Information Security Specialist
- 1 opening
- Preferred Educational Attainment
- Graduated from college
- a month ago
- Application deadline
- in a month
- Recruiter responds
- 0% of the time
- Recruiter last seen
- 2 days ago
- Staffing / Recruiting
- Employment Type
- Full time
- Office Address
- Paseo de Roxas, Makati, Philippines
Feel secure when applying: look for the verified icon and always do your research on a company. Avoid and report situations when employers require payment or work without compensation as part of their application process.
Bachelor’s Degree in IT, Information Systems or Computer Engineering.
Preferably with security license/certifications (i.e. CISSP, CISM) or equivalent.
inimum of 5-years in the field of information security. With solid foundation and experience of security management principles, practices and concepts.
With a good understanding of the insurance industry in general and its key business processes.
- With experience in ISMS implementation, certification audit and documentation
- In-depth knowledge of ISMS ISO 27001, COBIT and NIST (but not limited), guiding the development of InfoSec policy/standards/controls
- Experience in security policy development & full-cycle management
- Clear and effective writing ability to develop policies, security analysis reports, training materials and other relevant documents
- With strong presentation skills and experience in conducting security trainings
- Can communicate clearly the knowledge agenda and has good listening skills
- Analytical and sensitive to organizational opportunities and obstacles
- Demonstrated leadership ability to direct and motivate others
- Excellent interpersonal skills and a team player
- Develop and maintain corporate information security policies and its supporting documents such as security standards, procedures, and guidelines.
- Monitor policy effectiveness and report noncompliance for appropriate and timely action.
- Responsible for managing context and scope of the ISMS (Information Security Management Systems), including maintenance, extension, and optimization of the ISMS.
- Ensure that risk assessment is carried out frequently and that good risk management processes aligned to ISMS are placed in critical areas of relevant departments, processes, IT systems and infrastructures
- Develop and lead the information security awareness training programs at different levels of the organization – business unit audiences, IT technical personnel, and even third parties.
- Coordinate internal and external audits and compliance activities, and submit reports and action plans to address audit findings.
- Perform security assessments to ensure compliance with contractual and regulatory and legislative requirements
- Manage or participate in other security projects as needed