SUBSIDIARY ABS-CBN Corporation
POSITION Cybersecurity Architecture and Engineering Lead (Content & InfoSec Division)
WORK LOCATION National Capital Region
WORK ARRANGEMENT TYPE Hybrid
DATE POSTED November 26, 2024

BUSINESS SUMMARY

ABS-CBN is considered one of the country’s leading media and entertainment companies, with service offerings across the different platforms of media, servicing a wide array of customer segments. 
 
As an organization, ABS-CBN affirms its mission of being in the service of the Filipino and all of its stakeholders worldwide. The company is driven to pioneer, innovate and adapt as it continues to provide information, news and entertainment that connects Filipinos with one another and with their community - wherever they may be. ABS-CBN is firmly committed to pursuing excellence. 

Prior to the shutdown of its broadcast operations in 2020, ABS-CBN was the largest television network in the Philippines. As a radio broadcast company, it operated 22 radio stations including anchor radio stations in Mega Manila, DZMM and DWRR, in the AM and FM bands, respectively. 
 
The company delivers television programming outside of the Philippines to over 3 million viewers in North America, the Middle East, Europe, Japan, Australia, Canada, and other countries in Asia, through the internet and the Company’s global distribution platform, TFC, using DTH satellite service, cable television channels, IPTV, mobile applications and video streaming services. Its offerings are further complemented by subsidiaries focused on other multimedia services such as film production, music recording, telecommunications, and magazine and book publishing. 

RESPONSIBILITIES

    The Lead, Cyber Security Architecture and Engineering is responsible for designing, implementing, and managing the organization's cybersecurity architecture and engineering functions. This role ensures that security controls are effectively integrated into the organization's technology infrastructure, aligning with business objectives and regulatory requirements. The role is critical in building a secure and resilient IT environment and plays a key role in the organization's overall cybersecurity strategy.
     
    • Security Architecture Development
      • Design and develop cybersecurity architectures for technology systems, networks, and applications.
      • Ensure that security architecture aligns with business objectives and regulatory requirements.
      • Collaborate with technology and business teams to integrate security controls into new and existing systems.
      • Provide guidance and best practices for secure system design and development.
    • Security Technology Evaluation
      • Evaluate and select security technologies and tools that meet organizational needs.
      • Stay current with emerging security technologies and trends to enhance the organization's security posture.
      • Manage the lifecycle of security technologies, from selection through deployment and decommissioning.
    • Security Technology Standards and Guidelines
      • Develop and enforce technical security standards, guidelines, and procedures.
      • Ensure that security design and implementation comply with relevant industry standards (e.g., NIST, ISO 27001, CIS).
      • Provide guidance and best practices for secure system design and development.
    • Security Engineering and Implementation
      • Lead the implementation of security controls and technologies, including firewalls, encryption, identity and access management, and intrusion detection/prevention systems.
      • Develop and maintain secure configurations for systems and networks.
      • Work closely with the technology infrastructure and application teams to embed security in all engineering processes.
    • Security Testing and Validation
      • Oversee penetration testing, vulnerability assessments, and other security testing activities.
      • Validate the security of IT systems and applications before deployment.
      • Develop and implement procedures for continuous monitoring of security controls
    • Collaboration and Communication
      • Collaborate with cross-functional teams and business units, to ensure security is integrated into all projects.
      • Communicate security architecture and engineering concepts to technical and non-technical stakeholders.
      • Act as a key point of contact for security-related engineering inquiries.
    • Continuous Improvement
      • Continuously improve the security architecture and engineering practices based on lessons learned from incidents, new technologies, and evolving threats.
      • Foster a culture of security innovation and best practices within the engineering teams.
      • Mentor and train junior security engineers and architects.
    • Documentation and Reporting
    • Maintain comprehensive documentation of security architectures, engineering processes, and configurations.
    • Provide regular reports to the InfoSec Lead on the status of security architecture and engineering initiatives.
    • Ensure documentation meets regulatory and compliance requirements.
    • Other Roles and Functions which may be assigned from time to time some of which may include but not limited to:
      • Risk Assessment and Management
      • Incident Response Support
      • Security Control Tools Administration and Maintenance

REQUIREMENTS

    • Bachelor’s degree in Information Security, Computer Science, or related field; InfoSec/Cybersecurity certified preferred.
    • At least 5 years of experience in cybersecurity architecture and engineering.
    • Strong knowledge of security frameworks and standards, including NIST, ISO 27001, and CIS Controls.
    • 2-3 years of experience in Networking, Cloud, Internet Infrastructure and Application Development.
    • 2-3 years of experience with security technologies such as firewalls, IDS/IPS, encryption, and IAM.
    • Strong analytical and problem-solving skills.
    • Excellent communication and collaboration abilities

Preference will be given to candidates who APPLY ONLINE.