Head of VAPT

SM Investments | Pasay City | On-site

At SM Investments, we shape sustainable growth stories that uplift industries and communities. Join one of the Philippines leading conglomerates and help safeguard a dynamic ecosystem of retail, banking, and property businesses.

About the Role

We're looking for a highly motivated Cyber Security Vulnerability Specialist who will lead vulnerability management and remediation efforts across our organization. You will drive assessments, automation, threat monitoring, and risk analysis to ensure a secure and compliant environment.

What You'll Do:

Vulnerability & Compliance Management

• Lead daily infrastructure and application vulnerability scanning and onboarding
• Analyze scan results, prepare reports, and coordinate timely remediation
• Conduct policy compliance scans and maintain updated security records

Automation & Feasibility

• Identify opportunities to automate security processes
• Develop and improve automation initiatives
• Perform feasibility studies for new security measures

Threat Monitoring & Risk Assessment

• Track daily threat intel, bulletins, and industry trends
• Handle risk assessments for new apps, architectures, and exemption requests (WAF, Snyk, whitelisting, etc.)
• Provide recommendations to mitigate identified risks

Periodic Security Operations

• Manage policy configuration, onboarding, firewall rule reviews, and password audits
• Coordinate remediation activities across teams

What We're Looking For

• Bachelor's degree in Computer Science, Information Security, or related field
• At least 5 years of relevant experience
• Strong understanding of security principles, vulnerability management, and risk analysis
• Familiarity with VA tools, threat intelligence, and automation
• Excellent communication, analytical, and problem-solving skills
• Development experience is an advantage
• Security certifications (CISSP, CISM, CEH) are a plus

Why Join Us

Be part of a team that protects the digital backbone of one of the country's largest and most influential conglomerates. If you're passionate about security, continuous improvement, and high-impact work — we'd love to meet you.