Cybersecurity Security Assessment Lead

Cybersecurity / Information Security Roles in Philippines (Representative Openings)

Information Security Lead

Posted today

Job Description

Job Roles and Responsibilities

I. Strategic Leadership and Governance:

• Develop and Execute Security Strategy: Lead the formulation, implementation, and continuous improvement of the BPO's information security strategy, aligning it with business objectives, client requirements, and regulatory compliance.
• Policy and Procedure Development: Create, maintain, and enforce comprehensive information security policies, procedures, and standards (e.g., access control, data handling, incident response, remote work security) that adhere to industry best practices and client SLAs.
• Conduct regular risk assessments to identify, analyze, and prioritize security vulnerabilities and threats across systems, networks, applications, and processes.
• Develop and implement mitigation plans to address identified risks, recommending appropriate security controls and technologies.
• Compliance and Regulatory Adherence: Ensure compliance with relevant data protection regulations (e.g., GDPR, HIPAA, PCI-DSS, local Philippine privacy laws) and oversee audits (e.g., ISO 27001, NIST) with management reports for clients.
• Budget Management: Contribute to the development and management of the information security budget for tools, training, and personnel.

II. Operational Security Management:

• Incident Response and Management: Develop and lead the IRP, coordinate investigations, communicate status to stakeholders, and conduct tabletop exercises.
• Vulnerability Management: Lead vulnerability assessments and remediation, and analyze threat reports to pre-emptively protect the organization.
• Security Monitoring and Operations: Oversee continuous monitoring using SIEM tools; maintain security tools (firewalls, IDS/IPS, antivirus, DLP).
• Access Control Management: Enforce robust access control policies, ensuring only authorized personnel access sensitive data, especially in multi-client environments.
• Data Protection and Privacy: Implement measures for data confidentiality, integrity, and availability, including encryption, storage, backup and DR plans.
• Vendor Security Management: Assess third-party security posture and coordinate risk mitigation with vendors.

III. Team Leadership and Development:

• Lead and Mentor: Manage a team of security professionals and foster a security-first culture.
• Security Awareness and Training: Develop programs to improve security awareness across all employees (e.g., phishing awareness).
• Collaboration: Work with IT, operations, legal, HR, and client-facing teams to integrate security into operations.

IV. BPO-Specific Considerations:

• Client Relationship Management: Serve as a primary contact for information security matters, audits, and client-specific security concerns.
• Multi-Tenancy Security: Manage data security across multiple clients within shared infrastructure with proper segregation.
• SLAs & Global Standards: Ensure security practices meet client SLAs and align with global standards and regulations.

Job Qualifications:

• Bachelor's degree in a related field; experience in risk management, incident response, and compliance.
• Familiarity with security frameworks (ISO 27001, NIST, PCI-DSS) and cloud security (AWS, Azure).
• Experience with incident management, breach investigations, and response planning.
• Strong communication and leadership skills; ability to drive cross-functional initiatives.
• Security certifications (e.g., CISSP, CISM, CISA) are a plus.

What You’ll Enjoy:

• Competitive salary and benefits
• Career growth and learning opportunities
• Opportunities to collaborate with global leaders

Information Security Lead Auditor

Posted 1 day ago

Job Description

Lead Auditor will conduct ISO 27001 audits and assessments for client organizations, evaluating controls and guiding improvements to achieve compliance.

• Develop audit plans; conduct on-site audits; document findings and non-conformities.
• Provide recommendations to strengthen ISMS and support ISO 27001 certification efforts.
• Communicate results to client management; stay updated on ISO standards.
• Travel locally and internationally as required; certifications such as ISO 27001 Lead Auditor preferred.

Qualifications:

• Bachelor’s degree in Information Security, IT Management, or related field.
• ISO 27001 Lead Auditor certification or equivalent; 2-4 years IT auditing or related experience.
• Strong knowledge of ISO 27001 controls; excellent report writing and client-facing skills.
• Ability to travel up to 30% (including international).

Information Security Manager

Posted 1 day ago

Job Description

Overview: Oversee the implementation and maintenance of the organization’s information security strategy; ensure risk management, incident response, and regulatory alignment; promote security awareness.

• Security Governance & Strategy: Develop, implement, and maintain security policies and procedures; align with regulatory requirements; support audits against ISO 27001, NIST, GDPR.
• Risk & Vulnerability Management: Conduct risk assessments and vulnerability scans; maintain risk register; oversee remediation plans.
• Security Operations: Monitor tools (SIEM, firewalls, DLP); lead incident response and investigations; coordinate patching and hardening.
• Identity & Access Management: Manage access controls and MFA implementations.
• Security Awareness & Training: Develop employee security education programs.
• Project & Vendor Security: Provide security oversight for IT projects; review third-party security contracts.

What Our Client Looks For:

• Bachelor’s degree; Master’s preferred; ISO 27001, NIST, COBIT knowledge; cloud security experience.
• Strong leadership and communication skills; ability to influence across functions.
• Preferred certifications: CISM, CISSP, ISO 27001 Lead Implementer/Auditor, CompTIA Security+, CEH.

Location and logistics vary by client engagement.

Information Security Analyst

Posted 1 day ago

Job Description

Information Security Analyst – Incident Investigation

Location: Cyber Security Operations Center

Division: Cyber Security Investigation and Threat Intel

Role: Investigate incidents, collect evidence, draft incident and threat intelligence reports, coordinate with HR, Legal, Compliance, and other teams; stay updated on security trends.

• Requirements: Bachelor’s in IT/Engineering or related; 4–8 years in cybersecurity with incident investigation and threat intel experience.
• Skills: Incident response, digital forensics, malware analysis, TCP/IP, Linux/Windows; experience with Splunk/ELK/YARA, etc.

What Sets You Apart: Deep incident investigation and threat intelligence expertise; ability to work under pressure.

OpenText – Manager, Information Security (Manager, SOC)

Posted 1 day ago

Job Description

Overview: Manager of Security Operations Center (SOC) within the Information Protection Center; oversee SOC operations, incident response, and coordination with client teams; typically 8-5pm EST.

• Define and grow SOC services; lead significant incident responses; collaborate with client teams for issue resolution.
• Organize assessments of security controls; manage resources and dashboards; develop SOPs; interface with internal audit and compliance.
• Lead risk assessments for policy deviations and ensure staffing coverage.

Qualifications:

• 7+ years information security; 4+ years in SOC; 3+ years management experience.
• CISSP, CISA, CISM, or similar preferred.
• BS in CS/ Cyber Security; strong communication and leadership skills.

Note: Some sections include vendor disclosures and corporate policy language.

Information Security Analyst

Posted 1 day ago

Job Description

Incident Investigation – Information Security Analyst

What You’ll Do: Collect and analyze evidence, draft incident and threat intel reports, coordinate with internal teams, and stay current on global security trends.

• Requirements: 4–8 years in cybersecurity with incident investigation and threat intel; degree in IT/Engineering or related field.
• Skills: Incident response, forensics, malware analysis; familiarity with security tools (Splunk, ELK, etc.).

What Sets You Apart: Expertise in incident investigation and threat intel; ability to work under pressure.

What Locations Can I Find These Jobs In?

This page lists multiple openings; locations vary by role and client.

#J-18808-Ljbffr

---