Cybersecurity Compliance Analyst – APAC

This is a fully remote position, open to applicants in Philippines.

📋 Description

• Support vCISOs in implementing various components and projects, including risk assessments, as part of a security program.

• Collaborate directly with clients to comprehend their operations and customize security policies and procedures that align with their organization.

• Act as the subject matter expert for Kobalt’s security education platform.

• Regularly design and conduct phishing tests for clients.

• Provide assistance with compliance audit readiness as needed.

• Provision, implement, and oversee Vanta or a similar GRC platform for clients.

• Develop new tools and techniques to streamline labor-intensive tasks into processes that can be completed in significantly less time.

• Document best practice procedures for commonly utilized technologies to standardize deployment.

• Identify system misconfigurations, provide recommendations for clients, and assist as necessary.

• Collaborate with team members to enhance improvements, discover new insights, and produce innovative and insightful security use-cases.

• Collect regular metrics that highlight key activities, measurable achievements, and any obstacles encountered.

• Contribute to the design and development of Kobalt’s service offerings through constructive feedback and a positive attitude as a member of the security delivery team.

• Help enhance our top-tier security services by creating knowledge-base articles and service documentation.

• Engage with customers through our ticket system, chat, email, phone, or other communication channels as required.

⛳️ Requirements

• 2-3 years of experience in Security Technologies, Information Security, Business Resilience, Technology Risk, or related areas.

• Experience dealing with external-facing clients.

• Ability to work independently and collaboratively with teams to identify and address challenges and navigate roadblocks.

• Effective communication skills, both verbal and written, with clients and internal teams.

• Knowledge of cybersecurity domains, including Security Operations (both on-premise and cloud), Security Engineering, and Information Risk Management.

• Capability to articulate secure best practices across various aspects of information risk management concerning people, processes, and technology.

• Proficient in report writing with a focus on spelling, grammar, word usage, and the ability to summarize responses addressing the Who, What, Where, When, How, and, if possible, Why.

• Strong communication abilities: adept at summarizing information, detecting commonalities, and synthesizing a group of facts into contextual information that can validate or refute a hypothesis.

• Quick learner with the ability to adapt security best practices to a wide array of technologies utilized by clients.

• Nice to have: Intermediate coding or scripting skills to assist in automating processes and scaling implementation efforts.

• Familiarity with technical system access controls, their application, and the benefits derived from them.

• Capacity to provide on-the-job training and knowledge sharing to fellow team members.

• Strong sense of integrity and alignment with the organization's mission.

• Strong intuition and the ability to think innovatively.

• Attention to detail while maintaining a broader perspective.

🏝️ Benefits

• Competitive salary and benefits package.

• Exposure to diverse client environments.

• Opportunities for professional development.

• Fun and inclusive company culture.