TEAMS

SPACES

CAREERS

SECURITY ANALYST – PRODUCT & VENDOR

XTN-3E78732

City
N/A, N/A
Schedule
Day Shift
Office Location
KMC site or other business locations as may be instructed by KMC Solutions from time to time
Work Schedule
Day Shift

Make your next big career move by applying as KMC Solutions' next SECURITY ANALYST – PRODUCT & VENDOR

We are seeking a Security Analyst to support the organization’s Third-Party Risk Management (TPRM) program, with a primary focus on application and security architecture reviews of external vendors and SaaS providers.

This role sits at the intersection of security architecture, vendor assessment, and GRC reporting. The analyst will evaluate vendor-provided documentation, analyze cloud-based technology stacks, and produce structured security assessment outputs that feed directly into the GRC team’s formal risk reporting process.

A key part of this role involves working with incomplete or unclear vendor documentation and performing independent research (including OSINT techniques) to accurately understand vendor architectures and security posture.

On top of your salary, here are the exciting benefits you can look forward to:

  • Health Insurance/HMO 
  • Enjoy unlimited MadMax Coffee
  • Diverse learning & growth opportunities
  • Accessible Cloud HR platform (Sprout)
  • Above standard leaves

The main responsibilities of a SECURITY ANALYST – PRODUCT & VENDOR include:

Key Responsibilities

  • Perform detailed security architecture and application reviews of third-party vendors, SaaS platforms, and external services.
  • Request and evaluate vendor documentation such as:

Architecture diagrams

  • Security practices and policies
  • Compliance reports (SOC 2, ISO 27001, etc.)
  • Penetration test summaries
  • Data flow and integration diagrams
  • Use a standardized internal assessment framework to evaluate expected controls and determine vendor risk levels.
  • Translate technical findings into a structured document used by the GRC team for formal risk reporting.
  • Conduct independent research and OSINT analysis when vendor documentation is incomplete or missing.
  • Assess a wide variety of modern and niche cloud-based technology stacks.
  • Communicate directly with vendors to clarify architecture, controls, and security posture.
  • Collaborate primarily with GRC and occasionally with Procurement and Engineering during vendor evaluations.
  • Manage multiple concurrent vendor assessments with minimal supervision.

To apply, you must be an expert on the following requirements:

Required Skills & Experience

  • 3+ years’ experience in any of the following:
  • Security analysis
  • Security architecture review
  • Application security
  • Third-party/vendor risk management
  • Cloud security assessment

Strong ability to interpret:

  • Architecture diagrams
  • Security documentation
  • Data flows and system integrations
  • Familiarity with cloud-based and SaaS technology stacks.
  • Experience evaluating vendor security posture against defined security control requirements.
  • Strong analytical, research, and documentation skills.
  • Comfortable working with ambiguous or incomplete information.
  • Self-motivated and able to work independently across multiple assessments.

Highly Preferred

  • Experience in Third-Party Risk Management (TPRM) or Supply Chain Risk Management.
  • Experience performing security reviews for SaaS or cloud vendors.
  • Familiarity with OSINT techniques for technology and architecture research.
  • Exposure to GRC processes and risk reporting.

It will also be favorable if you are knowledgeable in:

Key Traits for Success

  • Naturally curious and investigative mindset.
  • Comfortable navigating unfamiliar technologies and niche stacks.
  • Detail-oriented with strong written communication skills.
  • Able to translate technical architecture into risk language for GRC reporting.
  • Proactive, independent, and highly organized.

The successful candidate must submit the following pre-employment requirements

  • Scanned copy of valid NBI Clearance
  • Accomplished Medical or PEME Slip (covered by KMC)
  • 2x2 & Half body picture with white background
  • Proof of government numbers (TIN, SSS, Pag-ibig, & Philhealth)
  • Photocopy of 2 valid IDs – front & back (government-issued)
  • Clear copy of your Birth Certificate (PSA or NSO)
  • Accomplished HR Forms & Promissory Note (will be provided by KMC’s Onboarding Team

Click here to view the complete list of KMC’s pre-employment requirements.

KMC Careers

If you're a rockstar at what you do and looking to be a part of our amazing story, we want to hear from you!

We offer attractive salaries and benefits plus you get to work in some of the Philippines' best flexible workspaces. Our employees also get to enjoy exclusive discounts, rewards and freebies, and invites to our monthly events. We are always recruiting for roles in IT & Development, Marketing, Business Administration, HR & Recruitment and Legal & Finance Roles.

KMC provides quality employment opportunities for job-seekers looking for a career that is both challenging and fulfilling. We are also committed to providing equal opportunities at every selection stage. We do not discriminate due to age, gender, sexual orientation, ethnicity, nationality, and religion.

Work with Us. Grow with Us.

KMC Solutions offers a variety of career opportunities in Metro Manila, Cebu and Clark & Iloilo. We are always looking for talented and enthusiastic individuals who are ready to make their next big career move.

Our Culture

At KMC, we foster an inclusive and positive workplace for all. We push our members to succeed in everything they do through our collaborative work environment. We encourage our community to work hard and reach their full potential while delivering results that matter for our members and you as professionals.

We host amazing and quality events and implement people-centric policies to work flexibly. We ensure that everyone in our expansive network is engaged, from our internal employees and those who work on behalf our offshore partners.

Life within KMC: Work Hard Party Harder

At KMC, we work hard and we are committed to putting our best foot forward in everything we do. Everyone is encouraged to be an individual while also working for the collective good of the KMC Community. We believe mistakes are opportunities and that you should not present a solution without a problem.

We also know when hard work deserves to be recognized so we reward our employees with monthly parties, free trips and much much more!

No account yet

Sign up to view exciting career opportunities!

Refer A Friend