Information Security Manager

About the Company

PhilWeb is a publicly listed company and the leading gaming technology provider in the Philippines. It excels in the gaming industry by offering superior and innovative products while maintaining the highest standards of customer service. The company establishes strategic partnerships to ensure a fair, secure, and legal gaming experience for customers. Additionally, PhilWeb fosters a rewarding and dynamic work environment that attracts, retains, and motivates highly competent, passionate, and innovative individuals, delivering above-market value for shareholders.

Job Title: Information Security Manager

Reports To: VP of Information Technology

Job Summary:

The Information Security Manager has the responsibility for managing the day-to-day operations and personnel in-charge of the development and implementation of the organization's various information security programs and will be responsible for all ongoing activities, projects and initiatives that serve to provide appropriate access and protect the confidentiality, integrity and availability of the network, applications, employees, and business information in compliance with organization policies and globally acceptable best practices and standards.

Working closely with the rest of the I.T. group, the 'Infosec Team' helps resolves technical issues pertaining to information security as well as provide human and material resources to complete assigned I.T. projects, initiatives and tasks.

Key Responsibilities:

• Create, maintain, Implement, and enforce an organization wide information security policy.
• Monitors compliance with information security policies and procedures, referring problems to the appropriate department manager
• Provides direct training and oversight to all employees, affiliates, alliances, or other third parties, ensuring proper information security clearance in accordance with established organizational information security policies and procedures
• Initiates, facilitates, and promotes activities to create information security awareness within the organization
• Establish, manage, and perform information security risk assessments and serve as an internal auditor for security issues.
• Periodically review all network and system related security plans of the entire organization.
• Coordinates and inform/update the activities to the VP for Information of Technology
• Coordinates with 3rd party service providers and external organizations for information security requirements
• Advises the organization with current information about information security technologies and related regulatory issues.
• Monitors internal control systems to ensure that appropriate access levels are maintained
• Create, maintain, and implement a comprehensive disaster recovery and business continuity plan covering the vital information technology resources of the organization.
• Make the organization compliant with International Information Security Standards such as ISO and the like.
• Conduct periodic vulnerability assessment of all vital information technology resources and apply appropriate fixes or remedies to close potential risks.
• Manage the entire I.T. Information Security group by providing leadership, guidance, and developing programs and activities that will enhance productivity, increase work efficiency, improve morale, enhance camaraderie, and promote the well-being of each employee.
• Establish and administer the annual information security program budget and determine appropriate spending of the funds for the fiscal year.
• Maintain on-going professional development and obtain relevant education and certification for himself/herself and his/her qualified staff.

Qualifications & Experience:

• At least eight (8) years' experience in a combination of risk management, information security and IT jobs
• Solid communication skills to translate technical jargons to business-related decisions for management and clients
• Knowledge in Information Security Management frameworks
• Knowledge and experience in IT Infrastructure and Development
• Knowledge and experience in IT Operations with focus on IT Security
• Knowledge and experience in Cloud Computing
• Understanding of technologies, trends related to Information Security Management
• Can work independently
• Professional security management certification is an advantage
• Experience in managing organization compliance under ISO 27001 will be an advantage

Education: Bachelor's degree in information technology, Computer Science, Computer Engineering

Working Conditions: Office setting with a possibility of remote work arrangements.

Benefits: Health insurance, life insurance, paid time off, and opportunities for professional development.

Job Level & Salary Range

• Managerial Level
• Competitive salary, commensurate with experience.