Security Engineer

The role's primary focus is protecting the Firm's information security interests, leveraging advanced security tools and applications. As part of the Information Security Office (ISO), this role will work closely with technology functions to identify areas of improvement and supporting initiatives to promote information security within the organization.

Responsibilities

Planning, implementing, managing, monitoring, and upgrading security measures for the protection of the organization's data, systems, and networks.

Troubleshooting Security and network related problems.

Responding to all system and/or network security issues.

Ensuring the organization's data and infrastructure are protected by enabling the appropriate security controls.

Participating in the change management process.

Testing and identifying network and/or system security vulnerabilities.

Evaluating the organization's security requirements and establishing best practices and standard accordingly.

Daily administrative tasks, reporting, and communication with the relevant stakeholders in the organization.

Required Qualifications

Bachelor's degree in information technology or similar IT related course.

Must have 5-12 years of Security Engineering experience including establishing and monitoring information security controls.

Proven and strong technical writing capability – be prepared to provide and/or discuss samples.

5+ years of real-world experience in one or more of the following security tools and technologies:

Microsoft Sentinel

Microsoft Defender Suites (Identity, Endpoint, Security, Cloud, others)

CyberArk Privileged Access Management (PAM)

Zscaler Cloud Security

Tenable Vulnerability Management

Physical Security

Excellent verbal and written communication skills, with the ability to coordinate effectively with vendors and global teams; strong administrative capabilities in task development, time management, and resource allocation to meet target deadlines.

Demonstrated troubleshooting, follow-through, and critical-thinking skills.

Have a high-level of risk intelligence and security awareness.

Relevant vendor and/or vendor neutral certification(s) such as Microsoft Security Operations Analyst (SC-200), Microsoft Cybersecurity Architect (SC-100), CyberArk Trustee / CyberArk Defender / CyberArk Sentry / CyberArk Guardian, Zscaler Digital Transformation Administrator (ZDTA) / Zscaler Digital Transformation Engineer (ZDTE), CASP+, ISC2 SSCP.

Work Shift and Arrangement

Embrace a dynamic work environment to work on a mid-shift (2:00PM-11:00PM PHT) or graveyard shift (11:00PM-8:00AM PHT).

On-call rotation participation.

Amenable to go on a hybrid working arrangement (at least 3 days work onsite per week) and work in Makati City.

#MIDSENIOR

#INFOSEC

#LI-MJ1

#LI-HYBRID

What You Can Expect from Us

At ISS STOXX, our people are our driving force. We are committed to building a culture that values diverse skills, perspectives, and experiences. We hire the best talent in our industry and empower them with the resources, support, and opportunities to grow—professionally and personally.

Together, we foster an environment that fuels creativity, drives innovation, and shapes our future success.

Let's empower, collaborate, and inspire.

Let's be #BrilliantTogether.

About ISS STOXX

ISS STOXX GmbH is a leading provider of research and technology solutions for the financial market. Established in 1985, we offer top-notch benchmark and custom indices globally, helping clients identify investment opportunities and manage portfolio risks. Our services cover corporate governance, sustainability, cyber risk, and fund intelligence. Majority-owned by Deutsche Börse Group, ISS STOXX has over 3,400 professionals in 33 locations worldwide, serving around 6,400 clients, including institutional investors and companies focused on ESG, cyber, and governance risk. Clients trust our expertise to make informed decisions for their stakeholders' benefit.

Institutional Shareholder Services ("ISS") is committed to fostering, cultivating, and preserving a culture of diversity and inclusion. It is our policy to prohibit discrimination or harassment against any applicant or employee on the basis of race, color, ethnicity, creed, religion, sex, age, height, weight, citizenship status, national origin, social origin, sexual orientation, gender identity or gender expression, pregnancy status, marital status, familial status, mental or physical disability, veteran status, military service or status, genetic information, or any other characteristic protected by law (referred to as "protected status"). All activities including, but not limited to, recruiting and hiring, recruitment advertising, promotions, performance appraisals, training, job assignments, compensation, demotions, transfers, terminations (including layoffs), benefits, and other terms, conditions, and privileges of employment, are and will be administered on a non-discriminatory basis, consistent with all applicable federal, state, and local requirements.

time left to apply End Date: December 31, 2025 (30+ days left to apply)