IT and Application Security Manager

JOB SUMMARY:

Responsibilities include implementing security controls, conducting risk assessments, overseeing vulnerability management, and working closely with Engineering and IT teams to prevent, detect, and respond to security threats.

• Establish and implement security policies, standards, and procedures across IT systems and software platforms.
• Manage identity and access controls, including enforcement of least privilege, multi-factor authentication (MFA), and periodic access reviews.
• Oversee security of enterprise workspace tools (e.g., SSO, session management, account security configurations).
• Secure internal platforms and data access systems by enforcing proper configurations, access restrictions, and monitoring controls.
• Drive vulnerability management initiatives, including regular security scans, risk assessments, and tracking remediation of identified issues.
• Collaborate with Engineering teams to implement secure development practices, including code security scans and DevSecOps integration.
• Monitor system and data access activity, define alerting rules, and respond to suspicious or anomalous behavior.
• Lead and coordinate security incident response activities, including investigation, containment, and post-incident reviews.
• Manage third-party security engagements (e.g., VAPT) and ensure timely closure of findings.
• Implement and enforce data protection controls, particularly for sensitive and personal data (PII).
• Conduct regular audits of systems, user access, and configurations to identify and address security gaps.
• Provide regular reporting to leadership on security posture, risks, and remediation progress.

• Bachelor’s degree in Computer Science, Information Technology, Engineering, or a related field, or equivalent work experience
• At least 6–8 years of experience in cybersecurity, IT security, or application security roles
• Experience working in environments covering both infrastructure and software/application security
• Experience handling or supporting security incidents and remediation efforts
• Ecommerce or data-heavy platform experience is a plus

Technical Skills:

• Strong understanding of identity and access management (IAM), including SSO, MFA, and role-based access controls
• Solid knowledge of account, network (including VPNs, firewalls, and access restrictions), web and application security principles (e.g., OWASP Top 10)
• Experience with vulnerability management tools and practices (e.g., VAPT, security scanning tools)
• Familiarity with securing cloud and SaaS platforms (e.g., enterprise workspace tools, data platforms)
• Experience implementing or supporting DevSecOps practices, including code scanning and secure deployment pipelines
• Understanding of data security principles, including data classification, PII protection, and access restrictions
• Experience with logging, monitoring, and alerting tools for detecting anomalous system or user activity

Soft Skills:

• Strong analytical and problem-solving skills to identify risks and recommend effective security controls
• Ability to balance security requirements with business and operational needs
• Excellent communication skills to clearly articulate risks, controls, and recommendations to both technical and non-technical stakeholders
• Ability to work cross-functionally with Engineering, Product, and IT teams
• High level of accountability and ownership in managing security risks and initiatives
• Strong attention to detail in reviewing configurations, access controls, and system behaviors
• Ability to prioritize tasks and manage multiple security initiatives simultaneously
• Adaptability to evolving threats, technologies, and organizational needs
• Critical thinking and risk-based decision making in evaluating security posture and trade-offs
• Commitment to continuous learning and staying updated with security trends, threats, and best practices

Work Arrangement:

This role follows a hybrid work model, requiring two (2) days onsite at our Aseana City, Parañaque office and allowing three (3) days work from home each week

About Us:

SnapMart is the Philippines’ fastest growing and leading online grocery platform, offering end-to-end eCommerce tailored solutions for its partners (https://landers.ph) to provide our customers with an unparalleled selection of fresh food, household essentials delivered to your door in the 2h delivery window of your choice.

Our Landers Superstore app is now available for download on the App Store and Google Play! Download and order now!

We are looking for superstars to join now our customer-employee-technology and data-driven family!