INFORMATION SECURITY ANALYST

About Security Bank

We are the Philippines' largest independent bank, having won countless awards over the years, including Philippines' Top Employer, named by Statistica, and Best Bank for Diversity and Inclusion, awarded by Asiamoney.​​

We’re changing how people bank. From the moment customers enter our branches to their experience online, we make them feel valued and empowered.​
​
Now, with more than 300+ branches nationwide, BetterBanking has become the gold standard in improving the banking lives of millions of Filipinos. But we’re far from done.​

In our constant pursuit of excellence and improvement, we create teams that support our business and each other. 

About the role:

As an Information Security Analyst, you will be responsible for helping develop IT security controls and initiatives that align with regulatory requirements, SBC's business objectives and our established Information Security Program. S/He provides support to the development of controls and standards in the areas of application & infrastructure security, cloud security, cryptography, incident response, vulnerability management, and IT resiliency. S/He is also responsible for supporting the maintenance, measurement, monitoring and reporting of established IT security KPIs.

How you'll contribute: 

• Supports other departments in the division in matters of IT security controls implementation, IT Security solutions development, security and standards compliance.
• Monitors management metrics (performance and alignment of the strategy) and technical metrics (how well the security controls are working) to measure achievement of IT security KPIs within the division.
• Consolidates and generates management reports and dashboards based on predefined and approved SLAs.
• Helps monitor and evaluate the maturity of IT security control implementations and measures compliance across the IT Security Operations, IT Security Engineering, & IT Security Assessment teams
• Contributes to the achievement of IT Security Operations and Governance Division’s Strategic Plans
• Supports a positive and collaborative digital delivery culture with a philosophy of continuous improvement, development, innovation and excellence, while remaining in compliance with the bank’s policies and procedures and upholding the highest standards of professional conduct.

What we’re looking for

• Knowledge of information security principles and practices, as well as a deep understanding of security risks and threat vectors.
• Familiarity with security regulations and standards, such as PCI DSS, NIST, and ISO 27001.
• Ability to identify and assess potential security risks, and to develop and implement mitigation strategies.
• Familiarity with security technologies and solutions, such as firewalls, intrusion detection and prevention systems, and encryption technologies.
• Knowledge of security best practices, including risk assessment and management, threat intelligence, incident response, and disaster recovery.
• Knowledge of network architecture and protocols, and an understanding of how to secure network and system infrastructure.
• Familiarity with application security, including secure coding practices and threat modeling.
• Understanding of cloud security concepts and best practices, particularly as they relate to public cloud platforms such as AWS, Azure, and Google Cloud.