Cybersecurity Security Assessment Lead
3 weeks ago
Cybersecurity / Information Security Roles in Philippines (Representative Openings)
Information Security Lead
Posted today
Job DescriptionJob Roles and Responsibilities
I. Strategic Leadership and Governance:
- Develop and Execute Security Strategy: Lead the formulation, implementation, and continuous improvement of the BPO's information security strategy, aligning it with business objectives, client requirements, and regulatory compliance.
- Policy and Procedure Development: Create, maintain, and enforce comprehensive information security policies, procedures, and standards (e.g., access control, data handling, incident response, remote work security) that adhere to industry best practices and client SLAs.
- Conduct regular risk assessments to identify, analyze, and prioritize security vulnerabilities and threats across systems, networks, applications, and processes.
- Develop and implement mitigation plans to address identified risks, recommending appropriate security controls and technologies.
- Compliance and Regulatory Adherence: Ensure compliance with relevant data protection regulations (e.g., GDPR, HIPAA, PCI-DSS, local Philippine privacy laws) and oversee audits (e.g., ISO 27001, NIST) with management reports for clients.
- Budget Management: Contribute to the development and management of the information security budget for tools, training, and personnel.
II. Operational Security Management:
- Incident Response and Management: Develop and lead the IRP, coordinate investigations, communicate status to stakeholders, and conduct tabletop exercises.
- Vulnerability Management: Lead vulnerability assessments and remediation, and analyze threat reports to pre-emptively protect the organization.
- Security Monitoring and Operations: Oversee continuous monitoring using SIEM tools; maintain security tools (firewalls, IDS/IPS, antivirus, DLP).
- Access Control Management: Enforce robust access control policies, ensuring only authorized personnel access sensitive data, especially in multi-client environments.
- Data Protection and Privacy: Implement measures for data confidentiality, integrity, and availability, including encryption, storage, backup and DR plans.
- Vendor Security Management: Assess third-party security posture and coordinate risk mitigation with vendors.
III. Team Leadership and Development:
- Lead and Mentor: Manage a team of security professionals and foster a security-first culture.
- Security Awareness and Training: Develop programs to improve security awareness across all employees (e.g., phishing awareness).
- Collaboration: Work with IT, operations, legal, HR, and client-facing teams to integrate security into operations.
IV. BPO-Specific Considerations:
- Client Relationship Management: Serve as a primary contact for information security matters, audits, and client-specific security concerns.
- Multi-Tenancy Security: Manage data security across multiple clients within shared infrastructure with proper segregation.
- SLAs & Global Standards: Ensure security practices meet client SLAs and align with global standards and regulations.
Job Qualifications:
- Bachelor's degree in a related field; experience in risk management, incident response, and compliance.
- Familiarity with security frameworks (ISO 27001, NIST, PCI-DSS) and cloud security (AWS, Azure).
- Experience with incident management, breach investigations, and response planning.
- Strong communication and leadership skills; ability to drive cross-functional initiatives.
- Security certifications (e.g., CISSP, CISM, CISA) are a plus.
What You’ll Enjoy:
- Competitive salary and benefits
- Career growth and learning opportunities
- Opportunities to collaborate with global leaders
Information Security Lead Auditor
Posted 1 day ago
Job DescriptionLead Auditor will conduct ISO 27001 audits and assessments for client organizations, evaluating controls and guiding improvements to achieve compliance.
- Develop audit plans; conduct on-site audits; document findings and non-conformities.
- Provide recommendations to strengthen ISMS and support ISO 27001 certification efforts.
- Communicate results to client management; stay updated on ISO standards.
- Travel locally and internationally as required; certifications such as ISO 27001 Lead Auditor preferred.
Qualifications:
- Bachelor’s degree in Information Security, IT Management, or related field.
- ISO 27001 Lead Auditor certification or equivalent; 2-4 years IT auditing or related experience.
- Strong knowledge of ISO 27001 controls; excellent report writing and client-facing skills.
- Ability to travel up to 30% (including international).
Information Security Manager
Posted 1 day ago
Job DescriptionOverview: Oversee the implementation and maintenance of the organization’s information security strategy; ensure risk management, incident response, and regulatory alignment; promote security awareness.
- Security Governance & Strategy: Develop, implement, and maintain security policies and procedures; align with regulatory requirements; support audits against ISO 27001, NIST, GDPR.
- Risk & Vulnerability Management: Conduct risk assessments and vulnerability scans; maintain risk register; oversee remediation plans.
- Security Operations: Monitor tools (SIEM, firewalls, DLP); lead incident response and investigations; coordinate patching and hardening.
- Identity & Access Management: Manage access controls and MFA implementations.
- Security Awareness & Training: Develop employee security education programs.
- Project & Vendor Security: Provide security oversight for IT projects; review third-party security contracts.
What Our Client Looks For:
- Bachelor’s degree; Master’s preferred; ISO 27001, NIST, COBIT knowledge; cloud security experience.
- Strong leadership and communication skills; ability to influence across functions.
- Preferred certifications: CISM, CISSP, ISO 27001 Lead Implementer/Auditor, CompTIA Security+, CEH.
Location and logistics vary by client engagement.
Information Security Analyst
Posted 1 day ago
Job DescriptionInformation Security Analyst – Incident Investigation
Location: Cyber Security Operations Center
Division: Cyber Security Investigation and Threat Intel
Role: Investigate incidents, collect evidence, draft incident and threat intelligence reports, coordinate with HR, Legal, Compliance, and other teams; stay updated on security trends.
- Requirements: Bachelor’s in IT/Engineering or related; 4–8 years in cybersecurity with incident investigation and threat intel experience.
- Skills: Incident response, digital forensics, malware analysis, TCP/IP, Linux/Windows; experience with Splunk/ELK/YARA, etc.
What Sets You Apart: Deep incident investigation and threat intelligence expertise; ability to work under pressure.
OpenText – Manager, Information Security (Manager, SOC)
Posted 1 day ago
Job DescriptionOverview: Manager of Security Operations Center (SOC) within the Information Protection Center; oversee SOC operations, incident response, and coordination with client teams; typically 8-5pm EST.
- Define and grow SOC services; lead significant incident responses; collaborate with client teams for issue resolution.
- Organize assessments of security controls; manage resources and dashboards; develop SOPs; interface with internal audit and compliance.
- Lead risk assessments for policy deviations and ensure staffing coverage.
Qualifications:
- 7+ years information security; 4+ years in SOC; 3+ years management experience.
- CISSP, CISA, CISM, or similar preferred.
- BS in CS/ Cyber Security; strong communication and leadership skills.
Note: Some sections include vendor disclosures and corporate policy language.
Information Security Analyst
Posted 1 day ago
Job DescriptionIncident Investigation – Information Security Analyst
What You’ll Do: Collect and analyze evidence, draft incident and threat intel reports, coordinate with internal teams, and stay current on global security trends.
- Requirements: 4–8 years in cybersecurity with incident investigation and threat intel; degree in IT/Engineering or related field.
- Skills: Incident response, forensics, malware analysis; familiarity with security tools (Splunk, ELK, etc.).
What Sets You Apart: Expertise in incident investigation and threat intel; ability to work under pressure.
What Locations Can I Find These Jobs In?
This page lists multiple openings; locations vary by role and client.
#J-18808-Ljbffr-
Risk And Security Assessment Consultant
3 weeks ago
, Metro Manila, Philippines Buscojobs Full timeJob descriptions and qualifications provided below have been reformatted for clarity and corrected structure while preserving the original information. Security Risk Assessment Consultant Location: Mandaluyong, National Capital RegionSalary: ₱ - ₱ Employer: Bank of Commerce (Philippines) Job Summary: Oversee employees, consultants, subsidiaries and...
-
Cybersecurity Operations Team Lead
5 days ago
, , Philippines ePLDT, Inc. Full timeCybersecurity Operations Team Lead The Cybersecurity Operations Team Lead is responsible for overseeing day-to-day operational compliance with defined Service Level Agreements (SLAs), Service Level Objectives (SLOs), and Key Performance Indicators (KPIs) across the MSS team. This role ensures that team members deliver services within scope and timelines...
-
Lead, Security Threat and Exposure Specialist
3 weeks ago
, Metro Manila, Philippines GCash Full timeOverview Lead, Security Threat and Exposure Specialist at GCash Join to apply for the Lead, Security Threat and Exposure Specialist role at GCash Responsibilities Identify and communicate current and emerging cybersecurity and fraud threats and risks that are relevant to GCASH. Design cybersecurity and fraud management architecture elements for GCASH to...
-
Cybersecurity Operations Team Lead
4 weeks ago
, , Philippines ePLDT Full timeOverview The Cybersecurity Operations Team Lead is responsible for overseeing day-to-day operational compliance with defined Service Level Agreements (SLAs), Service Level Objectives (SLOs), and Key Performance Indicators (KPIs) across the MSS team. This role ensures that team members deliver services within scope and timelines, while also actively...
-
Lead Security Analyst
3 weeks ago
, Metro Manila, Philippines Buscojobs Full timeVulnerability Management Analyst IntroductionWe are seeking for a Vulnerability Management Analyst to support daily operations of our vulnerability assessment platform. This role involves executing scheduled scans, managing asset groupings, tracking remediation efforts, and generating dashboards and reports. The ideal candidate is detail-oriented,...
-
Cybersecurity Awareness Admin
3 weeks ago
, Metro Manila, Philippines Buscojobs Full timeOverview Cybersecurity Awareness Admin jobs in Caloocan Posted 1 day ago Job Description Job Title: Third Party Security Analyst Location: Sta. Rosa Laguna (Old National Highway Tagapo) Employment Type: Full-Time Job Overview Join our Third Party Security (TPS) team and play a critical role in protecting organizational assets by identifying, assessing, and...
-
Cybersecurity Project Manager
2 weeks ago
, , Philippines Ciena Full timeOverview As the global leader in high-speed connectivity, Ciena is committed to a people-first approach. Our teams enjoy a culture focused on prioritizing a flexible work environment that empowers individual growth, well-being, and belonging. We’re a technology company that leads with our humanity—driving our business priorities alongside meaningful...
-
Application Security Team Lead
3 weeks ago
, Metro Manila, Philippines Buscojobs Full timeApplication Security Team Lead Location: Mandaluyong/Pasig area (as per original), Salary: ₱ - ₱ , Employer: Meralco Industrial Engineering Services Corporation Job Description Job Title: Application Security Lead Responsibilities Develops and implements cybersecurity strategies, policies, procedures, and incident response plans, ensuring alignment with...
-
Cyber Security Analyst
3 weeks ago
, Metro Manila, Philippines Buscojobs Full timeCyber Security Analyst – Muntinlupa Posted today Overview Responsibilities and requirements from multiple postings compiled below. This description includes cybersecurity analyst responsibilities, incident response, vulnerability assessment, and related qualifications commonly required for roles in Muntinlupa/Metro Manila. Roles may be onsite with 24/7...
-
Project Manager
3 weeks ago
, , Philippines Ciena Full timeAs the global leader in high-speed connectivity, Ciena is committed to a people-first approach. Our teams enjoy a culture focused on prioritizing a flexible work environment that empowers individual growth, well-being, and belonging. We’re a technology company that leads with our humanity—driving our business priorities alongside meaningful social,...