Information Security Analyst - Policy Assistant

At Umpisa Inc., our mission is to make the Philippines be known globally as a tech hub. 

Umpisa Inc. is a progressive technology services company that partners with select industries, clients and people to work on pioneering and industry-changing solutions via digital transformation, modern software development and venture building.

We create a set of world-class and impactful products and solutions to help organizations and individuals live better lives. We offer demanding, challenging and rewarding careers in software development, product development, emerging technologies, and more for the right candidates.

As Information Security Analyst - Policy Assistant, you will:

• Assist the Information Security Officer with reviewing, updating and documenting changes to existing and new information security policies, procedures and internal standards, to meet and comply with regulatory, industry and cybersecurity requirements
• Assist the Information Security Office in presenting and communicating security policies, procedures, standards, best practices, guidance and controls to review committees and other stakeholders
• Perform business analysis by working with cross-functional internal stakeholders and external clients to understand their business needs and establish, design, build, and operationalize necessary policies, procedures, standards and guidelines.
• Research and perform gap analysis over existing and new cyber security regulatory requirements, compliance regulations and policies, and recommend changes accordingly.
• Compliance Monitoring: Support the implementation and monitoring of security policies to ensure compliance with applicable laws, regulations, and industry standards (e.g. ISO 27001, NIST)
• Participate in internal, external or regulatory audits as required. 
• Other work or projects as assigned.

Requirements

Essential Skills:

• Aligns with our values: Excellence, Integrity, Professionalism, People Success, Customer Success, Fun, Innovation and Diversity
• Strong communication skills
• Strong problem solving and analytical skills
• Excellent problem-solving ability
• Would like to work as part of a self-organizing Scrum team in a scaled agile framework
• Must be a self-starter and loves to collaborate with the team and client.

Minimum Requirements:

• A minimum of 3 years of relevant working experience in information security, compliance, and analyzing information security policy requirements and recommending changes.
• Experience communicating policies and compliance requirements with both technical and non-technical audiences at various levels in the organization.
• Good experience in establishing and performing policy, standard and procedure assessment in a cloud-based environment, technologies, and services.
• Good experience defining, revising, and implementing corporate information security policies, standards, processes, guideline, and related regulatory expectations.
• Familiarity with various industry frameworks and requirements including NIST framework, ISO 27001, PCI DSS, SOC 2, etc.
• Passionate in ensuring the confidentiality, integrity, and availability of our critical assets and contributing to our organization's information security initiatives by applying your knowledge and attention to details.
• Able to work and communicate well with different stakeholders. 
• Remains composed when decisions have to be made quickly.

Preferred:

• Good understanding of regulatory requirements in different markets the organization operates (e.g., MAS, HKMA, FSC, BNM, BSP, BOT).
• Experience working on cloud technology and services. 
• Good understanding of security risk and compliance assessment, process, and procedures
• Good to have Cybersecurity Fundamental certifications such as CompTIA Security+, ISC, etc
• Able to develop and implement new and improved ways of doing work; encourage staff and guide organization and foster a positive security behavior and posture.

Benefits

• HMO
• Paid Time Off
• 13th Month Pay
• Training Benefits
• Allowance