IT Security and GRC Support

We're Hiring: IT Security and GRC Support!

Looking for a role that fosters collaboration, creativity and career growth in a vibrant office environment We got you covered!

We are currently on the lookout for an IT Security and GRC Support to join our team at Cloudstaff, the #1 workplace everywhere! Think you qualify for the role Attach a 1-2 minute video intro and introduce yourself to us so we can meet you virtually. Attach this together with your updated CV to become a priority applicant!

Role: IT Security and GRC Support

Work Arrangement: Work from Home

Location: Philippines - Any CS Branch (Makati, Ortigas, Pampanga, Tarlac, Cebu, Davao)

Schedule: Morning shift

Job description:

MAJOR OBJECTIVES

• Assist with maintaining the organisation's cyber security governance and compliance framework, including the ISO/IEC 27001 Information Security Management System (ISMS) and Australian Essential Eight maturity program.
• Maintain security documentation, registers, and evidence required for compliance monitoring, reporting, and audit activities.
• Support the day-to-day operation of cybersecurity by monitoring security alerts, logs, and system notifications, and carrying out routine operational administration across the organisation's security tools and platforms.
• Perform routine operational cybersecurity and governance tasks to ensure security controls remain effective and the efficient operation of the IT Security function.

KEY OUTCOMES, TASKS & DUTIES

IT Security Monitoring Support

• Monitor security alerts, logs, and system notifications across security monitoring and security tooling platforms.
• Review and action security alerts escalated by the managed security service provider (MSSP) and coordinate internal investigation or remediation activities where required.
• Assist with collecting logs and supporting information during security investigations.

Governance & Compliance Support

• Maintain and enhance ISMS documentation, security registers, and compliance evidence, including drafting updates and new documentation as required.
• Assist with audit preparation and evidence collection activities.
• Support monitoring and documentation associated with the organisation's ISO/IEC 27001 ISMS and Essential Eight program.
• Maintain IT Assurance and Compliance calendar.
• Assist with third-party and supplier cyber security risk assessments.
• Operational Security Support
• Perform routine administrative and operational activities across the organisation's IT security tooling environment.
• Assist with vulnerability remediation and security configuration activities in coordination with IT teams.
• Support reporting activities and operational security reviews (e.g., Access Reviews) as required.

EXPERIENCE AND TECHNICAL CAPABILITIES

• Strong communication and documentation skills
• Experience creating and maintaining documentation and registers associated with ISO/IEC 27001 or similar security frameworks.
• Experience working within a multi-regional enterprise IT environment with exposure to cybersecurity operations
• Experience supporting patching and vulnerability remediation activities across Windows client and server environments.

Technical Experience, Exposure to enterprise security technologies such as:

• Microsoft Active Directory / Microsoft Entra ID
• Endpoint Detection and Response (EDR) platforms (e.g. CrowdStrike or Microsoft Defender)
• Vulnerability management platforms
• Microsoft security and endpoint management technologies or similar enterprise security tooling.

Qualification and requirements:

• Relevant tertiary qualification in Information Technology, Cyber Security, or a related discipline, or equivalent industry experience.
• ISO/IEC 27001 Foundational or similar framework training.
• Industry certifications such as the following are desirable:
• CompTIA Security+
• Microsoft Security certifications
• Other relevant security certifications.

Non-negotiable skills & requirements:

• Strong communication and documentation skills
• Experience creating and maintaining documentation and registers associated with ISO/IEC 27001 or similar security frameworks.
• Experience working within a multi-regional enterprise IT environment with exposure to cybersecurity operations
• Experience supporting patching and vulnerability remediation activities across Windows client and server environments.

Technical Experience, Exposure to enterprise security technologies such as:

• Microsoft Active Directory / Microsoft Entra ID
• Endpoint Detection and Response (EDR) platforms (e.g. CrowdStrike or Microsoft Defender)
• Vulnerability management platforms
• Microsoft security and endpoint management technologies or similar enterprise security tooling.

Perks & Benefits:

• Comprehensive health and life insurance on your 16th day of employment, covering 1 free dependent on the 16th day of employment
• Flexible leave credits which may be used for vacation, emergency and sick leaves
• Quarterly perks boxes for WFH staff, offering groceries and snacks to keep you fueled
• Superb and exciting Mid-Year Parties – with items to give away and cash prizes!
• Endless opportunities for career advancement
• Annual Performance Review with Salary Increase
• We set you up for success with a company-provided PC/Laptop and fiber internet connection
• Tech-on-wheels Support
• Participate and join our CS Social Clubs and Special Interest Groups to connect with colleagues
• International career growth and connections
• Unlimited cash incentives for hired referrals
• Mental Wellness Employee Assistance program through Lifeworks
• In-house psychiatrist available to support employees well-being
• Become part of the Employee Share Units program
• Cloudstaff Dream Points - To be used for bidding useful items like appliances, kitchenettes etc.

Cloudstaff : Build Your Career, Anywhere

Established in 2005, Cloudstaff is a leading outsourcing company that empowers businesses to thrive through smarter talent solutions. We're passionate about creating a work environment that fosters your professional growth and overall well-being.

Why Cloudstaff is the #1 Workplace

• Award-winning Culture: We're committed to building the #1 Workplace Everywhere, with a proven track record of staff engagement initiatives and industry recognition
• Invest in You: We support your development through comprehensive training programs, mentoring and opportunities for career advancement
• Thrive as an Individual: We offer a strong work-life balance with flexible schedules, meaningful perks and a collaborative team environment.

**To become a priority applicant, please share a 1-2 minute video introduction detailing you experience in this specific role. You can upload your video to the CSJobs platforms. Please use a clean, distraction-free background and speak clearly and articulately.**