Security Governance Analyst

Employment type
: Permanent

Location
: Makati City, Metro Manila

Work setup
: Hybrid (open to 2x a week in the office)

Work schedule
: 3PM to 11PM Manila Time

Pay range
: Php 35,000 to Php 47,000

Discover a world of endless possibilities with Cambridge University Press & Assessment, a distinguished global academic publisher and assessment organisation proudly affiliated with the prestigious University of Cambridge.

We are seeking a detail-oriented and committed Security Governance Analyst to join our Manila-based Group Security Team at Cambridge University Press & Assessment. This role supports the Head of Security GRC in advancing security governance practices, ensuring policy compliance, and strengthening supplier risk assurance across the organisation. You'll contribute to internal audits, policy development, and supplier assessments, helping maintain regulatory alignment and operational security excellence.
Why Cambridge?
At Cambridge, our unwavering commitment is to excel in education, learning, and research on a global scale. With a presence in over 170 countries, we empower millions of individuals, unlocking their potential and enabling their success. From dedicated teachers shaping young minds to visionary researchers pushing the boundaries of knowledge, we embody a relentless pursuit of enlightenment, curiosity, and understanding.

We embrace change as an opportunity for growth and progress, constantly adapting to meet the evolving needs of our customers. Collaboration and attentive listening are at the heart of our journey, as we work hand in hand with our customers and each other to innovate and discover more effective ways to achieve our goals. We believe people thrive in an environment where Trust and Empowerment are at the forefront, which is why all our new team members are provided regularisation on their first day so they can start #PursuingPotential from day one.

Joining Cambridge means becoming a part of an extraordinary institution renowned worldwide. Beyond that, you'll become a part of a vibrant and forward-thinking community that transcends tradition, fostering a culture of continuous growth and personal development. Here, we provide the right environment for you to thrive, supporting your professional journey and empowering you to reach your highest potential, that is why our pay philosophy is intricately tied to your skills and competencies, ensuring that your compensation aligns with the unique value you bring to the role you are applying for.

What can you get from Cambridge?
In this role, you'll have the opportunity to collaborate with colleagues from diverse branches, expanding your horizons and enriching your understanding of different cultures. We value your wellbeing and offer stability, fostering your professional and personal growth through internal and external activities and training sessions to help enrich your skillset.

Enjoy work-life balance flexibility through our range of options, including flexible schedules, hybrid work arrangements, and generous paid leave. As a regular employee on Day One, you'll have access to comprehensive healthcare benefits, ensuring your peace of mind with coverage for dependents, group life insurance, and robust well-being programs.

What will you do as a Security Governance Analyst?
As a Security Governance Analyst, you will help shape and maintain our security governance posture across internal teams and third-party suppliers.

Your responsibilities will include:

• Supporting the development and documentation of security policies and ISMS improvements.
• Assisting with internal and external security audits, including ISO 27001 and Cyber Essentials.
• Supporting the supplier security assurance process, including onboarding, assessments, and monitoring.
• Collaborating on compliance tracking and regulatory reporting.
• Promoting security awareness through campaigns and simulations.
• Contributing to risk identification and mitigation activities across the organisation.

What makes you the ideal candidate for this role?
The following will help you excel in this role:

• A degree and 2+ years of experience in a GRC within Information Security.
• Strong working knowledge of ISO 27001, ISO 27005, Cyber Essentials, and supply chain security.
• Certifications in ISO 27001 Foundation, CRISC, or equivalent are a plus.
• Ability to manage multiple tasks with high attention to detail.
• Effective communicator with the ability to explain technical matters to diverse stakeholders.
• Proactive, collaborative, and eager to support continuous improvement in governance and risk practices.

If you are passionate about cybersecurity governance and take pride in building secure, compliant, and well-audited environments, we would love to hear from you. Join us in strengthening our security foundations and making a lasting impact across our global operations.

Deadline of application submission is on July 3, 2025, but may close early if we receive sufficient applications. Therefore, if you are interested, please submit your application as early as possible. Whilst not essential, it is very advantageous if you submit a Cover Letter alongside your CV.