The IT Security Lead is responsible for overseeing the security of the organization's information systems. This role involves managing the day-to-day security operations, 

developing and implementing security policies, leading incident response efforts, and 

ensuring compliance.

Key Responsibilities:

• Supervision and Leadership:
• Coordinate team activities, including monitoring, vulnerability management, and threat hunting efforts.
• Facilitate knowledge sharing and training to keep the team updated on the latest security trends and technologies.
• Security Operations:
• Oversee the monitoring of security alerts and incidents, ensuring timely investigation and resolution.
• Manage security tools and technologies, such as firewalls, intrusion detection/prevention systems, and endpoint security solutions.
• Lead incident response efforts, ensuring proper analysis, containment, and remediation of security threats.
• Policy Development and Compliance:
• Develop, implement, and maintain security policies, procedures, and guidelines in line with industry best practices (e.g., ISO 27001, NIST, PCI DSS)
• Ensure the organization complies with relevant regulatory requirements and internal security policies.
• Conduct security audits and assessments to identify potential risks and areas of improvement.
• Risk Management and Mitigation:
• Perform regular vulnerability assessments and penetration testing to identify security weaknesses.
• Work closely with other IT Teams to implement security controls and mitigate identified risks.
• Monitor the threat landscape and ensure that the organization’s defenses are continuously evolving.
• Project Management:
• Lead security projects, such as security tool implementation or system upgrades, ensuring timeliness and budgets are met.
• Collaborates with other departments (IT, legal, HR, etc.) to integrate security practices into business processes.
• Prepare and present reports on security performance, incidents, and trends to senior management.
• Security Awareness and Training:
• Develop and conduct security awareness training for employees to promote security-conscious behavior.
• Communicate security policies and procedures effectively across all levels of the organization.

1. Requires a bachelor’s degree with at least 2-3 years of experience in the field Information Technology specifically in Technical Support, Systems and Network Management.

2. Familiar with a variety of the field’s concepts, practices and procedures.

3. Familiar with the following concepts.

        a. LAN/WAN

        b. Internet VPN

        c. Email (POP3/IMAP Configuration)

        d. Proxy/ Firewall/ Content Filtering

        e. Switches, Wireless and Network Devices

        f. Antivirus, Anti-spam software, Anti-spyware

        g. Windows OS, Linux and other server and desktop operating systems

4. With innovative thinking and leadership skill and can motivate cross-functional, interdisciplinary teams.

5. Exceptional verbal and writer communication skills in English and Filipino.

6. Adaptability and strong technical problem-solving skills.

7. Ability to build rapport and collaborate with others within the company and externally.

8. Preferably with Customer Relationship training since the position will require coordination or interaction with clients and vendors at certain cases.

9. Knowledge of common information security management frameworks, such as  ISO/IEC 27001.

10. Experience with contract and vendor negotiations and management including managed services.

11. Ability to lead and motivate a team.