Cybersecurity Engineer (SO2)

IT And Software Development National Capital Region Pasig City, National Capital Region


Key Responsibilities

  • Overseeing and driving implementation of IT security initiatives aligned to the roadmap
  • Implementing security controls in cloud environments, including AWS Cloud, Microsoft Azure Sentinel, Splunk, VPNs, WAF’s, SSO and endpoint security
  • Implementing and managing cloud compliance tools within AWS and Microsoft Azure.
  • Developing SIEM tools, logging and incident management processes and using the knowledge to ensure Open Pay’s environment is adequately monitored and protected
  • Developing vulnerability management plan, conducting periodic vulnerability assessment and
    performing risk analysis and remediation of identified vulnerabilities
  • Design solutions using existing toolsets to defend against hacking, malware and ransomware, cybercrime, and insider threats
  • Working with application developers on secure coding practices and risk remediation of
    application vulnerabilities
  • Facilitating penetration testing with external providers and coordinate risk remediation
  • Investigating and analysing security breaches, conduct post-incident review of security incidents
    in consultation with various stakeholder groups and external providers.
  • Support the Information Security Manager in driving the End User Security Awareness Program
  • Support the Information Security Manager in initiatives relating to SOC2 compliance and PCI DSS Compliance

Skills and Competencies:

  • Demonstrated experience implementing security processes and delivering projects (> 5 years)
  • Demonstrated experience working in the Cloud Security space, including AWS Cloud, Microsoft Azure Sentinel, Applications Security, Splunk, VPNs, WAF’s and endpoint security.
  • Knowledge of security frameworks and standards such as PCI-DSS and NIST are desirable
  • Strong understanding of the OWASP, cryptography, access control methodologies for network, servers and applications and secure coding practices
  • Proven skills in threat analysis, threat modelling, and threat prevention
  • Aptitude to learn about the environment and identify quick wins towards risk reduction
  • Bachelor’s degree in networking or computer science
  • Industry certifications related to security such as CISSP, Comp TIA Security+ etc. will be highly regarded,