Manager, Information Security

apartmentQuantrics placeTaytay scheduleFull-time calendar_month 

Position Overview:

As an Information Security Manager, you will develop your skills in a supportive environment while managing and enhancing the organization’s security maturity and posture.

You will have the opportunity to:

  • Create and enforce security policies, protocols, and procedures tailored to the organization's needs.
  • Identify, assess, and mitigate security risks to protect the company from threats such as cyberattacks, data breaches, and insider threats.
  • Regularly conduct security assessments, monitor systems for vulnerabilities, and ensure the application of effective security controls.
  • Lead or participate in the response to security incidents, including investigating breaches, coordinating with response teams, and implementing corrective actions to prevent recurrence.
  • Organize and facilitate security training programs for employees in collaboration with the HR Learning and Development team.
  • Prepare for and conduct internal and external audits, including evidence collection, documentation, and remediation of findings.
  • Collaborate closely with IT, HR, physical security, and other departments to ensure cohesive security practices and compliance across the organization.
  • Evaluate third-party vendors to ensure they adhere to the organization’s security requirements.

You will be an ideal candidate if you have:

  • Education: Bachelor’s degree in Information Security, IT, Computer Science, or another relevant discipline; degrees in other fields with relevant experience, background, and a comparable profile.
  • Experience: Minimum of 3-5 years of experience in information security, information assurance, security compliance project management, IT/systems audit, risk management, or related areas.
  • Technical Knowledge: Solid understanding of information security principles, risk management, threat analysis, security architecture, data protection, identity and access management, compliance standards, incident response, vulnerability management, secure software development concepts, and the anatomy of hacking and intrusion attacks.
  • Knowledge of Security Operations: Familiarity with cybersecurity monitoring, developing, implementing, and reviewing security controls, knowledge of Active Directory, O365, cloud platforms, networking and programming concepts. Previous experience with security technologies (e.g. firewalls, VPN, IDS/IPS, antivirus/EDR, access management) is desirable.
  • Understanding of Compliance Requirements: Knowledge of regulatory requirements and standards (e.g., Data Privacy Act 2012, GDPR, PCI-DSS, SOC 2, ISMS ISO 27001, NIST CSF).
  • Certifications: There is no substitute for experience. Certifications are desirable but not required — entry-level (e.g., CompTIA Security+, SANS GSEC, ISACA Cybersecurity Fundamentals, ISC2 Certified in Cybersecurity (CC) and advanced (e.g., CISSP, CISM, CEH).

Soft Skills:

  • Problem-Solving Abilities: Strong analytical and critical thinking skills to identify security risks and develop effective mitigation strategies.
  • Attention to Detail: Meticulous in enhancing security processes, spotting anomalies, conducting investigations, and maintaining accurate security documentation.
  • Communication Skills: Excellent written and verbal communication skills, with the ability to develop security policies, documentation, and awareness programs, and effectively convey security concepts to both technical and non-technical audiences.
  • Adaptability and Resilience: Ability to remain calm and focused under pressure, such as during security incidents.
  • Customer Focus: Understanding of balancing security needs with business objectives.
  • Project Management: Experience managing security projects, such as achieving security certifications, coordinating training programs, collaborating with outsourced security operations (SOC), and enhancing security documentation and its lifecycle.
  • Team Leadership: Ability to build, lead, and motivate high-performing teams, foster collaboration, effectively delegate, resolve conflicts, and drive continuous improvement.
  • Continuous Learning: Passion for learning and staying updated on security trends, threats, tools, and best practices.
Reporting to : Director, Information Security and Corporate Resilience

Reporting to : Taytay, Rizal with possibility to travel in Naga and San Mateo

If this role sounds interesting to you, please click apply. We’d love to hear from you!

placeMakati, 12 km from Taytay
compliance mechanisms are maintained.  •  Establish and enforce policies and procedures to protect sensitive data, ensuring compliance with legal, regulatory, and contractual obligations.  •  Maintain and enhance the organization's information security...
apartmentTeleperformanceplaceMakati, 12 km from Taytay
or a related discipline, or the equivalent combination of education, technical training or work/military experience. � 5+ years of Information Security/Risk Management experience � Intermediate understand of OSI model � Application, System and Network...
apartmentOptum Global SolutionsplaceQuezon City, 13 km from Taytay
as appropriate Maintain current knowledge on information security topics and their applicability program requirements Communicate professionally with stakeholders/end users through multiple communication Job Requirements Bachelor's degree or higher level...