This is a remote
About the Client:
Started in 2013 by CEO Carmen Booth and Managing Director Jamie Booth with a vision to provide businesses from all around the world with their own full-time, first-rate offshore team in the
Our smart tailored outsourcing and HR solutions deliver high-quality results with reduced operating costs for companies of all sizes across a wide range of
Job Summary:
The Information Security and Compliance Officer is responsible for implementing software and security measures to protect systems and infrastructure from cyber threats and network intrusions, including bugs, malware, and hacking He/she is also in charge of maintaining and developing policies, standards, procedures, controls, and guidelines to support IT security, compliance, and audit requirements for both Booth and Partners and ARCH
The main goal of Information Security and Compliance Officer I is to ensure company s IT security - by enforcing policies, responding to threats, risk reduction, managing applications and infrastructure s security, keeping up with the latest trends and threats, and keeping the organization s compliance with supervisory
Responsibilities:
Main Tasks :
- Sensitivity to threats, suspicious activities, and risks - proactively providing recommendations and reacting swiftly toward mitigation and resolution
- Organizational awareness - works closely with the leadership team on identifying and alarming possible fraud activities
- Prioritizing clients and stakeholders by ensuring secure access to infrastructure while also not compromising reasonable ease of access and operation
- Conduct data to analysis reduce the risks associated with security breaches and to mitigate threats before they can be exploited
- Researching and reviewing the latest security trends and emerging threats and implementing necessary preventive measures to avoid these threats
- Sourcing and implementing new security solutions to better protect the company, its data and IT infrastructure
- In charge of developing, reviewing, and updating information security and privacy policies
- Manages firewall and other network security devices to protect the company s network from external threats
- Deploys and manages endpoint protection such as Keeping AV definitions Regularly checks and investigates detected infections and potential
- Ensures security policies for all devices are being enforced
- Implement encryption (disk or file level) to applications, website, and systems databases
- Assists in implementing and managing cloud-based URL filtering and application control solutions
- Defines resources, control structures, and access privileges to protect the
- Spearhead Security Incident Response and Disaster Recovery Plans testing and evaluations
- Enforces the use of secure erasure solutions such as NIST and SOC 2 compliant software to wipe data based on the data retention and deletion policies
- Conducts regular security audits on network appliances, web servers, applications, and business tools, considering existing organization compliances
- Performs or assists in conducting penetration testings
- Ensure the data protection, risk management, vulnerability assessments, and compliance testing programs are being implemented
- Perform compliance activities in relation to PCI, HIPAA, GDPR, NPC, ISO,
- Perform data privacy impact assessments
- Developing and coordinating a thorough security strategy to Network Engineers for the company s network infrastructure
- Assists in evaluating vendor systems, applications, and services prior to acquisition in terms of data security requirements
- Assists in evaluating new updates and patches on systems and services prior to deployment or installation
- Complete daily operational tasks within the predefined
- Provides regular and timely Security and Compliances report and
Secondary Tasks:
- Manage and maintain CCTV, biometrics, and RFID systems
- Work closely with Facilities in office security management
- Ensure daily operations and troubleshooting documentation are relevant and up to Identifies gaps and improvements in processes and
- Assists on monitoring IT systems and applications, especially for potential threats and
- Assists in coordination with Vendors, Service Providers, and
- Performs ad-hoc responsibilities/assignments from time to
- Work closely with TQA and HR team for the annual security training of employees
Requirements
- Bachelor s degree in Computer Science, Information Technology, or equivalent education
- Minimum of 2 years relevant experience
- Knowledge of computer networking concepts and protocols and network security methodologies
- Excellent problem-solving and analytical skills
- Ability to educate a non-technical audience about various security measures and IT compliances
- Strong attention to detail with excellent time management and organization skills, independent, excellent interpersonal skills, highly motivated, and able to work under
- Good to intermediate english communications, both written and verbal
- Must be willing to work in Makati City, 24/7 shifting schedule, with minimal coverage during holidays and
- Must be willing to travel to different sites (Makati, BGC, etc)
- Must have Fiber Optic internet with at least 25 Mbps bandwidth
- Must have a backup desktop or laptop with the latest OS
GOOD TO HAVE:
- Experience with the following: Anti-Virus, Firewall management, Encryption, Intrusion detection systems (IDS) and intrusion prevention systems (IPS), Network Forensics
- Experience with vulnerability scanning solutions
- Experience with IT governance, risk, and compliance
- Experience with using and auditing Enterprise and Service Provider platforms and architectures such as Google Workspace, Zoho, Zscaler, Microsoft applications, RingCentral or any similar systems
- Experience in performing security audits
- Having CompTIA Security+, CCNA, CCNP Security, Cisco Certified CyberOps certification or equivalent
- Professional information security certification like CISSP, CISM, or other relevant certification
- Knowledge of risk management processes
Benefits
WHAT WE OFFER:
Great Place to Work-Certified Company
Premium HMO
Holistic employee experience
Work-from-home and hybrid work setup
Rewards and incentives
Monthly engagement activities
Career advancement opportunities
Paid referral program
Bachelor s degree in Computer Science, Information Technology, or equivalent education Minimum of 2 years relevant experience Knowledge of computer networking concepts and protocols and network security methodologies Excellent problem-solving and analytical skills Ability to educate a non-technical audience about various security measures and IT compliances Strong attention to detail with excellent time management and organization skills, independent, excellent interpersonal skills, highly motivated, and able to work under Good to intermediate english communications, both written and verbal Must be willing to work in Makati City, 24/7 shifting schedule, with minimal coverage during holidays and Must be willing to travel to different sites (Makati, BGC, etc) Must have Fiber Optic internet with at least 25 Mbps bandwidth Must have a backup desktop or laptop with the latest OS GOOD TO HAVE: Experience with the following: Anti-Virus, Firewall management, Encryption, Intrusion detection systems (IDS) and intrusion prevention systems (IPS), Network Forensics Experience with vulnerability scanning solutions Experience with IT governance, risk, and compliance Experience with using and auditing Enterprise and Service Provider platforms and architectures such as Google Workspace, Zoho, Zscaler, Microsoft applications, RingCentral or any similar systems Experience in performing security audits Having CompTIA Security+, CCNA, CCNP Security, Cisco Certified CyberOps certification or equivalent Professional information security certification like CISSP, CISM, or other relevant certification Knowledge of risk management processes