Cyber Security Vulnerability Assessment and Penetration Testing Head
SM Investments • Manila, Metro Manila, Philippines
Role & seniority: Cyber Security Vulnerability Assessment and Penetration Testing Head; Mid-Senior level, Full-time
Stack/tools: Vulnerability assessment (VA) tools, threat intelligence feeds, automation initiatives, policy/configuration management, WAF, Snyk, firewall rule reviews, password audits
Top 3 responsibilities
-
Lead vulnerability management across infrastructure and applications; analyze scans and coordinate remediation
-
Drive automation of security processes and feasibility studies for new security measures
-
Monitor threats and perform risk assessments for new apps/architectures; oversee periodic security operations and remediation coordination
Must-have skills
-
Bachelor’s in CS/InfoSec or related field; 5+ years relevant experience
-
Strong knowledge of security fundamentals, vulnerability management, and risk analysis
-
Familiarity with VA tools, threat intelligence, automation; excellent communication, analytical, and problem-solving skills
Nice-to-haves
-
Development experience
-
Security certifications (CISSP, CISM, CEH)
-
Location & work type: Pasay City, Philippines; On-site; Full-time
-
Industry context: IT security role supporting a large conglomerate with financial services footprint; focus on securing digital ecosystems across retail, banking, and property areas
Full Description
Cyber Security Vulnerability Assessment and Penetration Testing Head SM Investments | Pasay City | On-site
At SM Investments, we shape sustainable growth stories that uplift industries and communities. Join one of the Philippines’ leading conglomerates and help safeguard a dynamic ecosystem of retail, banking, and property businesses.
About the Role We’re looking for a highly motivated Cyber Security Vulnerability Specialist who will lead vulnerability management and remediation efforts across our organization. You will drive assessments, automation, threat monitoring, and risk analysis to ensure a secure and compliant environment.
What You’ll Do
Vulnerability & Compliance Management Lead daily infrastructure and application vulnerability scanning and onboarding Analyze scan results, prepare reports, and coordinate timely remediation Conduct policy compliance scans and maintain updated security records Automation & Feasibility Identify opportunities to automate security processes Develop and improve automation initiatives Perform feasibility studies for new security measures Threat Monitoring & Risk Assessment Track daily threat intel, bulletins, and industry trends Handle risk assessments for new apps, architectures, and exemption requests (WAF, Snyk, whitelisting, etc.) Provide recommendations to mitigate identified risks Periodic Security Operations Manage policy configuration, onboarding, firewall rule reviews, and password audits Coordinate remediation activities across teams What We’re Looking For Bachelor’s degree in Computer Science, Information Security, or related field At least 5 years of relevant experience Strong understanding of security principles, vulnerability management, and risk analysis Familiarity with VA tools, threat intelligence, and automation Excellent communication, analytical, and problem-solving skills Development experience is an advantage Security certifications (CISSP, CISM, CEH) are a plus
Why Join Us? Be part of a team that protects the digital backbone of one of the country’s largest and most influential conglomerates. If you’re passionate about security, continuous improvement, and high-impact work — we’d love to meet you.
Apply now and help secure SM’s digital future.
Seniority level Mid-Senior level Employment type Full-time Job function Information Technology Industries Mga Pinansyal na Serbisyo
