Governance, Risk and Compliance Analyst

Protect. Prevent. Empower. Be a Cybersecurity Governance, Risk, and Threat Analyst at Smartsourcing and keep businesses safe, compliant, and resilient. Hi We're Smartsourcing and we're on the lookout for a full-time and onsite Cybersecurity Engineer . Here, we exist to protect what matters most—people, data, and trust. This role strengthens that mission by combining governance, risk management, and threat intelligence to keep businesses resilient. Where? JEG Tower, Archbishop Reyes, Corner Acacia St., Barangay Kamputhaw, Cebu City, 6000 Cebu About the Role The Cybersecurity Advocate, Risk & Threat Analyst, strengthens the organization’s security culture by combining awareness training, threat analysis, and compliance oversight. This role leads purple-team exercises, manages incidents, and drives security-first behavior to reduce risk and ensure regulatory alignment. Key Responsibilities Maintenance of Governance Framework Develop, update, and assist in the enforcement of cybersecurity policies, standards, and guidelines aligned with business objectives and regulatory frameworks. Management of cybersecurity process workflows. Cybersecurity Awareness & Training Coordinate and deliver internal communication on cybersecurity awareness, updates, critical alerts and cybersecurity posture. Lead cybersecurity awareness training across departments, ensuring higher participation rates. Facilitate phishing simulations and training feedback loops. Ensure communication plans are tested and aligned with organizational policies. Ensure communication plans and cybersecurity training programs are tested and aligned with organizational policies and compliance requirements. Threat and Risk Management Advise internal stakeholders on emerging risks and proactive mitigation strategies. Track and manage incidents ensuring incidents have updated documentation and reporting. Maintain compliance rates for Keeper usage, breach watch alerts and engagement across teams. Provide policy enforcement and support to all Departments Champion secure behavior, working closely with functional team leads to embed controls in day-to-day operations. Supports risk identification, assessment, and mitigation tracking. Perform and assist internal departments in business assessments to analyse risks and opportunities through appropriate tools. Compliance, Audit & Reporting Champion compliance efforts across the business Lead compliance checks and audit preparation aligned with ISO 27001 and other regulatory standards. Produce structured reports for audits, team metrics, training KPIs, and incident summaries. Support documentation updates related to ISMS and audit tracking. Requirements KNOWLEDGE & EXPERIENCE: Knowledge of threat detection and purple teaming concepts Experience in coordinating or delivering cybersecurity awareness training Familiarity with password management and security alert systems (e.g. Keeper) Working knowledge of ISO 27001 and regulatory frameworks Knowledge of incident management and SLA-based resolution practices Strong report-writing and KPI tracking experience Strong technical communication skills Solid understanding of the NIST Cybersecurity Framework Solid knowledge of threat intelligence and frameworks such as MITRE ATT&CK SKILLS: Effective communicator, with strong written and verbal presentation skills Ability to lead cross-departmental training programs Strong understanding of threat remediation tools and techniques Organized, with strong attention to documentation and audit-readiness Comfortable leading purple-team simulations and collaboration Capable of interpreting metrics and adapting strategy based on findings Able to interact with stakeholders in cross-functional teams. Good team player interested in sharing knowledge and cross-training other team members and shows interest in learning new technologies and products. Ability to create documents of quality. Step Into the Smartsourcing Experience Smartsourcing was created with one mission: to change lives. We’re here to ensure that businesses flourish and, just as importantly, that every member of the crew is inspired, supported, and set up to thrive. For the fourth year running, we’ve been recognized as one of HR Asia’s Best Companies to Work For. This award isn’t just a title—it’s a testament to our commitment to making Smartsourcing an incredible place to build a career. Why You’ll Love Working Here At Smartsourcing, we believe the best work comes from people who feel seen, heard, and valued. That’s why we’re all about fostering an environment where you can be your true self. We take pride in being certified as a Great Place to Work because we know that when you love where you work, extraordinary things happen. Here’s just a glimpse of what we offer: