Cybersecurity Governance, Risk, and Threat Analyst

Protect. Prevent. Empower. Be a Cybersecurity Governance, Risk, and Threat Analyst at Smartsourcing and keep businesses safe, compliant, and resilient.

Hi We're Smartsourcing and we're on the lookout for a full-time and onsite Cybersecurity Analyst. Here, we exist to protect what matters most—people, data, and trust. This role strengthens that mission by combining governance, risk management, and threat intelligence to keep businesses resilient.

Where? JEG Tower, Archbishop Reyes, Corner Acacia St., Barangay Kamputhaw, Cebu City, 6000 Cebu

The Cybersecurity Advocate, Risk & Threat Analyst strengthens the organization's security culture by combining awareness training, threat analysis, and compliance oversight. This role leads purple-team exercises, manages incidents, and drives security-first behavior to reduce risk and ensure regulatory alignment.

Maintenance of Governance Framework

• Develop, update, and assist in the enforcement cybersecurity policies, standards, and guidelines aligned with business objectives and regulatory frameworks.
• Management of cybersecurity process workflows.

Cybersecurity Awareness & Training

• Coordinate and deliver internal communication on cybersecurity awareness, updates, critical alerts and cybersecurity posture.
• Lead cybersecurity awareness training across departments, ensuring higher participation rates.
• Facilitate phishing simulations and training feedback loops.
• Ensure communication plans are tested and aligned with organizational policies.
• Ensure communication plans and cybersecurity training programs are tested and aligned with organizational policies and compliance requirements.

Threat and Risk Management

• Advise internal stakeholders on emerging risks and proactive mitigation strategies.
• Track and manage incidents ensuring incidents have updated documentation and reporting.
• Maintain compliance rates for Keeper usage, breach watch alerts and engagement across teams.
• Provide policy enforcement and support to all Departments
• Champion secure behavior, working closely with functional team leads to embed controls in day-to-day operations.
• Supports risk identification, assessment, and mitigation tracking.
• Perform and assist internal departments in business assessments to analyse risks and opportunities through appropriate tools.

Compliance, Audit & Reporting

• Champion compliance efforts across the business
• Lead compliance checks and audit preparation aligned with ISO 27001 and other regulatory standards.
• Produce structured reports for audits, team metrics, training KPIs, and incident summaries.
• Support documentation updates related to ISMS and audit tracking.

• Knowledge of threat detection and purple teaming concepts
• Experience in coordinating or delivering cybersecurity awareness training
• Familiarity with password management and security alert systems (e.g. Keeper)
• Working knowledge of ISO 27001 and regulatory frameworks
• Knowledge of incident management and SLA-based resolution practices
• Strong report-writing and KPI tracking experience
• Strong technical communication skills
• Solid understanding of the NIST Cybersecurity Framework
• Solid knowledge of threat intelligence and frameworks such as MITRE ATT&CK

• Effective communicator, with strong written and verbal presentation skills
• Ability to lead cross-departmental training programs
• Strong understanding of threat remediation tools and techniques
• Organized, with strong attention to documentation and audit-readiness
• Comfortable leading purple-team simulations and collaboration
• Capable of interpreting metrics and adapting strategy based on findings
• Able to interact with stakeholders in cross-functional teams.
• Good team player interested in sharing knowledge and cross-training other team members and shows interest in learning new technologies and products.
• Ability to create documents of quality.

Step Into the Smartsourcing Experience

Smartsourcing was created with one mission: to change lives. We're here to ensure that businesses flourish and, just as importantly, that every member of the crew is inspired, supported, and set up to thrive. For the fourth year running, we've been recognized as one of HR Asia's Best Companies to Work For. This award isn't just a title—it's a testament to our commitment to making Smartsourcing an incredible place to build a career.Why You'll Love Working Here

At Smartsourcing, we believe the best work comes from people who feel seen, heard, and valued. That's why we're all about fostering an environment where you can be your true self. We take pride in being certified as a Great Place to Work, because we know that when you love where you work, extraordinary things happen. Here's just a glimpse of what we offer:

• Weekends are yours (we respect your time off)
• 5-day Christmas Leave (unwrap real time off)
• Healthcare from Day 1 for you and your family (because healthcare matters)
• Free lunch and barista-crafted coffee daily (we take our caffeine seriously)
• Night shift differential for evening schedules
• Subsidized gym membership and sports wellness clubs including hiking and free-diving
• Smartsourcing Exclusives (deals made just for you)
• Themed BFFs, monthly knockoffs, summer parties

• Community give-back programs and personal development workshops

• And so much more

We're not just another outsourcing company. We're building something that actually matters here – a place where good work meets good culture.

Secure your future while securing others. Apply now at Smartsourcing.