Information Security Officer [Philippines]

 

Job Description

This is a remote position.

About the Client:

Started in 2013 by CEO Carmen Booth and Managing Director Jamie Booth with a vision to provide businesses from all around the world with their own full-time, first-rate offshore team in the Philippines.

Our smart tailored outsourcing and HR solutions deliver high-quality results with reduced operating costs for companies of all sizes across a wide range of industries.

Job Summary:

The Information Security Officer is responsible for implementing software and security measures to protect systems and infrastructure from cyber threats and network intrusions, including bugs, malware, and hacking attempts for both Booth and Partners and ARCH Offices.

The main goal of Information Security Officer I is to ensure the company’s IT security - by enforcing policies, responding to threats, risk reduction, managing applications, and infrastructure security, and keeping up with the latest trends and threats.

Responsibilities:

• Sensitivity to threats, suspicious activities, and risks - proactively providing recommendations and reacting swiftly toward mitigation and resolution
  
• Organizational awareness - works closely with the leadership team on identifying and alarming possible fraud activities
  
• Prioritizing clients and stakeholders by ensuring secure access to infrastructure while also not compromising reasonable ease of access and operation
  
• Conduct data analysis to reduce the risks associated with security breaches and to mitigate threats before they can be exploited
  
• Researching and reviewing the latest security trends and emerging threats and implementing necessary preventive measures to avoid these threats
  
• Sourcing and implementing new security solutions to better protect the company, its data, and IT infrastructure
  
• Manages firewall and other network security devices to protect the company’s network from external threats
  
• Deploys and manages endpoint protection such as antivirus. Keeping AV definitions up-to-date. Regularly checks and investigates detected infections and potential threats.
  
• Ensures security policies for all devices are being enforced
  
• Implement encryption (disk or file level) to applications, websites, and systems databases
  
• Assists in implementing and managing cloud-based URL filtering and application control solutions
  
• Defines resources, control structures, and access privileges to protect the system.
  
• Spearhead Security Incident Response and Disaster Recovery Plans testing and evaluations
  
• Enforces the use of secure erasure solutions such as NIST and SOC 2-compliant software to wipe data
  
• Conducts regular security audits on network appliances, web servers, applications, and business tools, considering existing organization compliances
  
• Performs or assists in conducting penetration testings
  
• Developing and coordinating a thorough security strategy for Network Engineer for the company’s network infrastructure
  
• Assists in evaluating new updates and patches on systems and services prior to deployment or installation
  
• Assists in data privacy impact assessments
  
• Complete daily operational tasks within the predefined SLA.
  
• Provides regular and timely IT Security reports and statuses.

Secondary Tasks:

• Manage and maintain CCTV, biometrics, and RFID systems
  
• Work closely with Facilities in office security management
  
• Ensure daily operations and troubleshooting documentation are relevant and up to date. Identifies gaps and improvements in processes and protocols.
  
• Assists in monitoring IT systems and applications, especially for potential threats and
  
• vulnerabilities.
  
• Assists in evaluating vendor systems, applications, and services prior to acquisition in terms of data security requirements
  
• Performs ad-hoc responsibilities/assignments from time to time.
  
• Work closely with TQA and HR team for the annual security training of employees

Requirements

• Bachelor’s degree in Computer Science, Information Technology, or equivalent education
  
• Minimum of 2 years relevant experience
  
• Knowledge of computer networking concepts and protocols and network security methodologies
  
• Excellent problem-solving and analytical skills
  
• Ability to educate a non-technical audience about various IT security measures and awareness programs
  
• Strong attention to detail with excellent time management and organization skills, independent, excellent interpersonal skills, highly motivated, and able to work under pressure.
  
• Good to intermediate english communications, both written and verbal
  
• Hybrid setup - willing to report to the office (Makati and/or BGC) at least once a week or whenever needed, 24/7 shifting schedule, with minimal coverage during holidays and weekends.
  
• Must have Fiber Optic internet with at least 25 Mbps bandwidth
  
• Must have a backup desktop or laptop with the latest OS

GOOD TO HAVE:

• Experience with the following: Anti-Virus, Firewall management, Encryption,
  
• Intrusion detection systems (IDS) and intrusion prevention systems (IPS), Network Forensics
  
• Experience with vulnerability scanning solutions
  
• Experience in using and protecting Enterprise and Service Provider platforms and architectures such as Google Workspace, Zoho, Zscaler, Microsoft applications,
  
• RingCentral or any similar systems
  
• Experience in performing security audits
  
• Having CompTIA Security+, CCNA, CCNP Security, Cisco Certified CyberOps certification, or equivalent

Benefits

WHAT WE OFFER:

✔ Great Place to Work-Certified Company

✔ Premium HMO

✔ Holistic employee experience

✔ Work-from-home and hybrid work setup

✔ Rewards and incentives

✔ Monthly engagement activities

✔ Career advancement opportunities

✔ Paid referral program

Work Experience

1-3 years

 

.