About the job Information Security Engineer
Position Title: Information Security Engineer
Business Unit / Function: Group Business Solutions (GBS)
Location: Manilla, PH
Reports To: Information Security Lead
Leadership Capability Level: Individual Contributor
Relationships and Authority
Authority Level: As per Wilson Group Authority Level Policy
Client Group: Wilson Group
Direct Reports: NA
Indirect Reports: NA
Key Relationships
Internal
Information Security, IT Operations,
Enterprise Applications Team, and
Technical Leads and Group Business
Solutions Management teams.
External
Vendors
Job Purpose
Supporting the Information Security Lead in driving the Security Operations function at Wilson Group. This
primarily consists of performing day to day activities supporting Wilson staff with any cyber security related
issues they may have, as well as maintaining the health and improving the performance of our cyber security
detection and prevention technology and processes.
As part of the Information Security team, your role is to also assist the Information Security Lead in promoting a
strong cyber culture; managing cyber risk; and improving the overall cyber resilience of Wilson Group.
Key Accountabilities
Comply with all company policies, standards and procedures, legal and statutory requirements.
Support the Information Security Lead as directed, by:
Responding, investigating and remediating security incidents using the Wilson Group's security tools
and processes;
Managing the Information Security team's ITSM queue, including responding to incidents and
requests for support;
Performing routine checks of Wilson's security systems to identify potential incidents;
Providing reporting on security control on key Information Security operations metrics;
Responsibility for the scanning and reporting of vulnerabilities across the Wilson network;
Working with cross functional teams to recommend treatment plans and ensure Group IT maintain
compliance with its vulnerability management policies;
Ensuring all Wilson Group's security systems are maintained, supported and vendor service
agreements are in place and current;
Writing Requests for Change and engaging with other teams to obtain the necessary support to
deliver Information Security team outcomes;
Assisting with periodic information security assessments of key systems and environments;
Maintaining up-to-date documentation and diagrams of Wilson Group's security systems;
Assisting with the on-going maintenance of Wilson Group's PCI DSS compliance;
Providing cover for other members of the team when requested; and
Always adhere to and role model the Company values & policies
Position Description
Information Security Engineer
Page 2 of 4
Reviewed December 2020
Take reasonable care of the health and safety of yourself and others, and report hazards and
incidents
Participate in annual PDR process and work to achieve objectives
Comply with Company policies and procedures and legislative requirements
Complete any other reasonable directives as given by your Manager
Competencies
BUSINESS FOCUS UNDERSTANDS THE BUSINESS
Strategic mindset Seeks to understand overall themes, trends and goals that may affect the team
Identifies business opportunities or possibilities by thinking broadly about the business
Displays financial
acumen
Draws accurate conclusions regarding financial data relevant to role
MAKES COMPLEX DECISIONS
Manages complexity
Examines problems and seeks the advice and perspective of others before taking
decisive action
Recognises symptoms that may indicate larger issues
Ensures decision
quality
Remains decisive on everyday issues and problems
Considers the potential impacts of different decisions and actions on the wider team
CUSTOMER FOCUS UNDERSTANDS THE CUSTOMER
Identifies customer
opportunities
Shares customer insights with the team
Seeks up-to-date information on trends that may impact on customer opportunities
Gains customer
insights
Uses mechanisms available for capturing customer insights and data analytics
PROVIDES SUPERIOR CUSTOMER SERVICE
Improves customer
experience
Uses metrics that monitor individual performance against customer service
expectations
Adopts best practice to deliver quality customer service
Customer centric Delivers an exceptional customer experience
Acts with the customer in mind
PEOPLE FOCUS BUILDS RELATIONSHIPS
Develops relationships
Relates well to all kinds of people – up, down, sideways
Builds strong relationships within the team
Consistently relates to others in an open and respectful manner
Communicates
effectively
Demonstrates strong active listening skills
Supports ideas and opinions put forward by others
Manages conflict Remains respectful in tense situations
Remains cool, calm and composed when faced with difficult situations
Organisationally savvy Understands how teams work together
BUILDS TEAMWORK AND COLLABORATION
Promotes teamwork
and collaboration
Contributes to establishing common goals within the team
Shares information and expertise with others
Explores the needs of others and can modify approach to gain a win-win outcome
Inspires others to
perform
Presents ideas with enthusiasm and conviction so that others are inspired to perform
RESULTS FOCUS TAKES THE INITIATIVE
Action orientated Displays a strong sense of urgency, drive and determination to achieve outcomes for
the team
Resourceful
Seeks additional resources to complete tasks when needed
Seeks learning and development opportunities in line with personal and organisation
needs
MANAGES EXECUTION
Plans and aligns Focus efforts on priority tasks and activities
Contributes to work schedules and weekly plans
Position Description
Information Security Engineer
Page 3 of 4
Reviewed December 2020
Amends plans as required
Operational excellence Seeks ways to improve processes and systems
FOCUSES ON PERFORMANCE
Drives results
Pushes self to deliver results and high standards of performance
Completes tasks to a high standard
Shows strong commitment to achieving results
Ensures accountability Takes responsibility for meeting commitments in terms of time, quality and cost
CHANGE FOCUS CULTIVATES INNOVATION
'Out of the box'
thinking
Thinks outside the box and offers new ideas that challenge the status quo
Remains curious, is open to new ways of doing things
Drives innovation Adapts approach and learns from experience
Supports ideas put forward by team members
LEADS CHANGE
Manages ambiguity Handles uncertainty or the unknown confidently
Remains resilient Remains positive and performs effectively in changing situations
Drives change Publicly supports change
Shares ideas and seeks common ground regarding change
Values
Integrity We do what we say we will do and deliver on our promises
Leadership The wellbeing of our people, our customers and our community guide our decisions
Customer Build trusted relationships with internal and external customers
Innovation We support new ways of thinking and working
Qualifications and Experience
Essential Knowledge, Skills and Experience
3+ years' experience working in a Security Operations role within a medium to large organisation;
Proven hands-on technical security experience with Endpoint Protection, Email Security Gateways,
SIEM, Web proxies, Privileged Identity & access management, DLP, Vulnerability Management.
Experience in scripting and automating manual workflows, intelligence gathering and threat hunting to
identify potential system & network compromises;
Experience of incident response and handling end-to-end investigations of network & endpoint
compromises;
Experience of working with vendor support and troubleshooting complex issues to resolution;
Experience of collating data to produce operational reporting for management.
Proven history of working in a position of trust;
Excellent communication skills, both written and verbal, to convey information effectively and
professionally to users, management, and technical staff.
Ability to work under minimal supervision.
Good attention to detail and problem solving.
Desirable
Active certifications and credentials in information systems or cyber security operations and
management.
University degree or diploma in information technology, computer science and/or related discipline.
Knowledge and experience in the following areas
o Securing cloud environments (Azure & AWS);
o System hardening;
o Web application firewalls
o Frameworks such as NIST & MITRE ATT&CK
o Network Security
o ITIL framework.