Information Security Officer [Philippines]

 

Job Description

This is a remote position.

$ads={1}

About the Client:

Started in 2013 by CEO Carmen Booth and Managing Director Jamie Booth with a vision to provide businesses from all around the world with their own full-time, first-rate offshore team in the Philippines.

Our smart tailored outsourcing and HR solutions deliver high-quality results with reduced operating costs for companies of all sizes across a wide range of industries.

Job Summary:

The Information Security Officer is responsible for implementing software and security measures to protect systems and infrastructure from cyber threats and network intrusions, including bugs, malware, and hacking attempts for both Booth and Partners and ARCH Offices.

The main goal of Information Security Officer I is to ensure company’s IT security - by enforcing policies, responding to threats, risk reduction, managing applications and infrastructure’s security, and keeping up with the latest trends and threats.

Responsibilities:

Main Tasks:

• Sensitivity to threats, suspicious activities, and risks - proactively providing recommendations and reacting swiftly towards mitigation and resolution
  
• Organizational awareness - works closely with leadership team on identifying and alarming possible fraud activities
  
• Prioritizing client and stakeholder by ensuring secure access to infrastructure while also not compromising reasonable ease of access and operation
  
• Conduct data analysis reduce the risks associated with security breaches and to mitigate threats before they can be exploited
  
• Researching and reviewing latest security trends and emerging threats and implementing necessary preventive measures to avoid these threats
  
• Sourcing and implementing new security solutions to better protect the company, its data and IT infrastructure
  
• Manages firewall and other network security devices to protect the company’s network from external threats
  
• Deploys and manages endpoint protection such as antivirus. Keeping AV definitions up-to-date. Regularly checks and investigates detected infections and potential threats.
  
• Ensures security policies for all devices are being enforced
  
• Implement encryption (disk or file level) to applications, website, and systems databases
  
• Assists in implementing and managing cloud based URL filtering and application control solutions
  
• Defines resources, control structures, and access privileges to protect the system.
  
• Spearhead Security Incident Response and Disaster Recovery Plans testing and evaluations
  
• Enforces the use of secure erasure solutions such as NIST and SOC 2 compliant software to wipe data
  
• Conducts regular security audits on network appliances, web servers, applications, and business tools, considering existing organization compliances
  
• Performs or assists in conducting penetration testings
  
• Developing and coordinating a thorough security strategy to Network Engineer for the company’s network infrastructure
  
• Assists on evaluating new updates and patches on systems and services prior deployment or installation
  
• Assists in data privacy impact assessments
  
• Complete daily operational tasks within the predefined SLA.
  
• Provides regular and timely IT Security report and status.

Secondary Tasks:

• Manage and maintain CCTV, biometrics, and RFID systems
  
• Work closely with Facilities in office security management
  
• Ensure daily operations and troubleshooting documentations are relevant and up to date. Identifies gaps and improvements in processes and protocols.
  
• Assists on monitoring IT systems and applications especially for potential threats and vulnerabilities.
  
• Assists on evaluating vendor systems, applications, and services prior acquisition in terms of data security requirements
  
• Performs ad-hoc responsibilities/assignments from time to time.
  
• Work closely with TQA and HR team for the annual security trainings of employees

Requirements

• Bachelor’s degree in Computer Science, Information Technology, or equivalent education
  
• Minimum of 2 years relevant experience
  
• Knowledge of computer networking concepts and protocols and network security methodologies
  
• Excellent problem-solving and analytical skills
  
• Ability to educate a non-technical audience about various IT security measures and awareness programs
  
• Strong attention to detail with excellent time management and organization skills, independent, excellent interpersonal skills, highly motivated, and able to work under pressure.
  
• Good to intermediate english communications, both written and verbal
  
• Hybrid setup - willing to report to the office (Makati and/or BGC) at least once a week or whenever needed, 24/7 shifting schedule, with minimal coverage during holidays and weekends.
  
• Must have Fiber Optic internet with at least 25 Mbps bandwidth
  
• Must have a backup desktop or laptop with the latest OS

GOOD TO HAVE

• Experience with the following: Anti-Virus, Firewall management, Encryption, Intrusion detection systems (IDS) and intrusion prevention systems (IPS), Network Forensics
  
• Experience with vulnerability scanning solutions
  
• Experience in using and protecting Enterprise and Service Provider platforms and architectures such as Google Workspace, Zoho, Zscaler, Microsoft applications, RingCentral or any similar systems
  
• Experience in performing security audits
  
• Having CompTIA Security+, CCNA, CCNP Security, Cisco Certified CyberOps certification or equivalent

Benefits

WHAT WE OFFER:

✔ Great Place to Work-Certified Company

✔ Premium HMO

✔ Holistic employee experience

✔ Work-from-home and hybrid work setup

✔ Rewards and incentives

✔ Monthly engagement activities

✔ Career advancement opportunities

✔ Paid referral program

Work Experience

4-5 years

$ads={2}

 

.