Determine the risk position of PLDT group as a result of changes in the technology architecture, products and services.

• Execute or review a general security review based on company-accepted standards and good industry practices.
• Execute or review a compliance assessment of PLDT’s technology architecture, products and services to applicable regulations.
• Provide recommendations to improve the cybersecurity risk position of PLDT’s technology architecture, products and services as a result of technical security testing.

Assess and provide recommendations for requests that deviate from the PLDT group’s policies and standards

• Assess Non-standard internet access requests
• Assess installation of non-standard applications and granting of local admin rights to users
• Assess requests to use external storage devices

Project Management

• End to end project management to ensure that deliverables are completed within the planned timeline and/or service level objectives.
• First level quality control to ensure that relevant and up to date project records that document the work done and the recommendations delivered are maintained

People Management

• Provide timely and relevant upward and downward feedback on staff performance.
• Take an active role in the career development of staff

Qualifications:

• Bachelor's Degree
• At least 5 years' related work experience.
• Previous hands-on experience with system and/or network administration.
• Experience in system administration of Unix like Operating Systems and/or Windows as well as system services or daemons.
• Knowledgeable of TCPI/IP concepts and ability to analyze packet captures.
• Experience with various network and system security controls.
• Understanding on the anatomy of various security incidents, ex: CSS, CSRF, SQL Injection, DDoS, rootkits, malware, OS exploitation etc.
• Preferably with background in any of the following areas: Information Security (any field), Information Technology (any field), Telecommunications technology, Information Systems Audit, Operational Risk, Process and Policy Development, or Compliance.
• Proficient written and verbal communication skills.
• Must display clear and definite interest to pursue a career in information security.

Please refer to job description.