Manager, Information Security

About Us

Quantrics Enterprises, Inc. is a premier global provider of customer-centric solutions. Our commitment to excellence and innovation has positioned us as a leader in delivering cutting-edge digital services to our exclusive partners.

Position Overview:

As an Information Security Manager, you will develop your skills in a supportive environment while managing and enhancing the organization’s security maturity and posture.

You will have the opportunity to:

• Create and enforce security policies, protocols, and procedures tailored to the organization's needs.
• Identify, assess, and mitigate security risks to protect the company from threats such as cyberattacks, data breaches, and insider threats.
• Regularly conduct security assessments, monitor systems for vulnerabilities, and ensure the application of effective security controls.
• Lead or participate in the response to security incidents, including investigating breaches, coordinating with response teams, and implementing corrective actions to prevent recurrence.
• Organize and facilitate security training programs for employees in collaboration with the HR Learning and Development team.
• Prepare for and conduct internal and external audits, including evidence collection, documentation, and remediation of findings.
• Collaborate closely with IT, HR, physical security, and other departments to ensure cohesive security practices and compliance across the organization.
• Evaluate third-party vendors to ensure they adhere to the organization’s security requirements.

You will be an ideal candidate if you have:

• Education: Bachelor’s degree in Information Security, IT, Computer Science, or another relevant discipline; degrees in other fields with relevant experience, background, and a comparable profile.
• Experience: Minimum of 3-5 years of experience in information security, information assurance, security compliance project management, IT/systems audit, risk management, or related areas.
• Technical Knowledge: Solid understanding of information security principles, risk management, threat analysis, security architecture, data protection, identity and access management, compliance standards, incident response, vulnerability management, secure software development concepts, and the anatomy of hacking and intrusion attacks.
• Knowledge of Security Operations: Familiarity with cybersecurity monitoring, developing, implementing, and reviewing security controls, knowledge of Active Directory, O365, cloud platforms, networking and programming concepts.  Previous experience with security technologies (e.g. firewalls, VPN, IDS/IPS, antivirus/EDR, access management) is desirable.
• Understanding of Compliance Requirements: Knowledge of regulatory requirements and standards (e.g., Data Privacy Act 2012, GDPR, PCI-DSS, SOC 2, ISMS ISO 27001, NIST CSF).
• Certifications: There is no substitute for experience. Certifications are desirable but not required — entry-level (e.g., CompTIA Security+, SANS GSEC, ISACA Cybersecurity Fundamentals, ISC2 Certified in Cybersecurity (CC) and advanced (e.g., CISSP, CISM, CEH).

Soft Skills:

• Problem-Solving Abilities: Strong analytical and critical thinking skills to identify security risks and develop effective mitigation strategies.
• Attention to Detail: Meticulous in enhancing security processes, spotting anomalies, conducting investigations, and maintaining accurate security documentation.
• Communication Skills: Excellent written and verbal communication skills, with the ability to develop security policies, documentation, and awareness programs, and effectively convey security concepts to both technical and non-technical audiences.
• Adaptability and Resilience: Ability to remain calm and focused under pressure, such as during security incidents.
• Customer Focus: Understanding of balancing security needs with business objectives.
• Project Management: Experience managing security projects, such as achieving security certifications, coordinating training programs, collaborating with outsourced security operations (SOC), and enhancing security documentation and its lifecycle.
• Team Leadership: Ability to build, lead, and motivate high-performing teams, foster collaboration, effectively delegate, resolve conflicts, and drive continuous improvement. 
• Continuous Learning: Passion for learning and staying updated on security trends, threats, tools, and best practices.

Reporting to : Director, Information Security and Corporate Resilience

Reporting to : Taytay, Rizal with possibility to travel in Naga and San Mateo

If this role sounds interesting to you, please click apply. We’d love to hear from you!