Deskripsi Pekerjaan
iBayad Online Ventures is seeking a proactive and detail-oriented Information Security Officer (Mid-Level) to join our growing team in Pasig City. In this critical role, you will be the guardian of our digital infrastructure, ensuring that our fintech solutions remain resilient against evolving cyber threats. You will collaborate with engineering teams to integrate security into every stage of the development lifecycle, fostering a culture of 'Security by Design' across the organization.
As a key member of our IT security group, you will not only manage compliance and risk mitigation strategies but also champion the adoption of automated security tools to streamline our operational efficiency. We are looking for a security professional who understands the balance between high-velocity development and robust data protection.
Tanggung Jawab
- Develop, implement, and monitor comprehensive information security policies and procedures.
- Conduct regular vulnerability assessments and penetration testing to identify and remediate security gaps.
- Collaborate with the engineering department to integrate and maintain Secure SDLC and DevSecOps best practices.
- Manage automated compliance tools to ensure continuous adherence to industry standards and regulatory requirements.
- Lead incident response activities and conduct thorough post-mortem analyses of security events.
- Perform regular security audits of cloud and on-premise infrastructure.
- Provide security training and awareness sessions for internal stakeholders and development teams.
Kualifikasi
- Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field.
- 3-5 years of proven experience in information security, risk management, or a similar capacity.
- Solid understanding of Secure SDLC principles and DevSecOps methodologies.
- Hands-on experience with automated compliance, vulnerability scanning, and security monitoring tools.
- Strong knowledge of information security frameworks (e.g., ISO 27001, NIST, PCI-DSS).
- Excellent analytical, problem-solving, and communication skills.
- Relevant certifications (e.g., CISSP, CISM, CompTIA Security+, or CEH) are highly preferred.