Information Security SME (Part-Time)

Role

Information Security SME (Part-Time)

Job Description

We are seeking a highly experienced Information Security SME to lead the design and implementation of security architecture for a modern data lakehouse platform based on Microsoft Fabric. This role is critical to safeguarding the confidentiality, integrity, and availability of enterprise and operational data within a regulated utility environment.

You will work closely with data engineering, IT, governance, and compliance teams to embed robust security measures across all layers of the lakehouse platform while ensuring adherence to both Philippine regulatory requirements (e.g., NPC, DICT, Critical Infrastructure Protection) and global best practices. 

Key Responsibilities

• Define and implement the security architecture for a Microsoft Fabric-based data lakehouse (covering OneLake, Data Pipelines, Delta Lake, Power BI, etc.). 
• Ensure end-to-end data protection, including encryption (at rest and in transit), key management, access control, and secure identity management (Azure AD, RBAC). 
• Assess risks and define mitigations for data ingestion, transformation, storage, and analytics pipelines. 
• Integrate Microsoft Purview for data classification, lineage, and policy enforcement. 
• Align lakehouse security with local Philippine regulations (e.g., Data Privacy Act of 2012, DICT security frameworks) and utility-specific compliance standards. 
• Implement auditing, monitoring, and incident response strategies specific to cloud-based data platforms. 
• Lead security reviews, threat modeling, and architecture assessments for new and existing solutions. 
• Collaborate with enterprise security and risk teams to ensure compliance and security posture of the entire data platform. 
• Participate in vendor evaluations, security tool selection, and third-party risk assessments. 

Required Qualifications

• Bachelor’s or Master’s degree in Information Security, Computer Science, Engineering, or related field. 
• 8+ years of experience in information security or cyber architecture, including at least 2 years working with data platforms or cloud data lakes. 
• Strong experience with Azure security architecture, particularly in relation to Microsoft Fabric, Azure Data Lake Storage, Azure Synapse, Azure Key Vault, and Power BI. 
• Deep knowledge of identity and access management (IAM), RBAC, Zero Trust, and data encryption mechanisms. 
• Familiarity with Philippine regulatory standards (e.g., Data Privacy Act, DICT regulations, NTC guidelines for utilities). 
• Proven ability to design and implement secure cloud-native architectures following industry frameworks like NIST, CIS, or ISO 27001. 

Preferred Qualifications

• Certifications such as: 
  • CISSP, CISM, or CCSP 
  • Microsoft Certified: Cybersecurity Architect Expert 
  • Azure Security Engineer Associate 
• Experience in the utilities sector or other critical infrastructure environments. 
• Knowledge of OT/ICS security integration for data generated by SCADA or other telemetry systems. 
• Experience integrating security with data governance, data cataloging, and compliance reporting workflows. 

Soft Skills & Competencies

• Strong collaboration and communication skills, especially when working across IT, business, and regulatory teams. 
• Ability to balance security, usability, and business risk in a fast-evolving environment. 
• Proactive mindset with excellent problem-solving and risk analysis capabilities. 

Number of Vacancies

1