Information Security Officer

Pasay, Philippines

Applications have closed

TSA Group

TSA is a leading customer experience, call centre outsourcing, tech transformation, bespoke consulting, customer support provider in Australia. Learn More.

View all jobs at TSA Group

Company Description

Who are we?

TSA is an Australian-owned business specializing in helping companies acquire, retain and grow their consumer customer bases. We represent some of the country's largest brands, across eight call centres in Australia and internationally.

We’re a purpose driven business and our mission is clear. We endeavor to create experiences that people love, by revolutionizing the way they connect and communicate with brands.

What should you expect from this role?

  • Competitive Salary Package
  • Onsite Work Set Up 
  • Monday to Friday shift (9AM - 6PM) 
  • 2 Full time Roles Available

Job Description

The Information Security Officer will plan, implement, upgrade, and monitor security protocols for the protection of the TSA’s computer networks and information.   

The Information Security Officer will foster collaboration between IT and business units, ensuring compliance in Technology programs and projects, and working closely with Internal and External Audit teams throughout the process. They will also manage the process of gathering, analysing, and assessing information security and privacy threats while maintaining and monitoring evolving security best practices. 

Information Security Officer will be responsible for overseeing information security, cybersecurity and IT risk management programs based on industry-accepted information security and risk management frameworks. This individual will be an integral part of the Information Technology organisation reporting directly to the VP of Engineering to help improve and communicate the maturity levels of information security, state of cybersecurity and IT risk practices across TSA. 

Responsibilities

  • Document controller
    - Collate and organise documents related to compliance against international standards and regulatory requirements
    - Engage with ISMS stakeholders and other business unit heads and representatives in collecting pertinent documents
    - Manage documents and track versions, changes, and revisions according to emerging trends, regulatory and industry standard requirements
  • Compliance management
    - Work with the information security team in performing gap analysis, policy and procedure development
    - Review and assess compliance of initiatives against adopted standards of the organisation (ISO 27001:2022, PCI DSS, etc.)
    - Review and assess compliance requirements against regulations of Office of the Australian Information Commissioner (OAIC), National Privacy Commission (NPC) for the Philippines, and Office of the Privacy Commissioner (OPC) for New Zealand.
    - Review and assess compliance requirements against other pertinent regulations such as GDPR and other similar privacy and security regulations, and international standards such as CIS Controls, NIST CSF 2.0, NIST RMF, and other similar standards.
  • Governance and risk management
    - Assist the information security team in engaging with ISMS stakeholders of the TSA security governance program initiatives and requirements.
    - Assist the information security team in third-party risk management and other pertinent process and procedures related to managing security risks over vendors and third-party service providers.
    - Perform risk assessments and risk reviews pertinent to the ISMS according to ISO 27001, PCI DSS and other relevant security and privacy standards.
    - Provide security awareness to all employees by means of presentations, communications and other methodologies adopted by TSA and provide recommendations for strengthening and ensuring delivery of the security awareness campaign.
  •  Security Incident management
    - Work with the information security team in reviewing, revising, and developing incident response plan and playbook
    - Regularly perform preparations and capability assessments and testing of incident response of TSA
    - Collaborate with information security team and IT specialists and engineers in determining areas for improvement with regards to incident response handling
  • Cyber threat intelligence and vulnerability management
    - Perform threat intelligence through OSINT and other open-source methodologies
    - Assist the information security team in preparation and planning VAPT and red teaming activities
    - Develop, collate, and manage related documents in threat and vulnerability management.

Qualifications

Essential: 

  • BS IT, IS, Comsci, or other related tech or security courses or equivalent trainings and experience.
  • Must have at least 3 years of experience as a SOC analyst, security analyst, GRC analyst, IT audit or similar experience.
  • Desired certifications or certificate (Certificate of course completion are considered): 
    - CompTIA Security+
    - CCNA Security
    - ISO 27001 LI / LA
    - ISC2 CC or SSCP
    - ISACA CSX-P, CCOA
    - Higher certifications will be greatly considered but not necessarily required (CISSP or associate of ISC2, CISA, CISM, GCIH, or similar)
  • Desired skills and knowledge:
    - Security risk management
    - Project management
    - IT or IS auditing
    - Incident response
    - ISO 27001 foundation, implementation and/or auditing
    - Threat intelligence and/or knowledge in threat hunting and threat modelling
    - Familiar with security and network tools such as CrowdStrike.

Additional Information

At TSA, the health, safety and well-being of our team is our number one priority! In response to the COVID-19 pandemic we have introduced a number of robust practices to keep our team safe, such as; physical distancing measures, control measures for our visitors, temperature testing, isolation requirements where applicable and so much more.

We take our responsibility to protect the health and well-being of our team and our community very seriously.

IMPORTANT: The Inter-Agency Task Force for the Management of Emerging Infectious Diseases (IATF) issued Resolution No. 148-B which states that, effective December 1, 2021, all employees reporting on-site must be vaccinated against COVID-19. If you have questions regarding this guideline, please make sure to discuss this with our Recruitment Team during job offer.

Like & Share the TSA FB Page and be up to date with TSA News!

Facebook PH

Check out our social media pages:

TSA Website

Instagram

LinkedIn

Philippines Office address:

14F Five E-com Center, Harbor Drive, Mall of Asia Business Complex, Pasay City, Metro Manila, Philippines 1300

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  0  0  0

Tags: Audits CISA CISM CISSP Compliance CompTIA CrowdStrike GCIH GDPR Governance Incident response ISACA ISMS ISO 27001 Monitoring NIST OSINT PCI DSS Privacy Red team Risk assessment Risk management RMF SOC SSCP Threat intelligence Vulnerability management

Perks/benefits: Career development Competitive pay

Region: Asia/Pacific
Country: Philippines

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.