Security Risk Analysts

The Security Risk Analyst acts as level 1 SPOC for Security and Privacy Risk Management. This includes, but not limited to Firewall policy approval for BAU request, IAM Access review and approval and assessment\approval of new software, DLP blocking, and review of VE’s laptop attestation certificates.
 

Location: YONDU HQ

Status: For Pooling

# of Positions Available: 1

Job Description
  • Monitors daily SRM email correspondence and responds to it based on agreed SLAs.
  • Generates and consolidates Monthly SRM KPI metrics reports.
  • Maintains completeness and updates of relevant SRM documents.
  • Monitors compliance to risk acceptance/ deviation request completion.
  • Monitors monthly vulnerability assessment report for production systems.
  • Monitors completeness of SRM Asset inventory database.
  • Conducts vulnerability scan activities for Globe Assets during project and production systems. This includes OS, Web, Database, APIs, and devices.
  • Conducts system hardening of servers based on Globe security standard, Agent installations, and ensuring that all systems are integrated to security platforms.
  • Manages and maintains SPRM tools and platforms managed by the team, this includes but not limited to VA scanners, SRM automation tool, AWS Compliance dashboards, Tableau, etc.
  • Other job-related activities that may be assigned from time to time.
     
Job Qualifications/Requirements
  • Education –  At least graduate of B.S. in Electronics and Communications Engineering, Computer Science/Engineering or any IT-related courses (should be 4-5 years course)
  • Training in Information Security, Linux, Windows, Project Management, Business Process Admin
  • Related Work Experience – At least 2-3 years work experience in Telecom or IT (IT systems/network administration, preferably hands-on experience in Server Operating System (Windows, UNIX/Linux) or network devices; IT security systems administration (Firewall/VPN, Intrusion Prevention Systems, Antivirus/Anti-spam, URL filtering, Encryption, etc.), Network Design/Engineering/Operations/Service Management
  • Knowledge –  Knowledgeable in the following:
    • IT systems/network administration, preferably hands-on experience in Server Operating System (Windows, UNIX/Linux) or network devices; IT security systems administration (Firewall/VPN, Intrusion Prevention Systems, Antivirus/Anti-spam, URL filtering, Encryption, etc.),
    • Working knowledge in Cloud platform ( AWS, Google, Azure, Openstack, VMWare)
    • Systems Integration
    • Telecom Network and Protocols
    • IT Audit Process
  • Skills:
    • Must have  good written and verbal communication skills
    • Must have initiative and creativity to understand, anticipate, and meet users’ requirements for website content.
    • Must have attention to detail
    • Must have the ability to work with minimum supervision and able to provide guidance to new team members.
    • Must have the ability to collaborate and build rapport with others.
    • Must have the ability to solve practical problems.
    • Must be adept to work in a fast-paced environment with tight SLAs.