Information Security Analyst

Information Security Analyst - Global Risk, Compliance & BCPLocation: Taguig CityWork set up: HybridSalary: PHP 70,000-75,000Work schedule: Mid shiftHeadcount: 1Qualifications:• Bachelor’s in engineering/science, Computer Science, Cybersecurity, or related field (Master’s preferred).• Certifications such as ISO27001, CISA, CISSP, CISSP, or BCP/DR-related certifications (e.g., CBCP, ISO 22301 Lead Implementer) are a plus.• 5–7 years in Information Security, Risk, or Compliance functions• Familiarity with BCP/DR planning, testing, and integration into risk management and audit functions.• Exposure to cybersecurity concepts, SIEM, firewalls, and vulnerability management tools, with the ability to work alongside SOC/technical teams.• Understanding of information security principles, GRC frameworks (ISO 27001, NIST, CIS, PCI-DSS), and risk assessment methodologies• Awareness of cloud security principles, regulatory requirements, and emerging technologies like AI in compliance and resilience contexts.•Strong communication, analytical problem-solving, and ability to translate security and risk concepts for diverse business stakeholders.• Reject applicants with frequent job switching or serial job-hoppers• Must not currently or formerly be employed with CGI• No active recent application with CGI• Should be amenable to work onsite on a hybrid setup in Taguig• Amenable to mid-shift scheduleJob Description• Support Security Business Partners in delivering governance, risk, and compliance initiatives.• Conduct risk assessments, vulnerability tracking, and remediation follow-ups.• Coordinate security audits (internal and external), ensuring evidence collection and compliance reporting.• Assist in developing, testing, and maintaining Business Continuity Plans (BCP) and Disaster Recovery (DR) exercises to ensure organizational resilience.• Collaborate with technical and business teams during incident response, focusing on process coordination.• Prepare reports, dashboards, and documentation to support compliance, audit readiness, and executive reporting.• Contribute to security awareness and compliance training initiatives across the enterprise.• Align security processes with frameworks such as NIST, ISO 27001, CIS Controls, and relevant regulatory requirements.Perks and benefits• Medical• Miscellaneous allowance• Dental• Provident Fund