Cybersecurity Governance, Risk, and Threat Analyst

Cebu City, Cebu
Permanent
Full-time

6 days ago
Apply easily

Protect. Prevent. Empower. Be a Cybersecurity Governance, Risk, and Threat Analyst at Smartsourcing and keep businesses safe, compliant, and resilient.Hi! We're Smartsourcing and we're on the lookout for a full-time and onsite Cybersecurity Analyst. Here, we exist to protect what matters most—people, data, and trust. This role strengthens that mission by combining governance, risk management, and threat intelligence to keep businesses resilient.Where? 📍JEG Tower, Archbishop Reyes, Corner Acacia St., Barangay Kamputhaw, Cebu City, 6000 CebuAbout the RoleThe Cybersecurity Advocate, Risk & Threat Analyst strengthens the organization’s security culture by combining awareness training, threat analysis, and compliance oversight. This role leads purple-team exercises, manages incidents, and drives security-first behavior to reduce risk and ensure regulatory alignment.Key ResponsibilitiesMaintenance of Governance Framework

Develop, update, and assist in the enforcement cybersecurity policies, standards, and guidelines aligned with business objectives and regulatory frameworks.
Management of cybersecurity process workflows.

Cybersecurity Awareness & Training

Coordinate and deliver internal communication on cybersecurity awareness, updates, critical alerts and cybersecurity posture.
Lead cybersecurity awareness training across departments, ensuring higher participation rates.
Facilitate phishing simulations and training feedback loops.
Ensure communication plans are tested and aligned with organizational policies.
Ensure communication plans and cybersecurity training programs are tested and aligned with organizational policies and compliance requirements.

Threat and Risk Management

Advise internal stakeholders on emerging risks and proactive mitigation strategies.
Track and manage incidents ensuring incidents have updated documentation and reporting.
Maintain compliance rates for Keeper usage, breach watch alerts and engagement across teams.
Provide policy enforcement and support to all Departments
Champion secure behavior, working closely with functional team leads to embed controls in day-to-day operations.
Supports risk identification, assessment, and mitigation tracking.
Perform and assist internal departments in business assessments to analyse risks and opportunities through appropriate tools.

Compliance, Audit & Reporting

Champion compliance efforts across the business
Lead compliance checks and audit preparation aligned with ISO 27001 and other regulatory standards.
Produce structured reports for audits, team metrics, training KPIs, and incident summaries.
Support documentation updates related to ISMS and audit tracking.

RequirementsKNOWLEDGE & EXPERIENCE:

Knowledge of threat detection and purple teaming concepts
Experience in coordinating or delivering cybersecurity awareness training
Familiarity with password management and security alert systems (e.g. Keeper)
Working knowledge of ISO 27001 and regulatory frameworks
Knowledge of incident management and SLA-based resolution practices
Strong report-writing and KPI tracking experience
Strong technical communication skills
Solid understanding of the NIST Cybersecurity Framework
Solid knowledge of threat intelligence and frameworks such as MITRE ATT&CK

SKILLS:

Effective communicator, with strong written and verbal presentation skills
Ability to lead cross-departmental training programs
Strong understanding of threat remediation tools and techniques
Organized, with strong attention to documentation and audit-readiness
Comfortable leading purple-team simulations and collaboration
Capable of interpreting metrics and adapting strategy based on findings
Able to interact with stakeholders in cross-functional teams.
Good team player interested in sharing knowledge and cross-training other team members and shows interest in learning new technologies and products.
Ability to create documents of quality.

BenefitsStep Into the Smartsourcing Experience 😄Smartsourcing was created with one mission: to change lives. We’re here to ensure that businesses flourish and, just as importantly, that every member of the crew is inspired, supported, and set up to thrive. For the fourth year running, we’ve been recognized as one of HR Asia’s Best Companies to Work For. This award isn’t just a title—it’s a testament to our commitment to making Smartsourcing an incredible place to build a career.Why You’ll Love Working HereAt Smartsourcing, we believe the best work comes from people who feel seen, heard, and valued. That’s why we’re all about fostering an environment where you can be your true self. We take pride in being certified as a Great Place to Work, because we know that when you love where you work, extraordinary things happen. Here’s just a glimpse of what we offer:

😊 Weekends are yours (we respect your time off)
🎄 5-day Christmas Leave (unwrap real time off)
👩‍⚕️ Healthcare from Day 1 for you and your family (because healthcare matters)
☕ Free lunch and barista-crafted coffee daily (we take our caffeine seriously)
💰 Night shift differential for evening schedules
🏋️ Subsidized gym membership and sports wellness clubs including hiking and free-diving
🙌 Smartsourcing Exclusives (deals made just for you)
🥳 Themed BFFs, monthly knockoffs, summer parties
🧘🏼‍♂️ Community give-back programs and personal development workshops

And so much more!

We're not just another outsourcing company. We’re building something that actually matters here – a place where good work meets good culture.🔐 Secure your future while securing others. Apply now at Smartsourcing.

Smartsourcing