Information Security process analystWonders Corporation
Workplace: NegrosOriental
Salary: Agreement
Work form: Full time
Posting Date: 07/11/2025
Deadline: 08/08/2022
Job Description:
Key Responsibilities:
Responsible for the revision and/or creation of ISO 27001/ ISMS documentations.
Develops presentation materials on policy implementations; documents agreements and concerns related to the presentations made to concerned parties.
Ensures that all Business processes are documented in the same format/structure, presented in an easily digestible format, and are readily available to all users.
Reviews current documentation and best practices.
Perform and create ISMS Management Reviews
Highlight gaps and agree on next steps/timings to document all ISMS Business Processes.
Pilot/Road Test documentation with end-users to ensure information is fit for purpose.
Supports new process/changes with 'as is' and 'to be' documentation.
Reviews and advice on resources requirements necessary.
Other Key Responsibilities:
Details out workflow and establishes and embeds necessary controls based on ISO 27001:2013 / 27002
Provides relevant information/data for identified process deviations and incidents as a means to aid the Information Security Lead in formulating appropriate and specific action plans that will address such deviations.
Develops presentation materials on policy implementations; documents agreements and concerns related to the presentations made to concerned parties.
Monitors test run/pilot of new or modified policies, processes, and procedures, addresses concerns of process owners that affect the company's information security practice.
Conducts risk assessment of the assigned department to identify the root cause of the problem and recommend an action plan.
Conducts audit testing of specified area and identity reportable issues and dimension of risk.
Determines compliance with ISMS policies and procedures.
Thoroughly examines financial records, information storage systems and internal controls to ensure there are no indications of mismanagement, unnecessary waste of resources or fraud.
Timely prepares ISMS Annual ISMS Audit Plan.
Recommends changes to policies and/or procedures to increase efficiency of operations and control over company assets.
Ensures timely implementation of all agreed upon recommendations.
Designs and implements cost-effective procedures to ensure that internal controls are effective for reliable and safeguards the company's assets to provide for efficient processes and procedures that achieve regulatory compliance
Guides co-auditors in the assigned tasks and provides the immediate superior of progress reports
Requirements
Who you are
● You enjoy working with a team (in-person or online) and alone as the situation dictates.
● You have a great sense of humor.
● You are passionate, optimistic, and energetic.
● You have an insatiable thirst for knowledge and improvement and the desire to grow in your role and in the company.
● You work for the best interest of the group at all times.
Qualifications:
Bachelor's degree in computer science or Information management
Experience in implementation, Documentation, Internal audit, 3rd party Certification Audit from ground up ISO 27001:2013/ ISMS
Excellent organizational and communication skills (both oral and written)
Experience in risk management , compliance, and information security policy implementation and ISMS internal audits and documentation
Knowledge of laws and regulations including but not limited to RA10173 or the Data privacy Act of 2012, PCI DSS guidelines and implementation.
Experience with development of cybersecurity educational and awareness programs
Knowledge of information security processes and controls including risk and control frameworks
Candidates should have experience in the following:
NIST Frameworks , ITIL v4 best practices is a plus
IT security and control best practices is a plus
Skills and Certifications that are good to have but not required:
Certification in information security
Advance knowledge in OSI framework
ITIL v4 Certified
Wonders Corporation
Key Responsibilities:
Responsible for the revision and/or creation of ISO 27001/ ISMS documentations.
Develops presentation materials on policy implementations; documents agreements and concerns related to the presentations made to concerned parties.
Ensures that all Business processes are documented in the same format/structure, presented in an easily digestible format, and are readily available to all users.
Reviews current documentation and best practices.
Perform and create ISMS Management Reviews
Highlight gaps and agree on next steps/timings to document all ISMS Business Processes.
Pilot/Road Test documentation with end-users to ensure information is fit for purpose.
Supports new process/changes with 'as is' and 'to be' documentation.
Reviews and advice on resources requirements necessary.
Other Key Responsibilities:
Details out workflow and establishes and embeds necessary controls based on ISO 27001:2013 / 27002
Provides relevant information/data for identified process deviations and incidents as a means to aid the Information Security Lead in formulating appropriate and specific action plans that will address such deviations.
Develops presentation materials on policy implementations; documents agreements and concerns related to the presentations made to concerned parties.
Monitors test run/pilot of new or modified policies, processes, and procedures, addresses concerns of process owners that affect the company's information security practice.
Conducts risk assessment of the assigned department to identify the root cause of the problem and recommend an action plan.
Conducts audit testing of specified area and identity reportable issues and dimension of risk.
Determines compliance with ISMS policies and procedures.
Thoroughly examines financial records, information storage systems and internal controls to ensure there are no indications of mismanagement, unnecessary waste of resources or fraud.
Timely prepares ISMS Annual ISMS Audit Plan.
Recommends changes to policies and/or procedures to increase efficiency of operations and control over company assets.
Ensures timely implementation of all agreed upon recommendations.
Designs and implements cost-effective procedures to ensure that internal controls are effective for reliable and safeguards the company's assets to provide for efficient processes and procedures that achieve regulatory compliance
Guides co-auditors in the assigned tasks and provides the immediate superior of progress reports
Requirements
Who you are
● You enjoy working with a team (in-person or online) and alone as the situation dictates.
● You have a great sense of humor.
● You are passionate, optimistic, and energetic.
● You have an insatiable thirst for knowledge and improvement and the desire to grow in your role and in the company.
● You work for the best interest of the group at all times.
Qualifications:
Bachelor's degree in computer science or Information management
Experience in implementation, Documentation, Internal audit, 3rd party Certification Audit from ground up ISO 27001:2013/ ISMS
Excellent organizational and communication skills (both oral and written)
Experience in risk management , compliance, and information security policy implementation and ISMS internal audits and documentation
Knowledge of laws and regulations including but not limited to RA10173 or the Data privacy Act of 2012, PCI DSS guidelines and implementation.
Experience with development of cybersecurity educational and awareness programs
Knowledge of information security processes and controls including risk and control frameworks
Candidates should have experience in the following:
NIST Frameworks , ITIL v4 best practices is a plus
IT security and control best practices is a plus
Skills and Certifications that are good to have but not required:
Certification in information security
Advance knowledge in OSI framework
ITIL v4 Certified
Wonders Corporation
Other Info
Dumaguete City, Negros Oriental
Permanent
Full-time
Permanent
Full-time
Submit profile
Wonders Corporation
About the company
Wonders Corporation jobs
Pasig City, Metro Manila
Position Information Security process analyst recruited by the company Wonders Corporation at NegrosOriental, Joboko automatically collects the salary of , finds more jobs on Information Security Process Analyst or Wonders Corporation company in the links above
About the company
Wonders Corporation jobs
Pasig City, Metro Manila