SUBSIDIARY ABS-CBN Corporation
POSITION Senior Security Analyst (For Pooling)
WORK LOCATION National Capital Region
DATE POSTED March 30, 2020

BUSINESS SUMMARY

ABS-CBN Corporation is the Philippines' leading information and entertainment multimedia conglomerate. The Company is primarily involved in television and radio broadcasting, as well as in the production of television and radio programming for domestic and international audiences and other related businesses. ABS-CBN produces a wide variety of engaging, world-class entertainment programs that are aired on free-to-air television.

The Company is also one of the leading radio broadcasters, operating eighteen radio stations throughout the key cities of the Philippines. ABS-CBN provides news and entertainment programming for nine channels on cable TV and operates the country's largest cable TV service provider. The Company also owns the leading-cinema and music production and distribution outfits in the country. It brings its content to worldwide audiences via cable, satellite, online and mobile.

The Company has interests in content development and production, cable and satellite television services, merchandising and licensing, mobile and online multimedia services, glossy magazine publishing, video and audio post production, and overseas services, all of which complement and enhance ABS-CBN's strength in content production and distribution.

RESPONSIBILITIES

    Provide Information Security Senior Level support and expertise in the following areas but not limited to: Governance, Policies, Processes, Vulnerability Management, Incident Management, Network Security, Server Security, Identity and Access Management, End-Point Protection, Application Security, Cyber Incident Response, Data Loss Prevention, User Awareness and Security Audit. 
    • Work with the different IT teams in identifying high-risk security issues and recommend appropriate solutions and strategies to mitigate the risks
    • Conduct Vulnerability Assessment using manual or automated tools and interpret the results
    • Conduct Penetration Testing when required or as necessary
    • Conduct Database and Application Risk Assessment
    • Analyze and provide own recommendations for assessments like Internal Audit, VA and PT among other if done by third party
    • Validate compliance on security requirements based on available standards and best practices
    • Validate remediation activities conducted by network, systems administrators and application developers
    • Assist in updating the risk treatment plan and collaborate with system owners of their immediate supervisors to maintain security risk levels to acceptable standards based on risk rating
    • Conduct review sessions with the different groups to assess new releases, new security risks, Access Reviews, maintenance and clean-up, security assessment and assurance reports, Standards update, etc.
    • Act as level 2 resource for security analyst teammates
    • Perform other routine IT risk and security administrative tasks
    • Be the SME for the different IT groups for InfoSec-related matters

REQUIREMENTS

    • Bachelor’s degree/College/University graduate on Computer Science, Computer Engineering, ECE or related fields
    • Working knowledge of different security technologies and concepts such as but not limited to VA/PT, SIEM, DLP for gateway and endpoints, NGFW, UTMs, IPS/IDS, WAF, Cloud Security Operations Center, Digital Forensics, User Awareness platforms, Patch Management
    • Working knowledge of IT Infrastructure such as but not limited to network, systems, applications, etc.
    • Programming knowledge (Java, PHP, C++, scripting, etc).
    • Minimum 6-8 years of work experience in IT and Information Security field
    • Analytical, organized, excellent oral and written communication skills
    • Preference will be given to applicants who has active certifications (CEH, CISSP, CISM, Security+, CCNA security, or equivalent)

Preference will be given to candidates who APPLY ONLINE.