MakatiDescription Job Description for Manila Risk Position: Point person for all things security-related
Track all security enhancement projects
Liaison for the company's Network Admin / Infrastructure team on security projects
Oversight of projects to ensure they are scoped and executed to our liking
Example of the 2 projects that Infrastructure Team is working on for us
MFA on the remote login in
Data Leak Prevention (Microsoft solution)
Advise on best practice security approach to developers
Work together with developers to ensure code is up to par
Ensure standards are met with Vulnerability Scans; Review the continues scans and remediate any issues within appropriate time frame
SOC 2 Audits
We are about to undergo a major SOC 2 Type 2 audit. Would need the person to be the project manager to make sure everything is in place to pass successfully
We want the person to ensure we meet the standards to successfully pass audits
Introduce new self-audits to ensure standards are maintained for external audits
Pen testing
Possible that he can do some of his own pen testing throughout the year
Liaison with the pen test auditors
Make sure that deadlines are being met
Security Assessments
We get at least 2 a month. The new hire would be responsible to make sure all assessments are properly answered
First set of eyes to respond to all questions
Once he understands how we respond, we would possibly put the person in charge so that there are no delays.
Ensure remediations are prioritized and addressed in a timely manner, and update policies & procedures based on findings
Recommend and implement changes based on the questions being asked
Maintain a catalogue of responses
Prepare security whitepapers
SV Security Policy and Procedures
Track, monitor and execute all security policies and procedures, oversee enforcement
Proposing new policies
We have many ideas that need to be added.
Overseeing the security infrastructure of the company's
We are always asked if we meet specific security frameworks (i.e. ISO). The security hire would ensure that we do and would enforce development to follow those frameworks.
Create print material and instructions for all available security features
FTP implementation instruction
Documentation on the required client infrastructure
Key Qualifications
candidates must obtain at least 5 years in IT Security.
Amenable to work in Makati City
Willing to work on a night shift work schedule
