Cybersecurity/Information Security Administrator

The Cybersecurity / Information Security Administrator is responsible for safeguarding the organization’s information systems, networks, and data against internal and external threats. This role involves implementing, managing, and monitoring security controls, policies, and technologies to ensure confidentiality, integrity, and availability of information assets. The Cybersecurity Administrator also responds to incidents, performs risk assessments, and works closely with IT and business units to enforce best practices in information security and regulatory compliance.

Key Responsibilities and Duties
Administer and maintain security tools such as firewalls, SIEM, antivirus, endpoint detection and response (EDR), intrusion detection/prevention systems (IDS/IPS), and data loss prevention (DLP) solutions.
Monitor and analyze security alerts, logs, and events to detect potential threats or suspicious activities.
Respond to security incidents, perform root cause analysis, and implement corrective actions.
Manage user access, identity, and authentication systems, including multi-factor authentication (MFA) and privileged access management (PAM).
Conduct regular vulnerability assessments and penetration testing; oversee remediation efforts.
Implement and enforce security policies, standards, and procedures across the organization.
Ensure compliance with relevant regulations and frameworks (ISO 27001, NIST, GDPR, HIPAA, PCI-DSS).
Provide security awareness training and guidance to employees.
Assist in disaster recovery and business continuity planning with a focus on security.
Document incidents, findings, and improvements for audit and compliance reporting.

Tasks
Configure and update security appliances, including firewalls and intrusion prevention systems.
Review system and application logs for signs of unauthorized access or anomalies.
Patch and harden operating systems, applications, and network devices against vulnerabilities.
Manage encryption for data in transit and at rest.
Conduct risk assessments and recommend security enhancements.
Simulate phishing attacks and track employee compliance with awareness training.
Collaborate with IT teams on secure configurations for servers, networks, cloud environments, and applications.
Prepare periodic security posture and incident response reports for management.
Participate in on-call rotation to respond to urgent security alerts.

Minimum Requirements
Bachelor’s degree in Information Security, Computer Science, Information Technology, or related field (or equivalent work experience).
At least 3–5 years of experience in cybersecurity, information security, or IT security administration.
Strong understanding of cybersecurity principles, frameworks, and best practices.
Hands-on experience with firewalls, SIEM platforms, antivirus/EDR, and intrusion detection/prevention tools.
Knowledge of operating system security (Windows, Linux) and network protocols (TCP/IP, DNS, DHCP).
Familiarity with identity and access management (IAM), MFA, and PAM solutions.
Experience in conducting risk assessments and vulnerability management.
Strong analytical, incident response, and problem-solving skills.
Excellent communication skills and ability to document technical findings clearly.
Must be willing to work onsite in Davao City.
Must be amenable to work schedule changes.

Preferred Requirements
Industry certifications such as CompTIA Security+, CEH (Certified Ethical Hacker), CISSP, CISM, CISA, or GIAC certifications.
Experience with cloud security (AWS, Azure, GCP security controls).
Familiarity with Zero Trust security frameworks and modern endpoint protection.
Knowledge of regulatory compliance requirements (ISO 27001, NIST CSF, GDPR, HIPAA, PCI-DSS).
Experience in penetration testing and red team/blue team operations.
Proficiency in scripting or automation (Python, PowerShell, Bash) for security tasks.
Exposure to security orchestration, automation, and response (SOAR) platforms.
Background in forensic analysis and malware investigation.