Senior Cyber Security Analyst

Hi! We're Smartsourcing, and we're looking for a full-time, on-site Senior Cybersecurity Analyst to strengthen our defences, support compliance initiatives, and guide the business through threat monitoring, identity management, and incident response readiness.

Where You'll Be: JEG Tower, Archbishop Reyes, Corner Acacia St., Barangay Kamputhaw, Cebu City, 6000 Cebu

The Cyber Security Analyst is responsible for protecting our IT infrastructure, users, and data. You\'ll help minimise risk from cyber threats, monitor and strengthen security controls, and ensure any incidents are handled quickly and effectively. Your work keeps the organisation secure and reduces the chance of future breaches.

Cybersecurity

• Assists in monitoring company compliance to IT security policies.
• Assist with incident response and execution of company security incident response plan.
• Monitor and manage security events and alerts from a variety of sources (Azure, Defender, Keeper, Cloudflare etc).
• Assess and mitigate CVEs and CVSSs from multiple threat intelligence sources.
• Monitor threat intelligence and ensure risk mitigation and communication through the company where necessary.
• Assist with cybersecurity and phishing training for staff.
• Assists in maintaining and implementing GPO policies in Azure.
• Implement Identity Management via SSO across all MS Azure compliant tools used by the business.
• Works with Network Specialist to manage and monitor VPN and firewall rules.
• Works with System Administrator manage and monitor Azure.
• Ensure that IT security audits are conducted periodically or as needed.
• Assist in the development and maintenance of the Business Continuity (BC) and Disaster Recovery (DR) plans.
• Assist in development, maintenance and testing of the company\'s security incident response plan.
• Develop and understand all testing necessary for a successful BC/DR execution.
• Assist and mentor desktop support and end users when they need to install or learn about new security products and/or procedures.

• Provide security reporting at multiple levels (Senior Leadership, Clients, Internal Teams).
• General task and project-level reporting.
• Weekly, monthly, quarterly, yearly, threat assessment and reporting.
• Perform other related duties as assigned.
• Own and update documentation for ISO audits.

KNOWLEDGE & EXPERIENCE:

(Includes technical knowledge, qualifications, legislation, regulations etc)

• Good understanding of risk, threat and vulnerabilities.
• Solid working knowledge of Microsoft Intune and Defender.
• Excellent understanding of technical security controls and solid implementation experience.
• Solid Microsoft Active Directory experience and/or certification.
• Prior experience with ISO documentation and standards is preferred.
• Solid understanding of the NIST Cybersecurity Framework.
• Solid knowledge of incident response principals.
• Solid knowledge of threat intelligence and frameworks such as MITRE ATT&CK
• Experience or exposure in IS027001 and SOC2 security frameworks
• Knowledge in Certificates, MFA, Vulnerability Management and Penetration Testing
• Knowledge on different IT domains - Network, Infrastructure, Systems Administration, Software Development, Database Administration, Change Management, Incident Management

SKILLS:

• String cybersecurity tooling (MDM, Endpoint protection, IDS, WAF, Password Manager)
• Ability to identify gaps and/or risk exposure in programs.
• Strong problem solving and organizational skills.
• Strong written/verbal communication skills.
• Able to interact with stakeholders in cross-functional teams.
• Good team player interested in sharing knowledge and cross-training other team members and shows interest in learning new technologies and products.
• Ability to create documents of quality.

ATTITUDES/BEHAVIOURS:

(Includes additional attributes which would facilitate best results from the role)

• Ability to work independently and with others.
• Extremely organized with strong time-management skills.
• Role models the company\'s values based culture.
• A professional approach - integrity, maturity, ethical and honest behaviour.
• Discreet with sensitive information.
• Results oriented.
• Client service focus.
• Detail oriented, analytical and inquisitive.
• Flexible attitude to work - prepared to do whatever is needed to achieve the required outcome.

Step Into the Smartsourcing Experience

Smartsourcing was created with one mission: to change lives. We\'re here to ensure that businesses flourish and, just as importantly, that every member of the crew is inspired, supported, and set up to thrive. For the fifth year running, we\'ve been recognized as one of HR Asia\'s Best Companies to Work For. This award isn\'t just a title--it\'s a testament to our commitment to making Smartsourcing an incredible place to build a career.

Why You\'ll Love Working Here

At Smartsourcing, we believe the best work comes from people who feel seen, heard, and valued. That\'s why we\'re all about fostering an environment where you can be your true self. We take pride in being certified as a Great Place to Work, because we know that when you love where you work, extraordinary things happen. Here\'s just a glimpse of what we offer:

• Weekends are yours (we respect your time off)
• 5-day Christmas Leave (unwrap real time off)
• Healthcare from Day 1 for you and your family (because healthcare matters)
• Free lunch and barista-crafted coffee daily (we take our caffeine seriously)
• Night shift differential for evening schedules
• Subsidized gym membership and sports wellness clubs including hiking and free-diving
• Smartsourcing Exclusives (deals made just for you)
• Themed BFFs, monthly knockoffs, summer parties
• Community give-back programs and personal development workshops
• And so much more!

We\'re not just another outsourcing company. We\'re building something that actually matters here a place where good work meets good culture.

If you\'re ready to push cybersecurity to the next level, this role is waiting for you. Apply now at Smartsourcing.