Apply now »







Title:  Information Security Manager

Job ID:  88432
Country:  Philippines
City:  Taguig
Professional area:  Information Technology
Contract type:  Permanent
Professional level:  Experienced

Taguig, 00, PH, 1634

We’re JTI, Japan Tobacco International, and we believe in freedom

We think that the possibilities are limitless when you’re free to choose. We’ve spent the last 20 years innovating and creating new and better products for our consumers to choose from. It’s how we’ve grown to be present in 130 countries, and how we’ve grown from 40 to 4,000+ employees in the Philippines since 2009.


But our business isn’t just business, our business is our people. Their talent. Their potential. We believe that when they’re free to be themselves, to grow, travel and develop, amazing things can happen for our business. That’s why our employees, from around the world, choose to be a part of JTI. It’s why 9 out of 10 would recommend us to a friend, and why we’ve been recognized as INVESTORS IN PEOPLE in the Philippines


It’s the perfect moment for you to #JoinTheIdea. We’re opening our Global Business Service center in the heart of BGC Manila and looking for more than 300 bright minds to join a global multinational with an exciting start-up vibe.



This position will remain open until filled.



Information Security Manager


The role exists to ensure that information security risks are effectively identified and mitigated throughout the organisation. Working closely with all members of the Information Security Program and Integration and beyond to manage Risk, Controls, Compliance, Awareness and Data Protection as well participation in major security projects. The role is composed of a variety of activities including, tactical, operation and strategic activities in support of the Information Security program. The role will form a close communication connection between business locations, functions and Information Security - ensuring effective integration.


1. Business Relationship Management 
Become the efficient link between Information security and JTI organization (Regional markets, factories, leaf origins, global Business and IT functions, GBS, etc.) Work with internal stakeholders to develop relationships to help promote and improve information security and provide security advice on procurements, projects and new initiatives as required. Collaborative and agile approach to maintaining the confidentiality, integrity and availability for JTI information to drive our 2030 vision.


2. Governance, Risk Management and Compliance
Support the development  and maintenance of information security policies and accompanying standards, procedures and guidance.

Support information security risk assessments as well identification of mitigating controls. Support development and delivery of planned compliance reviews and ensure any gaps are addressed.


3. Cyber Resilience plan, respond and recover
Support cyber resilience management system through facilitating of business impact analysis at M/F/LO/HQ/GBS entities, its rollout to JTI/JT entities, consolidation of results and support in building of necessary reporting. 
Support cyber crisis manager (IT Business continuity lead) in creation and rehearsal of cyber playbooks and crisis management plans. 
Support entities in their business continuity planning and maintenance efforts. 
Support IT Disaster recovery process by assisting in DR awareness programs, promoting tools, procedures and guides to IT Teams, coordinating with regions’ IT the annual DR test planning and execution process.


4. Cyber Culture Awareness
Educate stakeholders to increase awareness and improve risk culture Empowering our employees to undertsand cyber risk, know what to look out for and know what to do in the event of an incident are important factors in managing their lives at home and at work in a digital world. Support the security awareness program to ensure employees are equipped with the necessary knowledge and training to better protect and defend themselves and ultimately JTI against cyber crime through the i-secure program. 


5. Program & Project Delivery
Drive the success of Information Security projects and programs across functional and geographical area by building change networks and managing change agents in line with project plans, timelines and budget. Identifying risks and issues to support the project manager in successful mitigations to ensure the success of the project.


Who are we looking for?

  • University degree in Computer Engineering, Information Systems, or related field or relevant experience

  • 7+ Years of experience in information security or related fields

  • Experience with governance, risk management and compliance

  • Experience in security audits and assessments

  • Experience with security policies and procedures 

  • Technical knowledge of IT and Cybersecurity will be a plus.

  • Familiarity of IT systems, cloud technologies, Data and infrastructure -  a plus 

  • Competent presenter and engaging group trainer - passionate about empowering others with easy to comprehend knowledge.

  • Familiarity with good practices in IT Service & application management a plus

  • An effective change agent, able to listen, understand impact, communicate, adapt and deliver. 

  • Excellent written and verbal communication skills. Ability to convert technical into simple business language.

  • Strong analytical and critical thinking skills

  • Ability to work both independently and collaboratively as part of a strong team.

  • Able to manage a diverse workload and prioritize effectively.

  • Strong Project Management Skills

  • CISM, CISSP or similar ( or equivalent relevant experience)



What are the next steps?

Thank you for applying!

We will make sure every candidate receives a reply within 2 weeks after the application deadline. 


Job Segment: Information Security, Cyber Security, Information Technology, IT Manager, Risk Management, Technology, Security, Finance

Apply now »