Information Security Officer
Stradcom Corporation
- Quezon City, PhilippinesEast Avenue , Quezon City, Metro Manila, PhilippinesQuezon CityMetro ManilaPhilippinesPhilippines
- Toàn thời gianFULL_TIME
Miêu Tả Về Công Việc
- Development, implementation and maintenance of Security Programs, Policies and Procedures
- Supports in the development of applicable globally-accepted standards, guidelines and procedures to achieve compliance to security policies and programs
- Contributes in the formulation and enhancement of the corporate Information Security Policy
- Implements and maintains established information security management program of the company
- Maintains reliability and integrity of the IT infrastructure by developing, implementing and exercising:
- Comprehensive Business Continuity Plan (including documentation of detailed procedures) to help the organization achieve recovery capabilities at an alternate site (Disaster Recovery Center)
- Incident Management Process (including documentation of detailed procedures) how to handle security incidents
- Other security programs in pursuit of new regulatory or legal compliance as authorized and approved by the Management
- Development, implementation and maintenance of IT Risk Management Process for IT Infrastructure
- Assists owners/custodians identify, evaluate, assess and secure their information assets
- Assists in determining the security posture of IT systems, applicability and effectiveness of implemented controls
- Generates and submits compliance and security assessment findings, recommendations and reports to the department manager
- Research and development of applicable controls from emerging security trends and technologies
- Selects, evaluates, recommends security controls
- Monitors and generates reports of the security program implementation, business continuity and recovery testing and activities during security assessments
- Development, implementation and maintenance of Procedural and Technical Security Controls
- Implements recommended security controls resulting from the risk assessment
- Monitors and generates reports of system status, performance and security events of implemented security controls
- Resolves issues arising from problems encountered on implemented security controls and/or escalates to third-party technical support
- Monitors and handles security incidents in accordance to established Incident Management Procedure which may involve coordination with other departments and external parties
- Maintains technical security controls managed by the department by conducting regular maintenance activities not limited to backup of systems
- Develops and maintains processes, procedural documents and up-to-date inventory of deployed and implemented security controls
- Observes and facilitates change management process for equipment, facilities, hardware and software utilized in the IT infrastructure
- Extended Delivery of Security Services (Security Education/Awareness Program, Consultancy and others)
- Supports in the development and conduct of approved information security awareness program to all employees and third-party personnel engaged with the company
- Assists in providing technical consulting services in accordance with approved standards to other departments on matters related to information security
- Assists the department in coordination with the Legal Division to achieve regulatory and legal compliance
- Works with internal and external/third-party auditors and consultants
- Coordinates with other Technical teams so that reliable and secure services are provided to internal and external clients
- Supervises the activities of third-party personnel/consultant whenever they are working on-site
- Regularly attends conferences, professional association meetings and technology seminars to remain well-informed with the latest information security technological developments.
- Performs other job-related tasks and projects that may be assigned by his/her superiors from time to time.
Trình độ tối thiểu
- Knowledge of information security management systems and information security governance (information risk management, business continuity and recovery strategies, incident handling concepts), security administration, network systems, operating systems,
- Knowledge in cybersecurity (one example is firewall)
- College graduate of Electronics & Communications Engineering or Information Technology or any related course
- At least 3 years in IT industry and 1 year expereince as Information Security Officer
Tóm tắt công việc
- Trình Độ Công Việc
- Trình độ nhân viên cấp trung bình / cấp quản lý
- Ngành Nghề
- IT and Software
- Yêu cầu học vấn
- Tốt nghiệp Cử nhân
- Nhà tuyển dụng trả lời hồ sơ
- Sometimes
- Địa chỉ văn phòng
- East Avenue
- Ngành nghề
- Information Technology / IT
- Vị trí đang tuyển
- 1 vị trí tuyển dụng mới
Về Stradcom Corporation
Stradcom Corporation is the IT Company behind the computerization of the Land Transportation Office (LTO) of the Philippine government.
Through the LTO-IT Project, Stradcom established a multi-billion peso IT infrastructure by which the LTO has been serving the 85,000 motor vehicle registrants and driver license applicants who come to its 300 nationwide offices daily.
We are thus looking for talented individuals to join us, whether seasoned professionals seeking a change of pace and direction or new graduates wanting to explore frontiers and pursue a fulfilling career.