The IT Security Department is responsible for protecting the bank against all manner of cyber threats. Effective Vulnerability Management is essential to the success of this mission. As a Vulnerability Management Security Analyst, you will be responsible for detecting, assessing and contextualizing various security vulnerabilities and configuration gaps so that corrective actions can be prioritized and implemented accordingly. IT and business unit leaders will look to your analysis to properly allocate resources for the needed remedial actions.

Role Responsibilities:

• Evaluate, implement and run relevant security products and solutions to enhance bank’s ability to detect and assess vulnerabilities in its applications and infrastructure
• Coordinate periodic corrective and preventive maintenance of security systems
• Conduct vulnerability assessment for IT systems
• Analyze and contextualize security findings, corresponding risks and remediation steps
• Socialize security findings to corresponding application / system owners
• Monitor and report security findings using BDO’s service management / reporting tool
• Provide guidance to IT engineers to resolve address detected system vulnerabilities
• Perform root-cause analysis as needed, and take necessary steps to prevent recurrence

Competencies:

• Technical Skills: Skilled in Systems Delivery and Maintenance, Vulnerability Assessment and Penetration Testing, Tools Engineering, System Administration and Maintenance, Risk Management, Audit and Compliance, and Vendor Management
• Communication Skills: Excellent communication and interpersonal skills, with the ability to effectively communicate complex concepts to diverse audiences and build consensus
• Analytical Skills: Problem-solving capabilities, strong analytical skills, and flexibility to be able to handle complex situations as necessary
• Ability to work independently and collaborate with teams in completing tasks and initiatives

Qualifications:

• Preferred to have a Bachelor’s Degree in Computer Engineering, Computer Science, Electronic and Communication Engineering, or similar
• Minimum 3 years of relevant IT experience – Vulnerability Management
• Experience as an IT security professional in a financial institution is a plus
• CISP and/or CISM certification is a plus, but not required
• Candidate must be willing to work in Makati.