Jr Infosec Officer
Jr Infosec Officer
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
The Information Security Officer will plan implement upgrade and monitor security protocols for the protection of the TSAs computer networks and information.
The Information Security Officer will foster collaboration between IT and business units ensuring compliance in Technology programs and projects and working closely with Internal and External Audit teams throughout the process. They will also manage the process of gathering analysing and assessing information security and privacy threats while maintaining and monitoring evolving security best practices.
Information Security Officer will be responsible for overseeing information security cybersecurity and IT risk management programs based on industryaccepted information security and risk management frameworks. This individual will be an integral part of the Information Technology organisation reporting directly to the VP of Engineering to help improve and communicate the maturity levels of information security state of cybersecurity and IT risk practices across TSA.
Responsibilities
- Document controller
Collate and organise documents related to compliance against international standards and regulatory requirements
Engage with ISMS stakeholders and other business unit heads and representatives in collecting pertinent documents
Manage documents and track versions changes and revisions according to emerging trends regulatory and industry standard requirements - Compliance management
Work with the information security team in performing gap analysis policy and procedure development
Review and assess compliance of initiatives against adopted standards of the organisation (ISO 27001:2022 PCI DSS etc.)
Review and assess compliance requirements against regulations of Office of the Australian Information Commissioner (OAIC) National Privacy Commission (NPC) for the Philippines and Office of the Privacy Commissioner (OPC) for New Zealand.
Review and assess compliance requirements against other pertinent regulations such as GDPR and other similar privacy and security regulations and international standards such as CIS Controls NIST CSF 2.0 NIST RMF and other similar standards. - Governance and risk management
Assist the information security team in engaging with ISMS stakeholders of the TSA security governance program initiatives and requirements.
Assist the information security team in thirdparty risk management and other pertinent process and procedures related to managing security risks over vendors and thirdparty service providers.
Perform risk assessments and risk reviews pertinent to the ISMS according to ISO 27001 PCI DSS and other relevant security and privacy standards.
Provide security awareness to all employees by means of presentations communications and other methodologies adopted by TSA and provide recommendations for strengthening and ensuring delivery of the security awareness campaign. - Security Incident management
Work with the information security team in reviewing revising and developing incident response plan and playbook
Regularly perform preparations and capability assessments and testing of incident response of TSA
Collaborate with information security team and IT specialists and engineers in determining areas for improvement with regards to incident response handling - Cyber threat intelligence and vulnerability management
Perform threat intelligence through OSINT and other opensource methodologies
Assist the information security team in preparation and planning VAPT and red teaming activities
Develop collate and manage related documents in threat and vulnerability management.
Qualifications :
Essential:
- BS IT IS Comsci or other related tech or security courses or equivalent trainings and experience.
- Must have at least 3 years of experience as a SOC analyst security analyst GRC analyst IT audit or similar experience.
- Desired certifications or certificate (Certificate of course completion are considered):
CompTIA Security
CCNA Security
ISO 27001 LI / LA
ISC2 CC or SSCP
ISACA CSXP CCOA
Higher certifications will be greatly considered but not necessarily required (CISSP or associate of ISC2 CISA CISM GCIH or similar) - Desired skills and knowledge:
Security risk management
Project management
IT or IS auditing
Incident response
ISO 27001 foundation implementation and/or auditing
Threat intelligence and/or knowledge in threat hunting and threat modelling
Familiar with security and network tools such as CrowdStrike.
Additional Information :
At TSA the health safety and wellbeing of our team is our number one priority! In response to the COVID19 pandemic we have introduced a number of robust practices to keep our team safe such as; physical distancing measures control measures for our visitors temperature testing isolation requirements where applicable and so much more.
We take our responsibility to protect the health and wellbeing of our team and our community very seriously.
IMPORTANT: The InterAgency Task Force for the Management of Emerging Infectious Diseases (IATF) issued Resolution No. 148B which states that effective December 1 2021 all employees reporting onsite must be vaccinated against COVID19. If you have questions regarding this guideline please make sure to discuss this with our Recruitment Team during job offer.
Like & Share the TSA FB Page and be up to date with TSA News!
Facebook PH
Check out our social media pages:
TSA Website
Philippines Office address:
14F Five Ecom Center Harbor Drive Mall of Asia Business Complex Pasay City Metro Manila Philippines 1300
Remote Work :
No
Employment Type :
Fulltime
Employment Type
Full-time
