Jr. Infosec Officer - Security Risks

Company Description

Who are we?

TSA is an Australian-owned business specializing in helping companies acquire, retain and grow their consumer customer bases. We represent some of the country's largest brands, across eight call centres in Australia and internationally.

We’re a purpose driven business and our mission is clear. We endeavor to create experiences that people love, by revolutionizing the way they connect and communicate with brands.

What should you expect from this role?

• Competitive Salary Package
• Onsite Work Set Up 
• Monday to Friday shift (9AM - 6PM) 
• 2 Full time Roles Available

Job Description

The Jr. Information Security Officer for Security Risks or Security Risk Officer will be responsible for conducting security risk assessments, security incident management, cyber threat intelligence to support TSA’s Information Security Program and improve the organisation’s security posture. This role ensures timely delivery of cyber threat reports to relevant audience, i.e. Tech Team, the Group Leadership, Executive Leadership, and companywide.

The Security Risk Officer will work closely with the Information Security team with regards to the implementations of the organisation’s Information Security Program, IT department, and other business units. The collaboration will mostly involve security awareness campaigns, IT risk mitigation strategies, and management of attack surface of the organisation.

Responsibilities

• Cyber threat intelligence and vulnerability management
  - Support and lead the TSA Threat Hunter’s Council members in performing physical and cyber security
  - Lead the threat intelligence initiatives through collection of reports from OSINT resources.
  - Lead the assessment of threat reports and provide result of assessments to intended audience such as System Administrators, Network Engineers, DevOps, and other business units.
• Exposure and attack surface management
  -Monitor and manage security events using tools such as CrowdStrike Falcon Complete, Proofpoint Email Security Platform, CATO Management Application (CMA).
  -Assist the system administrators in monitoring security related events and initiatives in Microsoft Entra ID, Active Directory, Microsoft Intune, and other server and system tools.
  -Assist the network engineers in monitoring security related events and initiatives in CATO, PRTG, Gray log, and other network tools.
  -Participate in VAPT activities and assist in scoping, determining test methodologies, and other relevant requirements.
  -Participate and track remediation activities from VAPT, risk assessment, and other vulnerability assessment and scanning activities performed internally or externally.
• Governance and risk management
  - Assist the information security team in engaging with ISMS stakeholders of the TSA security governance program initiatives and requirements.
  - Assist the information security team in third-party risk management and other pertinent process and procedures related to managing security risks over vendors and third-party service providers.
  - Perform risk assessments and risk reviews pertinent to the ISMS according to ISO 27001, PCI DSS and other relevant security and privacy standards.
  - Provide security awareness to all employees by means of presentations, communications and other methodologies adopted by TSA and provide recommendations for strengthening and ensuring delivery of the security awareness campaign.
•  Security Incident management
  -Support in the development, review, updating of the Information Security Incident Response Plan and Playbooks (SIRP)
  -Regularly perform preparations and capability assessments and testing of incident response of IT and other business units
  -Collaborate with Information security team, Organisational Resiliency, IT SMEs in determining areas for improvement with regards to incident handling
• Cyber threat intelligence and vulnerability management
  - Perform threat intelligence through OSINT and other open-source methodologies
  - Assist the information security team in preparation and planning VAPT and red teaming activities
  - Develop, collate, and manage related documents in threat and vulnerability management.

Qualifications

Essential: 

• BS IT, IS, Comsci, or other related tech or security courses or equivalent trainings and experience.
• Minimum 3 years’ experience as a SOC analyst, Systems Security or Network Security Administration, IT security officer, Security GRC analyst, or similar.
• Must have technical awareness and familiarity of security controls and frameworks based on ISO27000 family of standards, Australian Signals Directorate Essential 8, NIST CSF 2.0 and NIST SP 800-53, PCI DSS requirements and systems
• Knowledgeable in handling security incidents and working with tech team to resolve issues related to security.
• Knowledgeable in security tools such as SASE, EDR and email security gateway platforms like CATO, CrowdStrike, and Proofpoint.
• Must have excellent communication skills including ability to write and speak comfortably and articulate technical matters to non-technical audience.
• Must have excellent work ethics and ability to work with various business units and deliver initiatives effectively and efficiently.

Additional Information

At TSA, the health, safety and well-being of our team is our number one priority! In response to the COVID-19 pandemic we have introduced a number of robust practices to keep our team safe, such as; physical distancing measures, control measures for our visitors, temperature testing, isolation requirements where applicable and so much more.

We take our responsibility to protect the health and well-being of our team and our community very seriously.

IMPORTANT: The Inter-Agency Task Force for the Management of Emerging Infectious Diseases (IATF) issued Resolution No. 148-B which states that, effective December 1, 2021, all employees reporting on-site must be vaccinated against COVID-19. If you have questions regarding this guideline, please make sure to discuss this with our Recruitment Team during job offer.

Like & Share the TSA FB Page and be up to date with TSA News!

Facebook PH

Check out our social media pages:

TSA Website

Instagram

LinkedIn

Philippines Office address:

14F Five E-com Center, Harbor Drive, Mall of Asia Business Complex, Pasay City, Metro Manila, Philippines 1300