INFORMATION SECURITY SPECIALIST

It is the spirit of Bayanihan that drives us to continue our legacy of excellence and commitment to care. As an organization, we achieve our successes through good, honest, and persevering hard work - TOGETHER. It is in this way in which our company was built; we progressed as the country's leading Pharmaceutical company, not by sheer luck, but by pure perseverance, integrity, and brotherhood. Grow with us, and be a part of the Bayanihan spirit.

Role Overview:

• Pushes for vendor’s compliance with the company’s information security and data privacy policies by performing contract reviews and onsite audit
• Develops consultative relationships with different departments to educate them about risk management and/or implement risk management best practices to prevent or mitigate loss related to data leakage
• Ensures that all committed resolutions of different divisions are monitored, reported and resolved on time
• Leads and conducts security awareness programs and deliver it across the enterprise
• Establishes mandatory policies, minimum standards and/or written guidance related to information security and data privacy best practices.
• Governs projects in order to minimize compliance risks that often results from project plans that does not adhere to a proper security risk assessment. This includes analyzing the business and IT specifications in order to prescribe the appropriate information security controls. 
• Represents Information Security in discussions with different stakeholders and extend assistance to educate relevant users on how to comply to the different information security and data privacy policies of the company
• Acts as the project manager for initiatives owned by the Information Security division
• Works with IT and all relevant business stakeholders in addressing security incidents, breaches and different cyber threats reported by the security operations team

Required Qualifications:

• Graduate of Computer Engineering, Computer Science, Information Technology or other relevant science, technical and engineering courses 
• With at least 2 years of information security / data privacy practice
• Can easily transition to a fast-paced environment and familiarize himself on business matters that can affect the security posture of the company
• Can communicate, present, and negotiate effectively, with strong command of the English language, both written and oral
• Has a keen eye on details with strong planning and analytical skills
• Knowledgeable in securing Network, Identity Access, Cloud systems, Endpoint devices, web and mobile applications
• Familiarity with security frameworks and privacy regulations (e.g. NIST Cybersecurity framework, CIS-CSC, ISO27001, Data Privacy Act) and risk management methodologies
• Relevant experience in Identity Access Management and Information Security Incident Response handling is a plus.
• Experience in designing and securing cloud platforms hosted in Amazon, Azure and Google

We are committed to providing our employees with the best possible experience. As a LEARNING ORGANIZATION, we are eager to support your development and create the most fitting career path for you. As DESIGNERS AND DRIVERS OF INNOVATION, we are keen to provide you with opportunities to positively transform processes that will intensify business growth. As a NURTURING FAMILY, we are passionate about conducting programs that can promote your wellness, and help you be the best that you can be. As BELIEVERS OF OUR PURPOSE, we are and we will always remain earnest in giving meaningful tasks that will keep you delighted and fulfilled - at work and beyond.