Cybersecurity Engineer

The Cybersecurity Engineer is responsible for designing, implementing, and maintaining security controls and preventive technologies to safeguard the company's IT infrastructure, web services, and data assets. The role involves conducting security reviews, monitoring compliance with established policies, setting up access control processes, and ensuring timely follow-up on security gaps.

Responsibilities:

● Preventive Security Implementation

○ Deploy and manage security technologies (firewalls, endpoint protection, IDS/IPS, vulnerability scanners, SIEM, MFA, etc.).

○ Define and enforce security baselines for systems, networks, and applications.

○ Conduct security hardening and patch management.

● Security Review & Risk Assessment

○ Perform regular security assessments, including vulnerability scans and penetration testing coordination.

○ Lead risk reviews for new systems, projects, and vendor solutions.

○ Document risks, recommendations, and remediation actions.

● Monitoring & Incident Prevention

○ Establish and manage continuous monitoring processes for threats, logs, and alerts.

○ Ensure timely response and escalation of potential security incidents.

○ Track remediation status and follow up with responsible teams.

● Access Control & Privilege Management

○ Define and maintain an access review calendar (quarterly/semi-annual/annual).

○ Review privileged access accounts and enforce least-privilege principles.

○ Follow up on anomalies and non-compliance cases.

● Compliance & Policy Adherence

○ Assist in ensuring compliance with internal policies and external standards (ISO 27001, GDPR, HIPAA, SOC2, etc., as applicable).

○ Support audits by providing security documentation and evidence.

● Awareness & Training

○ Conduct periodic security awareness sessions for IT and business teams.

○ Provide technical guidance to engineers and supervisors on secure practices.

Prepared Qualifications:

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related field (or equivalent experience).
• Minimum 3+ years of relevant experience in system security, IT operations, or cybersecurity roles.
• Relevant certifications preferred: CompTIA Security+, CEH (Certified Ethical Hacker), CISSP (Certified Information Systems Security Professional), CISM, or GIAC.
• Cloud-related certifications (e.g., AWS Security Specialty, Microsoft Azure Security Engineer) are an advantage.
• Strong knowledge of network security principles, firewalls, VPNs, IDS/IPS, endpoint protection, and SIEM tools.
• Hands-on experience with vulnerability management, penetration testing tools, and log analysis.
• Familiarity with identity and access management (IAM), MFA, and privileged access management (PAM).
• Proficiency in Linux and Windows system administration from a security perspective.
• Knowledge of web application security concepts (OWASP Top 10, API security, encryption standards).
• Experience implementing or supporting compliance frameworks (e.g., ISO 27001, SOC 2, GDPR, HIPAA).
• Basic to intermediate scripting skills (Python, Bash, PowerShell) for automation/security tooling is a plus.
• Strong analytical and problem-solving skills, with ability to interpret security data and recommend actions.
• Ability to prioritize and manage multiple security tasks under pressure.
• Strong communication skills to explain technical risks to non-technical stakeholders.
• Detail-oriented, with a mindset for risk prevention rather than only incident response.
• Capable of working independently while collaborating effectively with IT, operations, and business units.
• Hands-on experience with security monitoring, access reviews, and incident management.
• Prior experience in a web service or cloud-based environment preferred.

Benefits:

• Training and Development Programs
• Unlimited Career advancement opportunities
• Transportation Incentive
• Health Care Plan (HMO) with Dental and Vision upon regularization
• Group Life and Accident Insurance upon regularization
• Sick and Vacation Leave upon regularization. ALL unused sick leave credits are commutable to their cash equivalent based on the basic salary equivalent at the end of the year and will be distributed before the end of the first quarter of the succeeding year.
• Bereavement Leave of 3 days upon regularization
• Healthy and Encouraging Work Environment
• 13th Month Pay as mandated by the Philippine Government
• Government Mandated Benefits (SSS,PHIC and Pag-ibig)

Job Type: Full-time

Work Location: In person