Share this job
Apply now »







Title:  Information Security Manager

Job ID:  69460
Country:  Philippines
City:  Taguig City
Professional area:  Information Technology
Contract type:  Permanent
Professional level:  Experienced

Taguig City, 00, PH, 1630


We’re JTI, Japan Tobacco International, and we believe in freedom

We think that the possibilities are limitless when you’re free to choose. We’ve spent the last 20 years innovating and creating new and better products for our consumers to choose from. It’s how we’ve grown to be present in 130 countries, and how we’ve grown from 40 to 4,000+ employees in the Philippines since 2009.


But our business isn’t just business, our business is our people. Their talent. Their potential. We believe that when they’re free to be themselves, to grow, travel and develop, amazing things can happen for our business. That’s why our employees, from around the world, choose to be a part of JTI. It’s why 9 out of 10 would recommend us to a friend, and why we’ve been recognized as INVESTORS IN PEOPLE in the Philippines


It’s the perfect moment for you to #JoinTheIdea. We’re opening our Global Business Service center in the heart of BGC Manila and looking for more than 300 bright minds to join a global multinational with an exciting start-up vibe.




The Information Security Manager exists to ensure that information security risks are effectively identified and mitigated throughout the organisation. Working closely with all members of the Information Security Program and Integration to manage Risk, Controls, Compliance, Awareness and Data Protection/Privacy as well participation in major security projects. The role is composed of a variety of activities including, tactical, operation and strategic activities in support of the Information Security program. The role will form a close communication connection between business locations, functions and Information Security - ensuring effective integration.


The purpose of the role is composed of a variety of activities:

  • Facilitate information security governance through the implementation of the information security governance program
  • Ensure IT P&P are understood and a high level of compliance is achieved
  • Support the understanding of all relevent regulatory compliance requirement 
  • Review and manage the cyber intelligence reports 
  • Support and drive end user information security awareness
  • Facilitate the implementation and adoption of major information security projects
  • Support business continuity planning ensuring plans are maintained and tested 
  • Rehearse the Cyber Crisis reponse action plan
  • Support digital investigations for Corporate Compliance and Legal Departments
  • Contribute to Information Security reporting in an accurate and timely manner



1) Business Services 

  • Become the efficient link between Information security and JTI organization (Regional markets, factories, leaf origins, global Business and IT functions, GBS, etc.)
  • Work with internal stakeholders to develop relationships to help promote and improve information security and provide security advice on procurements, projects and new initiatives as required.
  • Foster a collaborative and agile approach to maintaining the confidentiality, integrity and availability for JTI information to drive our 2030 vision

2) Risk, Control and Compliance

  • Support the development  and maintenance of information security policies and accompanying standards, procedures and guidance.
  • Support information security risk assessments as well identification of mitigating controls.
  • Support development and delivery of planned compliance reviews and ensure any gaps are addressed

3) Cyber Resilience plan, respond and recover

  • Support cyber resilience management system through facilitating of business impact analysis at M/F/LO/HQ/GBS entities, its rollout to JTI/JT entities, consolidation of results and support in building of necessary reporting. 
  • Support cyber crisis manager (IT Business continuity lead) in creation and rehearsal of cyber playbooks and crisis management plans. 
  • Support entities in their business continuity planning and maintenance efforts. 
  • Support IT Disaster recovery process by assisting in DR awareness programs, promoting tools, procedures and guides to IT Teams, coordinating with regions’ IT the annual DR test planning and execution process.

4) Program & Project Delivery

  • Drive the success of Information Security projects and programs across functional and geographical area by building change networks and managing change agents in line with project plans, timelines and budget.
  • Identify risks and issues to support the project manager in successful mitigations to ensure the success of the project.

5) Global Reporting

  • Provide metrics/key performance data to support the central reporting of our overall security posture.

6) Digital Investigations

  • Working with support from the information Security Data Privacy function and inline with strict procedural requirements, you will support and compliment specific digital investigations in support of Legal or regulatory/compliance investigations, Corporate Security and relevant corporate function when required.

7) Data Privacy & Protection & Security

  • Ensure digital solutions meet JTI requirements through effective training and awareness of internal and external partners, minimizing shadow IT and increasing regulatory compliance.
  • Ensuring measurement and evaluation on user adoption for global data protection measures. And that any new requirements for such measures are met through collaboration with Information Security Data privacy function and relevant business units and locations.



  • University Degree or suitable experience. 
  • Certified Information Systems Security Professional (CISSP) (or equivalent relevant experience) 
  • Expertise in 27001/2 and evolving security standards and regulations.
  • Experienced IT Manager, with highly developed communication ability
  • Determined, driven and resilient; able to make a real difference in a fast paced organisation. 
  • Fluent English written & spoken.



  • Be covered with medical insurance upon hiring, with dependent coverage and medicine allowance
  • Receive cash allowances such as meal and transport allowance
  • Flexible working arrangements
  • Have access to over 200 company training
  • Be part of a truly international and diverse company with over 40,000 employees in 130 countries.
  • Experience the culture of an Investors in People certified company
  • Find out why 9 out of 10 employees recommend us to a friend.
  • Understand why 9 out of 10 employees say they feel free to be themselves.


Job Segment: Information Security, Cyber Security, Compliance, Corporate Security, Risk Management, Technology, Security, Legal, Finance

Apply now »