Makati City Jobs Information Security Manager Position at Punongbayan & Araullo
- Job vacancies posted on: 9 months ago
Translate
Do you currently live in the Makati City and its surrounding areas and are looking for job vacancies? We are pleased to inform you that our company office, Punongbayan & Araullo is currently seeking candidates to then join and fill the position as Information Security Manager and able to work under full time working hours system.
We are a competent professional company, therefore we have specific criteria for the interested candidates. We give priority to candidates who are experienced in the field of Computer/Information Technology & IT-Software with a minimum Bachelor's Degree. In addition, we also prioritize candidates who are professional at work, uphold honesty, discipline in responsibility, and are capable to complete their task as well as possible.
We are offering a salary of ₱16,000 - ₱38,000 for this position for interested candidates. However, this salary range can be negotiated and changed if the candidate's credibility exceeds our expectations and for sure, the agreement is adjusted to the policies of our company's HRD. Your capability will be highly appreciated by our company.
Job Info
| Company | Punongbayan & Araullo |
| Position | Information Security Manager |
| Region | Makati City |
| Career Level | Assistant Manager/Manager |
| Work Experience | 4 years |
| Qualification | Bachelor's/College Degree |
| Type of Work | Full-Time |
| Minimum Salary | PHP 16.000 |
| Maximum Salary | PHP 38.000 |
The Information Security Manager is responsible for ensuring that information security and IT-related risks are controlled within acceptable levels in the organization. This position also ensures monitoring of information security systems, policy development, IT risk management, implementation and enforcement of security controls along with ongoing research on the latest and best practices in IT Security and Controls.
PRIMARY DUTIES & RESPONSIBILITIES
A. Work Complexity
- Develops and manages security for multiple IT functional areas (e.g. applications, systems, network and/or Web across the enterprise.
- Develops security solutions for critical and/or highly complex assignments.
- Participate in Security Planning and analyst activities.
- Provides objective evaluations of security controls, mechanisms and goals in comparison to best practices.
- Develops, refines and implements enterprise-wide security policies, procedures, and standard across multiple platform and application environments to meet compliance responsibilities.
- Ensures policies, procedures, standards and system configuration are documented and tracked.
- Recommends, manages, and implement required changes to IT risk and security policies and procedures.
- Monitors compliance with security policies, standards, guidelines and procedures.
- Develop processes and procedures for the information security governance program, including control document reviews, participant assessments preparation, meeting coordination, assessment finding mediation, assisting control owner with remediation plan development, tracking finding through remediation, progress monitoring, reporting and escalation.
- Assesses client needs against security concern and articulates issues and potential risk to management.
- Work with IT governance to ensure proper risk management and compliance.
- Consult with other groups on potential operational impacts of proposed changes to the security environment.
- Provides security-related guidance on client process.
- Works closely with IT and development teams to design secure infrastructure solutions and applications, facilitating the implementation and mitigating controls.
- Work directly with the other internal departments to facilitate information security risk analysis and risk management processes and to identify acceptable level of residual risk.
- Conduct impact analysis to ensure resources are adequately protected with proper security measures.
- Assesses potential items of risks and opportunities of vulnerability in the network and on information technology infrastructure and applications.
- Review risk assessments analyses and effectiveness of information security control activities, and report on them with actionable recommendation.
- Evaluate security risks and identifies and defines compliance strategies in accordance with policies and standards.
- Provides information security management with risk assessments and security briefings to advise them of critical issues that may affect customer, or information security objectives.
- Communicates with multiple department and level of management in order to resolve technical and procedural information security risks.
- Develops remediation strategies to mitigate risks associated with protection of infrastructure and information assets.
- Captures, maintains, and monitors information security risk in one repository.
B. Information and Data Security
- Assesses threats and vulnerabilities regarding information assets and recommends and appropriate security controls and measures.
- Defines, recommends and manages security controls for information systems.
- Develops and implements strategies to align information security with business objectives and goals, protecting the
- Review and delivers reports, making recommendations as needed.
C. Continuity and Disaster Recovery
- Contributes to designing and implementing the enterprise-wide continuity and disaster recovery management programs, including maturity models, methodologies, souring, strategies, plans, metrics, and scorecards for all components of the program(s)
- Develop risk management procedure, institution continuity scenarios, and contingencies and advises on continuity disaster recovery plans.
- Identifies and makes recommendations regarding critical points of failure.
- Review select changes to ensure they are appropriately assessed, tested, and incorporated in to the larger enterprise plan.
- Ensures continuity and disaster recovery plans are documented and maintained.
- Coordinates, assesses and communicates requirements associated with impact, continuity and recovery.
- Ensure recovery drills are performed.
D. Security Assessments, Monitoring and Reporting
- Consult with clients on security violations
- Act as liaison between internal audit and IT to ensure commitments are met and controls are properly implemented.
- Oversees security incident and response management.
- Report to management concerning residual risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance.
E. IT Operations
- Define security configuration and operations standards for security systems and applications, including policy assessment and compliance tools, network security appliances, and hosts based security systems.
- Defines and validates baseline security configurations for operating systems, application network and telecommunications equipment.
- Interface with third-party vendors to evaluate new security products or as part of a security assessment process.
- Coordinate with vendors to ensure managed services are implemented and maintain appropriately.
- Analyzes security assessments for third-party vendors.
- Makes recommendations to address issues.
- Develops impact analysis.
- Identifies and coordinates resolutions of information security recovery issues.
- Provides responsive support for problems found during normal working hours as well as outside normal working hours.
F. Incident Management
- Assists security operations team in troubleshooting and resolving escalated security
- Identifies and resolves root causes of security related problem and related issues.
- Represent security and IT risks among other company risk department and committees.
G. Information Security Performance Management
- Develops measures to evaluate the information security programs and modifies strategies as appropriate.
- Identifies areas needing improvement and develops recommendations.
- Anticipates and addresses potential issues.
H. Research/Evaluation
- Develops measures to evaluate the information security programs and modifies strategies as appropriate.
- Identifies areas needing improvement and develops recommendations.
- Anticipates and addresses potential issues.
- Leads and review application security risk assessment for new or update internal party applications.
- Serves in an advisory role in application development and infrastructure project to assess security requirements and controls and ensures that security control is implemented as planned.
QUALIFICATIONS
- Bachelor Degree in Information System, Computer Science, Computer Technology or other related field, or equivalent work experience.
- Working knowledge of the following protocols and attributes as they relate to information security: Ethernet, Windows Server Support, Linux Server support, Microsoft Active Directory, VMWare, SAN, RAID, DNS, DHCP, WEP, AntiVirus/AntiMalware, Exchange, KVM, UPS, OSPF, IEGRP, xBGP, HSRP, IPSec, AES, 3DES, SNMP, TCP, RADIUS, SYSLOG, NTP, LAN/WAN, WEP, F5, Cisco Switch, Cisco Router, Cisco ASA Firewall
- Security Certification (s) (i.e. Certified information System Security Professional (CISSP), or Certified Information Security Manage (CISM) a plus
Office/Company Address
| Country | Philippines |
| Region | National Capital Region |
| City | Makati City |
| Address | Punongbayan & Araullo, The Enterprise Center, 19th & 20th Floor, Tower 1, 6766 Ayala Ave, Makati, 1200 Kalakhang Maynila, Filipina |
| Map | Google Map |
Benefit
- Flexible work arrangements
- Extensive training opportunities
- Career development
Apply for Work
Please note that the information contained may change at any time.
Mostly, applying for a job is free of charge, you have to be careful when applying for a job.
Tips from admin. Use polite language and promote yourself as attractively as possible so that the related HRD/Staff is interested in you.
Good luck getting the job you want.
Job Application Instructions
- Go to the "Apply Now" link above
- If you don't have an account yet, please register first, create a profile/upload a resume according to your personal data
- If you have registered, you can immediately log in
- Promote yourself through the tertara job application form
- Done, please wait.
Company Description
P&A is a leading professional services firm with a proven track record of high-quality work. We provide value-added services to local and multinational companies through our client-caring team of audit, tax, and business professionals who use leading-edge systems and technology and are guided by the highest standards of quality, integrity, and competence. P&A is the Philippine member firm within Grant Thornton International Ltd, one of the world's leading organizations of independently owned and managed accounting and consulting firms.
Mission
As a leading professional services firm, we deliver to our clients the highest quality work and value added services responsive to their needs and expectations. We attract, develop and retain high-performance people, and commit to make continuous improvement in all that we do.
Vision
To be the most recognized and preferred auditing, accounting, and advisory services firm in the Philippines by achieving unparalleled growth. Through our thought leadership, we will contribute to the upliftment of the accounting profession and to the enhancement of business practices.
Company Info
- Industry: Accounting / Audit / Tax Services
- Company Size: 1001 - 2000 Employees
- Average Processing Time: 6 days
- Benefits & Others: Dental, Education support, Miscellaneous allowance, Medical, Loans, Parking, Vision, Regular hours, Mondays - Fridays, Business (e.g. Shirts), Wellness program, Professional licenses, Paid leaves, Discretionary bonuses
- Specific Location: The Enterprise Tower
