knowledge of web and mobile application development
• Ability to write assessment reports that are clear and understandable for both technical and non-technical audiences
• Cybersecurity certifications such as CEH, CISSP, or equivalent are preferred
• Should be amendable to work Hybrid (3x a week onsite - temporary) and 100% onsite in Ortigas in the future.

RESPONSIBILITIES:

• Conduct vulnerability assessment and penetration testing on web and mobile applications
• Provide detailed assessment report and recommendations following the preferred report format of the client, if available
• Provide assistance and consultation services to teams responsible for remediations
• Organize and conduct meetings or consultation sessions, when needed, to facilitate completion VAPT sub activities
• Independently manage and complete schedule of activities or assigned tickets
• Regularly submit progress report to immediate supervisors
• Ensure confidentiality of client information at all times

JOB SUMMARY

• Oversee employees, consultant, subsidiaries and vendor's compliance with ISPP

regarding the security of the Bank's information assets;

• Monitor the adequacy and effectiveness of the systems of internal control to ensure

that the systems minimize operations risk and identify exposures while the

consequences are still avoidable;

• Provide effective assessment of risks to ensure the soundness of information

technology; and

• Provide consulting activity to improve the risk management process of the

organization.

JOB DESCRIPTION

• Maintain a good working relationship with unit management and meets with Group

Heads or senior Bank management to explain information pertaining to adequacy,

effectiveness and efficiency of internal control systems to mitigate the risks identified.

• Develop and maintain key relationship with professional associations and /or individuals to exchange information on unusual or emerging technical issues and risk engines.
• Facilitate periodic risk assessment following the ACES and ISRA methodologies of the bank information assets.
• Conduct or review complex or specialized risk assessment of functions, identifies and evaluate risk concerns, recommend mitigating controls and report summary information deficiencies of business and operating units
• Recommends strategies and programs in relation to the Bank's Information Security
• Provide consulting activities to business and operating units on IT risks and information security issues covering Bank's processes, operating policies and procedures.
• Ensure adequacy and relevance of Information Security Policies and Procedures.
• Oversee user's adherence to security policy and report breaches to the appropriate authority
• Develop or enhance the risk assessment program on information security and privacy matter
• Develop and provide continuing education and advisory on information security and privacy matters for Bank personnel
• Participate in the Business Continuity Planning
• Assist in facilitating the vulnerability assessment and penetration testing exercises conducted by third party consultants and monitor resolution.
• Ensure timely resolution of internal and regulatory findings.
• Keep abreast of latest information security and privacy regulations and vulnerabilities and new and emerging security technology
• Prepare, assist and gather information for management or BROC reporting

JOB QUALIFICATION

• At least 5-7 years of professional experience in Information Security, IT Risk Management, or related fields.
• Minimum 2 - 3 years in a supervisory or leadership role managing risk assessments, audits, or compliance activities.
• Strong knowledge of information security frameworks (NIST CSF, ISO 27001, CIS Controls)
• Proficiency in risk management methodologies such as ISRA, RCSA, and SASRA, including risk registers and heatmaps.

Collections Officer Responsibilities:

• Aging and credit control monitoring
• Ensure client has adequate notes, paperwork, and collection notes
• High concentration balance confirmations monthly
• Balance confirmations for large dollar value invoices/debtors
• Reworking of invoice batches
• Correct any mismatched debtors, new debtor bonafides, spot check invoices
• Saving copy of invoices and backup paperwork to system where required
• Conduct debtor limit assessments and insurance where required
• Regular contact with debtors and clients
• Coordinate with client's team to produce high quality and timely information

The Client is an Australian national financial institution. You will be handling a portfolio of small clients, with your role focused on doing balance verifications and obtaining supporting paperwork for the larger dollar value/concentration debtors on the portfolio.

Collections Officer Requirements:

• Preferably with Call Center Experience.
• Bachelor's degree in accounting or business management, or a similar field.
• Previous experience working as a Collections Officer.
• Excellent negotiating skills.
• Good written and verbal communication skills.
• Familiarity with state debt collection laws.
• Knowledge of payment plans and accounting procedures.
• Knowledge of office and accounting software.
• Patience and resilience.

Job highlights:

• On-site, office based in Cebu City
• Fixed day shift (morning shift)
• Fixed weekends off
• Shortened probation
• HMO upon regularization
• Up to 2 HMO dependents after 2 years of service
• Company lunches
• Snacks, coffee, and drinks in the pantry
• Access to gym and swimming pool

GENERAL RESPONSIBILITIES

• Perform risk assessment for in-flight projects and identify potential risks and make recommendations to address the risks and ensure compliance with cybersecurity standards and best practices.
• Collaborate with project managers, proponents, and members of the project team on the security requirements and risk mitigation strategies.
• Ensure timely response and delivery of quality security assessment reports
• Monitor, track and report (SLOs) Service Level Objectives
• Track risk mitigation completion performed by the project members
• Facilitate risk acceptance review and approval process of security requirements that cannot be implemented or complied in time for production.
• Keep abreast on emerging threats and vulnerabilities to evaluate potential risks applicable to the organization.
• Provide mentorship, guidance and supervision to a pool of Risk Assessment analysts.
• Continuous improvement on risk assessment processes
• Provide support requirements for the assessment and implementation of risk management tools ex: GRC (Governance, Risk, and Compliance), Risk Assessment and Third Party Risk Management Tools, etc.

TECHNICAL COMPETENCIES

• Knowledge in operating systems and networking
• Knowledge in cloud environment is desirable.
• Knowledgeable on IT security domains based on industry standards ex: NIST Cybersecurity Framework, ISO /2, CIS (Center for Internet Security), etc.
• Risk based approach and methodology on security assessments
• Some experience in project management
• Basic understanding of threat modeling ex: STRIDE and similar

QUALIFICATIONS

• Bachelors degree in Computer Science, Engineering, Information Technology, etc. or Accountancy
• Four to five years work experience in Security Risk Management, IT (Information Technology) Technical Audit, or IT (Information Technology) Security and Solutioning
• Has excellent verbal and written communication skills.
• Has good presentation skill.
• Exhibits critical thinking.
• Strong leadership skills
• Any relevant Cyber Security certifications is preferred ex: CISSP, CISM, CISA, CRISC, ISO27000, and similar.
• Other relevant technical certification would also be an advantage.

GENERAL RESPONSIBILITIES

• Perform risk assessment for in-flight projects and identify potential risks and make recommendations to address the risks and ensure compliance with cybersecurity standards and best practices.
• Collaborate with project managers, proponents, and members of the project team on the security requirements and risk mitigation strategies.
• Ensure timely response and delivery of quality security assessment reports
• Monitor, track and report (SLOs) Service Level Objectives
• Track risk mitigation completion performed by the project members
• Facilitate risk acceptance review and approval process of security requirements that cannot be implemented or complied in time for production.
• Keep abreast on emerging threats and vulnerabilities to evaluate potential risks applicable to the organization.
• Provide mentorship, guidance and supervision to a pool of Risk Assessment analysts.
• Continuous improvement on risk assessment processes
• Provide support requirements for the assessment and implementation of risk management tools ex: GRC (Governance, Risk, and Compliance), Risk Assessment and Third Party Risk Management Tools, etc.

TECHNICAL COMPETENCIES

• Knowledge in operating systems and networking
• Knowledge in cloud environment is desirable.
• Knowledgeable on IT security domains based on industry standards ex: NIST Cybersecurity Framework, ISO /2, CIS (Center for Internet Security), etc.
• Risk based approach and methodology on security assessments
• Some experience in project management
• Basic understanding of threat modeling ex: STRIDE and similar

QUALIFICATIONS

• Bachelors degree in Computer Science, Engineering, Information Technology, etc. or Accountancy
• Four to five years work experience in Security Risk Management, IT (Information Technology) Technical Audit, or IT (Information Technology) Security and Solutioning
• Has excellent verbal and written communication skills.
• Has good presentation skill.
• Exhibits critical thinking.
• Strong leadership skills
• Any relevant Cyber Security certifications is preferred ex: CISSP, CISM, CISA, CRISC, ISO27000, and similar.
• Other relevant technical certification would also be an advantage.

Do you want to take the first step in making Filipinos' lives better everyday? Here in GCash we want to stay at the forefront of the FinTech industry by creating innovative, meaningful, and convenient financial solutions for the nation G ka ba? Join the G Nation today

• ROLES AND RESPONSIBILITIES A. Does (The tasks / responsibilities that the role performs to address requirements in Key Result Areas)
• Assist in the execution of the Institutional Risk Assessment (IRA) process to identify and assess AML risks across business lines.
• Gather and analyze relevant data to support risk assessments and help determine inherent and residual risks.
• Contribute to the development and application of risk scoring tools and models.
• Support periodic reviews and updates of the IRA framework to align with regulatory requirements and internal changes.
• Coordinate with business units and control owners to gather input and validate risk information.
• Prepare risk summaries, dashboards, and reports for internal stakeholders and regulatory submissions.
• Monitor regulatory changes and assist in updating risk factors and control evaluations accordingly.
• Help identify control gaps and recommend enhancements to mitigate identified AML risks.
• Assist in preparing documentation for internal audits, regulatory exams, and board presentations.

What We Offer
Opportunity for career growth and development in the #1 FinTech company in the country Working with a dynamic and highly collaborative team who want to change the game A company that values their people with highly competitive and flexible compensation and benefits package

Do you want to take the first step in making Filipinos' lives better everyday? Here in GCash we want to stay at the forefront of the FinTech industry by creating innovative, meaningful, and convenient financial solutions for the nation G ka ba? Join the G Nation today

• Develops a complete understanding of a company's technology and information systems.
• Identify and communicate current and emerging cybersecurity and fraud threats and risks that are relevant to GCASH.
• Design cybersecurity and fraud management architecture elements for GCASH to mitigate threats as they emerge.
• Plan, research and design robust cybersecurity and fraud management architectures for demands of GCASH
• Understands the business direction, threat landscape globally and regionally for the Fintech Industry.
• Collaborates with product teams and business to understand the business direction and anticipating Security and Fraud Risks relevant to whatever the direction business is moving towards.
• Formulates the new cybersecurity and fraud management blueprints to ensure business is able to pursue the plans at the same time managing the risks for GCASH.
• Conducts research on Emerging Technologies and their evolving threats to be used for the Threat Modeling process.)
• Creates and maintains Fraud and Security Blueprints for emerging and existing technology and information systems.
• Communicate the new Fraud and Security Blueprints to relevant teams/groups pervasively within GCASH.
• Responds to, and investigates, cybersecurity and fraud incidents and provides thorough post-event analyses in collaboration with the ISDP GGSOC team.
• Reviews current system cybersecurity and fraud measures and decides and oversees implementation of enhancements for GCASH.
• Receives escalation from Fraud and Security Consultants handling FSR and assess validity of escalations and assess potential controls to address the escalations.
• Regularly communicates vital information, cybersecurity and fraud management needs and priorities to upper management.

What We Offer
Opportunity for career growth and development in the #1 FinTech company in the country Working with a dynamic and highly collaborative team who want to change the game A company that values their people with highly competitive and flexible compensation and benefits package