Enable job alerts via email!

Risk and Security Assessment Consultant

HRTX

Makati

On-site

PHP 700,000 - 900,000

Full time

Today

Be an early applicant

Generate a tailored resume in minutes

Land an interview and earn more. Learn more

Job summary

A leading cybersecurity consulting firm in the Philippines is seeking a Risk and Security Assessment Consultant to conduct security and risk assessments, provide practical recommendations, and facilitate security training programs. The ideal candidate should have over 3 years of IT experience, specific security assessment background, and knowledge of data privacy frameworks. Strong communication and time management skills are essential for success in this role.

Qualifications

Over 3 years of experience in Information Technology.
Specific security assessments experience including Cloud Security Assessment.
Facilitated at least one IT Risk Assessment project.

Responsibilities

Conduct security and risk assessments and provide recommendations.
Engage in discovery workshops with key stakeholders.
Facilitate security training and awareness programs.

Skills

Information Technology experience

Security assessments

Data Privacy frameworks knowledge

IT Audit/Assessments

Technical writing

Effective communication

Time management

Education

Relevant certifications (CISSP, CISA)

About the job Risk and Security Assessment Consultant

Conducts security and/or risk assessments in a fast‑paced environment and provides timely, practical recommendations to mitigate identified risks
Performs security and/or risk assessments in alignment with industry standards (ISO 27001/2, NIST, CIS, PCI DSS, SWIFT CSP, CSA CCM), regulatory requirements (BSP circulars and others), and best practices
Carries out maturity assessments in cybersecurity and information technology
Engages in discovery workshops with consultants and key stakeholders across IT and other business units
Participates in project presentations for client project teams and other key stakeholders
Facilitates security training and awareness programs

Qualification

Possesses over 3 years of experience in Information Technology
Holds 23 years of specific experience in security assessments, including Cloud Security Assessment, Third Party Security Risk Assessments, ISMS/NIST Assessment, SOC 2 Type 2 Assessment, RCSA, Configuration Review, Architecture Review, and Controls Review (must have)
Has facilitated at least one (1) IT Risk Assessment project
Experienced in Data Privacy frameworks such as PDPA, GDPR, and the Data Privacy Act of 2012
Experienced in conducting Security Awareness and Training initiatives
Has at least 1 year of consulting or advisory engagement experience (preferred)
Strong knowledge in IT Audit/Assessments and Maturity Assessments
Strong knowledge of information security standards and guidelines, including ISO 27001/2, NIST, CIS, PCI DSS, and SWIFT CSP
Understands local regulations such as BSP circulars
Knowledgeable in cloud computing, storage, security, and virtualization best practices
Effective communicator with the ability to interact across all organizational levels
Skilled in technical writing and infographic reporting
Strong time management skills, capable of multi‑tasking and handling shifting priorities
Demonstrated ability to deliver exemplary customer service to both internal and external stakeholders
Preferably holds at least one of the following certifications: ISC2 CISSP, ISMS LA/LI, ISACA CISA or CRISC, or certifications relevant to PCI DSS, SWIFT, HITRUST, and other industry security standards/guidelines

Get your free, confidential resume review.

or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.