Information Security Officer

We're Hiring: Information Security Officer!

As an Information Security Officer, you will be responsible for managing and implementing the organization’s information security system across all our global operations. Your role will involve collaborating across teams to integrate security practices, conducting regular audits and risk assessments, and administering security tools. You will also handle incident response and management, policy development, threat and vulnerability management, IT infrastructure security, data protection, and audit management. This role requires strong knowledge and experience with ISO:27001, and familiarity with other cybersecurity frameworks is advantageous.

Location: Taguig City, Philippines
Work Mode: Flexible office & remote
Role: Information Security Officer

Salary: ₱ 40,000 - 50,000

Roles and Responsibilities

Information Security Management

• Implement and manage the organization’s information security system.
• Oversee user access controls, cryptography measures, and physical security of IT assets.
• Monitor security, manage security cases & tickets, and perform security incident analysis.
• Conduct regular security audits, risk assessments, and reviews focused on IT infrastructure and operations.
• Propose and implement strategies to mitigate identified risks.
• Analyze a variety of security logs to identify actionable events (SIEM reports-alerts-tickets, system, network, security monitoring tools).

Security Management

• Collaborate with ICT and business teams to integrate security into workflows and processes
• Participate in the design, implementation, and administration of security tools to reduce risk.

Incident Response and Management

• Handle and investigate security incidents across endpoints, servers, and networks.

· Drive remediation efforts and continuous improvement based on incident analysis

· Monitor security advisories (e.g., CERT) and apply relevant actions.

Compliance and Policy Management

• Integrate and manage information security within daily operations.
• Maintain compliance with technical certifications.
• Regularly review and update policies as needed.
• Collect evidence and artifacts to meet compliance requirements (ISO:27001, PCI DSS, etc.).

Threat and Vulnerability Management

• Identify potential threats and vulnerabilities.
• Implement measures to manage and mitigate these threats and vulnerabilities.
• Ability to run scanner tools such as OpenVAS is beneficial.

Data & Infrastructure Security

· Ensure secure configuration of IT infrastructure and data protection measures

· Support protection of sensitive and regulated data (including PCI DSS scope where applicable)

Audit Management

• Prepare for and manage internal and external audits.
• Ensure all necessary documentation is in order and readily available for audits.

Qualifications & Skills

• Bachelor’s degree in IT, Computer Science, or a related field
• 4 - 5 years of experience in information security management, or any cybersecurity related field.
• Strong working knowledge of ISO 27001 (mandatory)
• Security Certifications such as CompTIA Security + etc. and /or experience with PCI DSS / NIST is advantageous.
• Familiarity with Microsoft environment such as Azure Entra, Intune Policies is advantageous.
• Ability to work well in a team and collaborate effectively with colleagues at all levels.
  
  

Ready to make an impact? Apply now and let's secure the future together!