**Responsibilities**:
**Governance**
- Recommends appropriate mechanisms on the gaps detected on security controls
- Analyzes and responds in communicating non
- compliance information security
- Evaluates and make recommendations within the team regarding the appropriateness of the security controls for the organization's information and technology systems' improvement
- Works with various business units to ensure controls are adequate, appropriate, and effective.
**Risk**
- Supports vendor due-diligence process and help to lead and define overall third-party risk management efforts.
- Performs business impact analysis and assist with development of IT/InfoSec risk register.
- Drive response to IT-related risk audit and regulatory findings and follow up periodically to assure appropriate controls and procedures are implemented
- Supports business operational risk teams with security and technology controls
- Ensures that security standards are well integrated into systems
**Compliance**
- Perform security and compliance assessments on new and existing systems, processes, and technology
- Perform periodic gap assessments to validate compliance on an ongoing basis
- Educate and provide insight as compliance and regulatory Subject Matter Expert to internal and external clients as required
- Stays up to date and informed on developing regulatory concerns and changing IT and information security trends.
- Coordinates written responses on Information Security controls and regulatory compliance
**Others**
- Understand InfoSec policy and validate effectiveness of controls
- Research latest trends on technologies
- Stakeholder management
- Provides regular security reports to various stakeholders as applicable
- Maintains internal procedural standards or runbooks related to the role
- Documenting process improvements and common problems
- Participate in knowledge sharing with other analysts and provide recommendations for improvements
**Qualifications**:
- Familiar on different security standards and frameworks such as CIS, COBIT, ISO 17799, ISO 27001, NIST SP800-53, ITIL v2, HIPAA, FFIEC, NERC-CIP, PCI-DSS, OWASP
- Knowledgeable in various information security management, frameworks, best practices, governance, compliance, rules, and regulations
- Basic knowledge on security fundamentals such as types of threats, attack vectors, network vulnerabilities and attacks, user authentication, permissions, password policies, audit policies, cryptography, internet security, wireless security, and core security principles
- Working knowledge on network fundamentals such as VPN, LAN, WAN, wireless network, network topologies, and access methods, switches, routers, protocols, and services such as OSI model, IPv4, IPv6, name resolutions, networking services, TCP/IP
- Good oral and written communication skills
- Strong attention to details, documentation, and organizational skills
**Join our high-performing team and enjoy these benefits**:
- Healthcare Insurance (HMO) & Life Insurance coverage from day 1 of employment
- Expanded maternity leave up to 120 days*
- Expanded paternity leave up to 30 days*
- Employee Stock Purchase Pan
- Loyalty and Christmas Gift
- Inclusion and Diversity Benefits
- Night Differential
- Allowances
- Car and housing plan
- Company-sponsored trainings like upskilling and certification
- Flexible Working Arrangements
- Healthy and Encouraging Work Environment
**TERMS AND CONDITIONS**
**Additional Information**:
The following documents will be asked as part of the pre-hiring requirements prior onboarding.
We recommend to prepare the requirements early to ensure on time onboarding.
Detailed discussion will take place during onboarding process as well as changes on the requirements as needed.
- Transcript of Records (TOR)
- Diploma (for graduates only) and/or Certificate of Graduation
- Certificate of Employment (COE) and/or SSS Employment History
- Government Documents:
- SSS ID and/or SSS Verification Form
- SSS Statement of Account (SOA)
- SSS Certificate of Contribution
- Pag-IBIG Member's Data Record (MDR)
- Philhealth ID and/or Philhealth Member Data Record (MDR)
- TIN ID and/or Processed BIR Form 1905 or any BIR documents reflecting your TIN and with BIR Stamped
- NSO Birth Certificate
**Salary**: Php42,000.00 - Php145,000.00 per month
**Benefits**:
- Company Christmas gift
- Company events
- Employee stock ownership plan
- Gym membership
- Health insurance
- Paid training
Schedule:
- 8 hour shift
- Rotational shift
Supplemental Pay:
- 13th month salary
- Overtime pay
- Performance bonus