Cyber Security Analyst

We are a dynamic and innovative company seeking a Cyber Security Analyst to join our team. In this role, you will be responsible for overseeing Jollibee North America’s Cyber Security including compliance with Payment Card Industry (PCI) Data Security Standard (PCI DSS), disaster recovery, and database protection. This role also works to plan and design security solutions and capabilities to identify, protect, detect, respond, recover from, and mitigate cyber threats and vulnerabilities.  Your strategic vision and technical expertise will be critical in protecting Jollibee and the team.

Responsibilities:

• Coordinate, manage, and maintain Cyber Security strategies and action plans for all Company information system assets, including disaster recovery, database protection, planning and designing security solutions and capabilities to identify, protect, detect, respond, recover from, and mitigate cyber threats and vulnerabilities. 
• Coordinate all information technology (IT) security-related compliance including but not limited to external/internal audits to ensure the security of all Company information systems assets. 
• Ensure compliance with Payment Card Industry Data Security Standard (PCI DSS) 
• Provide guidance and expertise to all teams on processes, controls, and objectives regarding audit and information security activities, best practices, and process improvement. 
• Maintain all Information Security Policy/Procedure documentation.
• Design action plans for policy creation and governance, disaster recovery, incident response and business continuity.  
• Develop security requirements using risk assessments, threat modeling, testing and analysis of existing systems.
• Execute security integration plans to protect existing infrastructure and to incorporate future solutions.
• Collaborate with IT Leadership to create clear, actionable Cyber Security Strategy with specific deliverables, timelines, and accountability to resolve information security issues and cybersecurity threats. 
• Utilize a variety of Cyber Security tools (SEIM, DLP, IPS, etc.) 
• Manage Security Awareness Campaigns Across all Business Units. 

Qualifications:

• Bachelor’s degree in Cyber Security, Information Technology, or a related field.
•  Industry-recognized certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Ethical Hacker (CEH).
• A minimum of 2 years of relevant experience in the field of Cyber Security.
• Prior experience in the restaurant or hospitality industry is a plus.
• Knowledge of various operating systems (Windows, Linux, macOS) and their security configurations.
• Knowledge of network security, including firewalls, intrusion detection/prevention systems, and VPNs.
• Familiarity with encryption technologies, secure coding practices, and application security.
• Ability to conduct comprehensive risk assessments and vulnerability scans.
• Proficiency in developing and implementing risk management strategies to protect the organization's digital assets.
• Experience in developing, implementing, and enforcing security policies, procedures, and guidelines.
• Knowledge of regulatory compliance requirements, such as GDPR, PCI DSS, and HIPAA, as applicable.
• Strong incident response skills, including the ability to investigate security incidents, contain threats, and develop incident response plans.
• Familiarity with digital forensics tools and techniques.
• Competence in creating and delivering security awareness training programs for employees to promote a security-conscious culture within the company.
• Excellent verbal and written communication skills to convey complex technical information to non-technical stakeholders.
• Ability to create and present reports on the company's security posture and recommendations to senior management.

Bonus: 15%