Job Description

Reducing risk through governance and education:

• Responsible for being the Subject Matter Expert (SME) for Information Security Incident Response Actions, ensuring incidents are properly triaged, addressed, tracked, and closed.
• Create Incident Response Playbooks and help in developing Standard Operating Procedures (SOP).
• Responsible for performing internal and external security assessments/testing to validate the effectiveness of current security infrastructure using commonly available security assessment tools and make recommendations to remediate identified risks or vulnerabilities.
• Responsible for review and audit of assets such as VPN, Firewall, & IDS/IPS Configuration & Management.
• Responsible for assisting in the development of appropriate security related policies, procedures, guidelines, standards, benchmarks/metrics and/or processes for network infrastructure, servers, firewalls, intrusion detection/prevention (IDS/IPS) appliances and software.
• Responsible for monitoring, management and review of network security components and event management applications, as well as the ability to make prudent recommendations for improving overall network security.
• Responsible for assisting in various projects to ensure corporate governance of security and compliance with applicable regulations.
• Generates Information Security metrics and reports for executive leadership
• Liaisons with Legal for vendor management, e-discovery, and basic forensics
• Directs Security Awareness Training for employees
• Develops policy documentation

Qualification

• Acts responsibly with sensitive and confidential information
• Is creative and resourceful as a problem solver
• Consistently demonstrates the drive to deliver successfully even under difficult timelines
• Has strong analytical, methodical, investigative and auditing skills
• Knows when to make practical rational decisions that reduce risk to JobTarget information and Information systems
• Good written and verbal communications skills
• Good technical writing skills
• A critical logical thinker who is efficient and methodical

TECHNICAL SKILLSGood understanding of the following:

• Background in a security governance model such as NIST, ISO, PCI, or HIPPA.
• Experience in developing cybersecurity policies and procedures
• Familiarity with risk management frameworks.
• Familiarity with Asset Management
• Able to define and understand various lines of business and the relationship to cybersecurity roles, responsibilities, and risk management decisions.
• Familiarity with access control management and strategies
• Able to manage vulnerability remediation through use of mitigation strategies
• Familiarity with security control assessments and procedures
• Ability to perform audits of systems, software, and security controls
• Familiarity with administering a corporate security awareness training program
• Experience with vetting vendors and vendor management
• Familiarity with legal and regulatory compliance requirements.
• HIDS/NIDS
• Network Monitoring Tools
• Case Management System
• Web Security Gateway
• Email Security
• Data Loss Prevention
• Network Access Control
• Encryption
• Vulnerability Identification

Job Types: Full-time, Fresh graduateSalary: Php60,000.00 - Php80,000.00 per monthBenefits:

• Paid training

Schedule:

• 8 hour shift

Supplemental Pay:

• 13th month salary

Education:

• Bachelor's (Preferred)

Experience:

• NIST, ISO, PCI, or HIPPA.: 1 year (Preferred)
• auditing systems, applications, networks for security risks: 2 years (Preferred)