Information Technology

Reliance: Information Security Specialist

Mandaluyong, Metro Manila
Work Type: Full Time
Job Overview

This role is responsible for leading the Information Security initiatives of Reliance United. As part of the Information Security department, this role will work closely with technology and data privacy functions to identify areas of improvement and support initiatives to promote information security within the organization.

Duties and Responsibilities

  • Lead information security policy formulation and cascade
  • Lead the working group in handling the information security segment of with internal and external clients (audits calls/meetings, preparation and submission of artifacts)
  • Partner with SMEs on identifying vulnerabilities and risks in network, hardware, and software, and process
  • Provide security guidance or solutions during the development stages of software systems, networks, and data centers in consultation with the ISDP office
  • Providing level 1/standby support for any cybersecurity incident response (CIRT)
  • Lead in security events/incidents analysis and support to include identifying potential threat, anomalies, and infections, documenting findings, providing recommendations within the incident management system
  • Develop infosecurity guidelines based on the principles of zero trust, secure by design and  defense in depth
  • Review and update information security policies and procedures
  • Conducting regular internal audits to ensure compliance with established security measures based on established information security policies.
  • Keep up to date with industry trends as inputs on security technology and process improvements
  • Conducts periodic cybersecurity assessments with various business units
  • Creates periodic cybersecurity report for management’s information
  • Conducts periodic and ad hoc security awareness and trainings, including development of training courses and security awareness materials
  • Ensure compliance with relevant industry standards and regulations (e.g., ISO 27001, SOC 2)

Qualifications

  • Bachelor's degree in Computer Science, Information Technology, or other Engineering Degrees
  • At least 2-3 years of experience in Implementation and configuration information security tools
  • At least 2-3 years of experience in infosecurity policy formulation and implementation
  • Excellent verbal and written communication skills. Strong Technical Writing capability
  • With at least 1 beginner and 1 intermediate certification training: CompTIA Security+, CC, GSEC, SSCP, CEH, CompTIA CASP+, CISSP, CISM, OSCP, etc.
  • Technical knowledge and experience in the following:
    • Cloud, Network, Server and Database Security
    • Application Security
    • Data Loss Prevention (DLP)
    • Endpoint Detection and Protection (EDR)
    • Identity and Access management (IAM)
    • Syslog and SIEM solutions


Submit Your Application

You have successfully applied
  • You have errors in applying