SUBSIDIARY ABS-CBN Corporation
POSITION Senior Security Analyst – Ethical Hacker
WORK LOCATION National Capital Region
DATE POSTED November 29, 2017

BUSINESS SUMMARY

ABS-CBN Corporation is the Philippines' leading information and entertainment multimedia conglomerate. The Company is primarily involved in television and radio broadcasting, as well as in the production of television and radio programming for domestic and international audiences and other related businesses. ABS-CBN produces a wide variety of engaging, world-class entertainment programs that are aired on free-to-air television.

The Company is also one of the leading radio broadcasters, operating eighteen radio stations throughout the key cities of the Philippines. ABS-CBN provides news and entertainment programming for nine channels on cable TV and operates the country's largest cable TV service provider. The Company also owns the leading-cinema and music production and distribution outfits in the country. It brings its content to worldwide audiences via cable, satellite, online and mobile.

The Company has interests in content development and production, cable and satellite television services, merchandising and licensing, mobile and online multimedia services, glossy magazine publishing, video and audio post production, and overseas services, all of which complement and enhance ABS-CBN's strength in content production and distribution.

RESPONSIBILITIES

    Conduct advanced penetration tests to identify vulnerabilities in computer systems, networks, applications, web and other systems which could be targets or penetrated by threat actors. Be familiar with the infrastructure of the company and its business operations. Conduct and analyze risk assessments and assist to put in place measures to control vulnerable areas. The ethical hacker must simulate breaches to network security and develop measures to lock down areas of risk. Strive to ensure that any information that could damage the reputation or finances of the company or its clients does not get compromised.
     
    Responsibilities:
    • Conduct daily vulnerability assessments and threat evaluation using available tools and solutions.
    • Conduct network, server, application, wireless, IOT, and web security assessments
    • Conduct penetration testing on identified targets on a regular basis
    • Review third-party VAPT and audit results
    • Basic Malware analysis
    • Work with the different IT Operations teams in identifying high-risk security issues and recommend appropriate solutions and strategies to mitigate the risks
    • Act as a level 2 resource for security analyst teammates
    • Be an SME for the different IT groups for penetration testing-related matters

REQUIREMENTS

    • Bachelor’s degree/College/University graduate on Computer Science, Computer Engineering, IT, ECE or related fields
    • Extensive working knowledge of different security technologies and concepts such as but not limited to Vulnerability Assessment (Qualys, Nessus, Tenable), Penetration Testing (Metasploit), SIEM, DLP, IPS/IDS, WAF, Cloud Security (CASB, NGFW), IAM, Cyber Incident Response, Digital Forensics
    • Must be practicing penetration testing for the last 2-3 years
    • Working knowledge of IT Infrastructure such as but not limited to network, systems, applications, etc.
    • Programming knowledge (Java, PHP, C++, scripting, etc.)
    • Minimum 6-8 years of work experience in IT and Information Security field
    • Analytical, organized, excellent oral and written communication skills
    • Must have an active certification/s (CEH, CISSP, CISM, GPEN, CPEH or equivalent)
    • *Willing to start by January 2018 onwards

Preference will be given to candidates who APPLY ONLINE.