Perusahaan | Stradcom CorporationLihat lainnya |
Alamat | Quezon City, Philippines |
Bentuk pekerjaan | Toàn thời gian |
Kategori | Umum / Lain-lain |
Uraian Tugas
- Development, implementation and maintenance of Security Programs, Policies and Procedures
- Supports in the development of applicable globally-accepted standards, guidelines and procedures to achieve compliance to security policies and programs
- Contributes in the formulation and enhancement of the corporate Information Security Policy
- Implements and maintains established Information Security management program of the company
- Maintains reliability and integrity of the IT infrastructure by developing, implementing and exercising:
- Comprehensive Business Continuity Plan (including documentation of detailed procedures) to help the organization achieve recovery capabilities at an alternate site (Disaster Recovery Center)
- Incident Management Process (including documentation of detailed procedures) how to handle security incidents
- Other security programs in pursuit of new regulatory or legal compliance as authorized and approved by the Management
- Development, implementation and maintenance of IT Risk Management Process for IT Infrastructure
- Assists owners/custodians identify, evaluate, assess and secure their information assets
- Assists in determining the security posture of IT systems, applicability and effectiveness of implemented controls
- Generates and submits compliance and security assessment findings, recommendations and reports to the department manager
- Research and development of applicable controls from emerging security trends and technologies
- Selects, evaluates, recommends security controls
- Monitors and generates reports of the security program implementation, business continuity and recovery testing and activities during security assessments
- Development, implementation and maintenance of Procedural and Technical Security Controls
- Implements recommended security controls resulting from the risk assessment
- Monitors and generates reports of system status, performance and security events of implemented security controls
- Resolves issues arising from problems encountered on implemented security controls and/or escalates to third-party technical support
- Monitors and handles security incidents in accordance to established Incident Management Procedure which may involve coordination with other departments and external parties
- Maintains technical security controls managed by the department by conducting regular maintenance activities not limited to backup of systems
- Develops and maintains processes, procedural documents and up-to-date inventory of deployed and implemented security controls
- Observes and facilitates change management process for equipment, facilities, hardware and software utilized in the IT infrastructure
- Extended Delivery of Security Services (Security Education/Awareness Program, Consultancy and others)
- Supports in the development and conduct of approved Information Security awareness program to all employees and third-party personnel engaged with the company
- Assists in providing technical consulting services in accordance with approved standards to other departments on matters related to Information Security
- Assists the department in coordination with the Legal Division to achieve regulatory and legal compliance
- Works with internal and external/third-party auditors and consultants
- Coordinates with other Technical teams so that reliable and secure services are provided to internal and external clients
- Supervises the activities of third-party personnel/consultant whenever they are working on-site
- Regularly attends conferences, professional association meetings and technology seminars to remain well-informed with the latest Information Security technological developments.
- Performs other job-related tasks and projects that may be assigned by his/her superiors from time to time.
Meminta
- Knowledge of information security management systems and information security governance (information risk management, business continuity and recovery strategies, incident handling concepts), security administration, network systems, operating systems,
- College graduate of Electronics & Communications Engineering or Information Technology or any related course
- At least 3 years in IT industry and 1 year expereince as Information Security Officer
Refer code: 740810. Stradcom Corporation - Hari sebelumnya - 2024-04-16 16:20