Security & Privacy Analyst

6 days ago


Manila, National Capital Region, Philippines Countable Web Productions Full time ₱1,920,000 - ₱2,520,000 per year

Company: Cortico – Healthcare solutions for providers and patients

Are you passionate about security and privacy? Do you have a talent for aligning compliance frameworks with business goals, ensuring processes empower employees rather than burden them? If so, we'd love to meet you

We are seeking an Information Security & Privacy Compliance Manager to lead our efforts in maintaining strong security and privacy practices across the organization. This role requires a mix of technical know-how, strong written communication skills, and experience with privacy and security frameworks such as ISO 27001, SOC 2 Type 2, and HIPAA.

Responsibilities

  • Lead Compliance Initiatives:
  • Ensure compliance with ISO 27001, SOC 2 Type 2, and HIPAA standards.
  • Design security processes and policies that align with real business needs and empower employees.
  • Privacy and Security Governance:
  • Maintain and improve privacy policies and practices in accordance with evolving regulations.
  • Collaborate with teams to develop workflows that protect sensitive data while remaining practical and efficient.
  • Vendor & Contractor Management:
  • Manage relationships with security contractors, including pentesters, ensuring timely and thorough vulnerability assessments.
  • Assess vendor compliance with internal security requirements and industry standards.
  • Incident Response & Risk Management
  • Oversee the identification, tracking, and resolution of vulnerabilities from internal and external assessments.
  • Develop incident response protocols and lead tabletop exercises with cross-functional teams.
  • Training & Communication:
  • Deliver engaging security and privacy awareness training to internal teams.
  • Draft clear, concise security policies and documentation that are easy for employees to understand and apply.

Required Skills and experience

  • Excellent written communication skills:
  • Ability to translate complex security and compliance topics into clear, actionable guidance for various audiences.
  • Experience with privacy and security frameworks:
  • In-depth knowledge of ISO 27001, SOC 2 Type 2, HIPAA, and other relevant frameworks.
  • Practical experience aligning compliance work with business needs and minimizing friction for employees.
  • Understanding of web application security:
  • Familiarity with common web vulnerabilities and basic penetration testing concepts (e.g., OWASP Top 10, vulnerability scanning).
  • Ability to manage security contractors, assess their deliverables, and interpret the results of pentests and security audits.
  • Risk Management Expertise:
  • Proven ability to assess risks, identify mitigation strategies, and prioritize initiatives for optimal business impact.
  • Bonus Skills: Hands-on experience with penetration testing, threat modeling, or vulnerability management tools.

Nice to Have:

  • Tier 2 (troubleshooting)
  • Dev Ops (linux / deployment automation)
  • Technical writing
  • Proposal writing
  • Compliance management
  • Information security (pentesting / red teaming / NIST / vuln scanning)
  • Design QA
  • User research
  • Data engineering
  • QA testing
  • Grant management

Why Join Us?

  • A collaborative environment where security is seen as a business enabler, not a blocker.
  • Opportunities to shape policies that not only ensure compliance but also help employees work more effectively.
  • The chance to work with passionate teams committed to building secure, privacy-conscious solutions.

Benefits: https://countable-

Note: Your application must include a resume, and a cover letter. To avoid automated submissions, and to see if you pay attention to detail and follow instructions, your cover letter must be exactly 100 words.

Important: This job post is for a full-time position only. Before applying, please ensure you are available and interested in committing to a full-time work schedule and you don't plan to have other full-time engagement in another company.

Job Types: Full-time, Permanent

Pay: Php40, Php45,000.00 per month

Benefits:

  • Company events
  • Work from home

Application Question(s):

  • Did you see this job on Cortico website? (Yes or No)
  • Enter your cover letter here or submit a file, a cover letter is a requirement.

Education:

  • Bachelor's (Preferred)

Experience:

  • Risk Management Expertise: 1 year (Required)
  • Vulnerability Management Tools: 1 year (Preferred)
  • ISO 27001, SOC 2 Type 2, and HIPAA: 1 year (Required)
  • Privacy and Security Governance: 1 year (Required)
  • Vendor & Contractor Management: 1 year (Required)
  • Incident Response & Risk Management: 1 year (Required)
  • OWASP Top 10, vulnerability scanning: 1 year (Required)
  • Penetration testing, Threat Modeling: 1 year (Preferred)

Language:

  • English at a Professional or Business level (Required)
  • English (Required)

  • Security Analyst

    17 hours ago


    Manila, National Capital Region, Philippines blueAPACHE Full time ₱1,200,000 - ₱3,600,000 per year

    About usblueAPACHE is an Australian owned award-winning Managed Service Provider, recognised for the 5th year running, as Mid-Market Partner of the Year at the ARN Innovation Awards.We pride ourselves on being a genuinely great place to work, with a vibrant culture, clear vision, and strong leadership. When joining blueAPACHE, you are joining an organisation...


  • Manila, National Capital Region, Philippines Five9 Full time ₱900,000 - ₱1,200,000 per year

    Join us in bringing joy to customer experience. Five9 is a leading provider of cloud contact center software, bringing the power of cloud innovation to customers worldwide.Living our values everyday results in our team-first culture and enables us to innovate, grow, and thrive while enjoying the journey together. We celebrate diversity and foster an...


  • Manila, National Capital Region, Philippines QBE Insurance Group Full time ₱60,000 - ₱120,000 per year

    Primary DetailsTime Type: Full timeWorker Type: EmployeeWe are seeking a highly skilled and motivated Senior Security Analyst to join our Global Security Operations Centre based in the Philippines. Reporting to the Global Security Operations Centre Lead, the Senior Security Analyst will be a key member of our rapidly growing Global team. This role is...

  • IT Security Analyst

    6 days ago


    Manila, National Capital Region, Philippines First Focus Full time ₱40,000 - ₱60,000 per year

    About First FocusFirst Focus is Australia's leading Managed Service Provider, with a team of over 300 technical professionals across Australia, New Zealand, and the Philippines. For over 15 years, we've delivered exceptional IT services and solutions, growing consistently and profitably. Our commitment to innovation and excellence has led to the expansion of...


  • Manila, National Capital Region, Philippines GCash Full time ₱1,500,000 - ₱2,500,000 per year

    Do you want to take the first step in making Filipinos' lives better everyday? Here in GCash we want to stay at the forefront of the FinTech industry by creating innovative, meaningful, and convenient financial solutions for the nation G ka ba? Join the G Nation todayKey ResponsibilitiesConduct Privacy Impact Assessments (PIAs): Identify, evaluate, and...

  • Governance Analyst

    4 days ago


    Manila, National Capital Region, Philippines Private Advertiser Full time ₱300,000 - ₱600,000 per year

    As an IT Governance Analyst, you will support governance, compliance, and security-related initiatives within the IT department. Reporting to the Senior Director of Information Systems, this role is ideal for a detail-oriented and analytical professional who wants to grow into a Governance and Compliance Lead. You will start by assisting with SOC 2 audits,...


  • Manila, National Capital Region, Philippines SecureOps Full time ₱25,000 - ₱1,200,000 per year

    SOC - Cyber Security Analyst L1The primary responsibilities of the Level 1 Cyber Security Analyst are to sort, filter, analyze, qualify and escalate various cyber-security alerts inside log aggregation tools (SIEM) such as ArcSight, Splunk, and QRadar. The Analyst is also responsible for incident follow-up, process suggestions, and basic automation. This...


  • Manila, National Capital Region, Philippines Kroll Global Solutions Inc. Full time ₱1,200,000 - ₱2,400,000 per year

    Our professionals balance analytical skills, deep market insight and independence to deliver solid, defensible analysis and practical advice to our clients. As an organization, we think globally. We create transparency in an opaque world, and we encourage our people to do the same. That means when you take your place on our team, you'll discover a supportive...


  • Manila, National Capital Region, Philippines Kroll Full time ₱900,000 - ₱1,200,000 per year

    Our professionals balance analytical skills, deep market insight and independence to deliver solid, defensible analysis and practical advice to our clients. As an organization, we think globally. We create transparency in an opaque world, and we encourage our people to do the same. That means when you take your place on our team, you'll discover a supportive...


  • Manila, National Capital Region, Philippines Melco Resorts & Entertainment Full time ₱1,200,000 - ₱2,400,000 per year

    REQ12454 Senior Analyst, Cyber Security Operations (Open)Position SummaryThe Senior Analyst, Cyber Security Operations acts as a critical escalation point within the Cyber Security Operations Center (CSOC) team. He/she is responsible for advanced analysis, incident handling, and in-depth investigations of security events. The analyst serves as a mentor to...