Information Security Officer

An exciting opportunity has opened for an Information Security Officer at a growing fintech company in Pasig.

The Information Security Officer will serve as the bridge between legal/compliance and technology functions to ensure the company meets regulatory, security, and operational requirements. This role combines policy creation and governance with technical oversight, ensuring that security measures, standards, and audits are properly implemented, monitored, and validated across cloud and application environments.

What you'll do:

• Partner with company lawyers and compliance officers in creating, reviewing, and maintaining information security policies aligned with legal, regulatory, and industry standards (e.g., Data Privacy Act, ISO 27001).

• Translate policies into technical controls and processes across cloud infrastructure, applications, and systems.

• Oversee and validate penetration testing and vulnerability assessments (conducted internally or via third-party vendors); ensure findings are addressed and remediated.

• Coordinate and support security audits and certifications (ISO, regulatory audits, internal compliance reviews).

• Implement and monitor cybersecurity systems and tools (firewalls, SIEM, IDS/IPS, endpoint protection, etc.) to strengthen defenses.

• Continuously review and validate the effectiveness of existing security systems, controls, and processes.

• Act as subject matter expert (SME) for security compliance requirements, ensuring that business initiatives align with security best practices.

• Provide regular reports on the organization’s security posture to leadership and stakeholders.

What you bring:

• Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or related field.

• Proven experience (3–5+ years) in information security, cybersecurity governance, or IT risk/compliance.

• Solid understanding of cloud security (AWS, Azure, GCP) and application security principles.

• Working knowledge of VAPT tools and methodologies (not necessarily hands-on, but enough to validate vendor/third-party results).

• Familiarity with ISO 27001, NIST, PCI-DSS, or similar standards.

• Experience supporting or managing security audits and compliance reviews.

• Strong communication skills, with the ability to work effectively with both technical teams and legal/compliance stakeholders.

• Security certifications (e.g., ISO 27001 Lead Implementer/Auditor, CISSP, CISM, CEH) are a plus.

What sets this company apart:

• Opportunity to build and shape the company’s security governance framework in a fast-growing fintech environment.

• Exposure to both policy/regulatory and technical security domains.

• Collaborative environment working with cross-functional teams (Legal, Compliance, Engineering, IT).

What's next:

Should you wish to embrace a rewarding challenge wherein your expertise shapes the future of information security within a flourishing fintech environment—this is your distinguished opportunity.

Kindly submit your application today by clicking on the link provided—your next professional chapter awaits.

Due to the high volume of applications we are experiencing, our team will only be in touch with you if your application is shortlisted.