Information Technology Security Engineer

THE COMPANY Singlife’s purpose is to democratize access to meaningful financial protection. Our unique business model uses the smartest technologies to put you in control of your finances, by providing tools and solutions that fit your needs, your budget, and are always on hand. A start-up in a longstanding industry, the company has showed how combining new technologies with life insurance makes it possible for people to manage their finances more effectively and efficiently. Singlife is growing at an exceptional rate driven by a growing portfolio of partnerships with platforms like GCash, where we make our meaningful insurance propositions more accessible to the wider market.Job OverviewThe IT Security Engineer supports the implementation and maintenance of the organization’s ITsecurity infrastructure. This role contributes to protecting systems and data from unauthorizedaccess, threats, and vulnerabilities. The engineer works under the guidance of senior teammembers and collaborates with other IT professionals to help ensure that security measures areincorporated into development and operational processes.Key Responsibilities:Security Infrastructure Support• Assist in the setup and basic configuration of security tools such as firewalls,intrusion detection systems, and encryption technologies.• Support the evaluation of security products by gathering information and helpingwith testing under supervision.• Help ensure that implemented security measures align with company policies andcompliance requirements.Monitoring and Incident Response• Monitor alerts from security systems and report unusual activities to senior teammembers.• Participate in initial investigations of security incidents and assist in documentingfindings.• Support post-incident reviews and help implement basic corrective actions.Policy and Compliance Assistance• Help enforce security policies and procedures across teams.• Assist in maintaining documentation for compliance with standards like ISO 27001,GDPR, or NIST.• Participate in internal audits by preparing reports and collecting evidence asneeded.Risk Awareness and Mitigation• Contribute to risk assessments by collecting data and helping identify potentialvulnerabilities.• Support the implementation of basic risk mitigation strategies under guidance.• Stay informed about common security threats and share updates with the team.Team Collaboration and Learning• Work closely with IT and development teams to understand how security fits intodaily operations.• Provide basic security support to other departments and escalate complex issues.• Help organize and deliver security awareness sessions and materials to employees.Incident Management Support• Assist in maintaining and updating incident response documentation.• Participate in mock drills and real incident response efforts under supervision.• Help document incidents and lessons learned for future reference.Process Automation Support• Assist in identifying manual and repetitive tasks within security operations (e.g., logreviews, alert triaging, access reviews) and infrastructure management (e.g.,patching, system health checks).• Support the development and deployment of automation scripts or tools tostreamline these tasks using basic scripting languages or automation platforms.• Collaborate with senior engineers to integrate automation into existing workflows,ensuring minimal disruption and improved efficiency.• Help document automated processes and provide support during testing androllout phases.Qualifications:• Bachelor’s Degree in Information Technology or Computer Science, or a related field.• 2 to 5 years of experience in IT security engineering or a related role.• Strong knowledge of security technologies and practices, including firewalls, SIEM,IDS/IPS, and endpoint protection.• Experience with security frameworks and standards (e.g., ISO 27001, NIST, CIS).• Excellent analytical, problem-solving, and communication skills.• Ability to work in a fast-paced environment and handle multiple tasks simultaneously.Preferred Qualifications:• Professional certifications such asISC(2) CC, GuideM EHVAPT or CDTH,CEH or CompTIA Security+• Experience with cloud security (e.g., AWS, Azure, Google Cloud).• Familiarity with DevSecOps practices and tools.• Knowledge of penetration testing and vulnerability management.