Information Security Engineer

STRATEGIC STAFFING SOLUTIONS (S3)

Position: Senior Information Security Engineer

Work Set-Up: Hybrid (4x per week Onsite)

Office Location: Ayala, Makati

Schedule: TBD

QUALIFICATIONS:

• Graduate of a Bachelor's degree in Information Technology, Computer Science, Computer Engineering, or any related IT or Engineering field

• Strong knowledge of information security architecture, controls, and operational security practices across on premise, cloud, and network environments

• Proven hands-on experience managing security technologies such as firewalls, antivirus, patch management, SIEM/log management, email security, and web security

• Working knowledge of identity and access management, including user provisioning, access controls, and compliance enforcement

• Experience in security incident investigation, root cause analysis, and issue resolution

• Solid understanding of IT security policies, standards, and compliance requirements

• Proven experience in backup, disaster recovery, and business continuity planning

• Ability to review security logs, audit trails, and monitoring data to identify security risks or violations

• Experience coordinating with third party vendors and service providers, ensuring SLA adherence

• Strong people leadership skills, including coaching, mentoring, and guiding technical teams

• Ability to manage escalations, make sound decisions under pressure, and provide temporary controls during incidents

• Strong communication skills, with the ability to explain security risks and incidents to both technical teams and management

• Customer- and service-oriented mindset in dealing with internal and external stakeholders

• Strong problem solving, ownership, and accountability

• Ability to drive policy compliance and continuous improvement across teams

• Experience working in a shared services or centralized IT operations environment is an advantage

• Experience supporting the energy generation, utilities, or industrial sector is an advantage.

• Knowledge or exposure to SCADA, OT systems, or IoT environments is a plus.

• Exposure to cloud security in large enterprise or hybrid environments

Team Activities/Deliverables:

• Design, implementation, and continuous improvement of IT Security Architecture

• Enforcement and regular review of IT security policies, standards, and procedures

• Oversight function of managed security operation center in charge of cybersecurity monitoring, threat detection, and response.

• Provide risk assessment and design assessment of infrastructure in accordance to secure by design concept

• Daily administration and monitoring of security tools and platforms

• Coordination and resolution of security incidents and infrastructure issues

• User access management and review of system privileges

• Monitoring and application of security patches and updates

• Security compliance validation for IT initiatives and environments

• Review of audit trails and reporting of security issues

• Participation in investigations and recommendation of corrective controls

• Management of third party security and cloud service providers

• SLA monitoring and vendor coordination

• Communication of security events, risks, and updates to stakeholders and leadership

• Coaching and training of IT team members and employees on security practices

• Contribution to cross team improvement and compliance initiatives

Position Key Responsibilities:

• Coordinate daily with a multitude of third-party vendors ensuring adherence to contracted SLAs.

• Work with management on location specific budgets, forecasts, and monthly expenses.

• Analyze data from monitoring activities and define comprehensive, system wide improvements.

• Perform activities relating to site safety and security, disaster recovery, and business continuity planning.

• Maintain location specific facility systems which include data center equipment, identification system, and electronic security access.

• Act as Level 1 incident commander for Cyber Security Management team

• Provide a high standard of customer services to our internal and external partners.

• Prepare status reviews and reports

• Maintain the necessary project plans and documentation of all system builds and modifications.

• Work with project teams to understand business needs and to deliver and implement projects.

• Communicate IT security related events and notifications to stakeholders, IT teams, and leadership.

• Recommend procedures and controls for problem resolution or creates temporary solutions until permanent solutions can be implemented.

• Ensure compliance with IT policies, procedures and standards.

• Report security issues when appropriate and gathers required information.

• Analyze audit trails to detect systematic security violations.

• Make recommendations to improve security and participates in investigations as needed.