CYBER GOVERNANCE HEAD

About Security Bank

We are the Philippines’ largest independent bank, having won countless awards over the years, including one of Euromoney's most prestigious industry awards in 2021—Best Bank in the Philippines.

We’re changing how people bank. From the moment customers enter our branches to their experience online, we make them feel valued and empowered.

Now, with more than 300 branches spanning the country, BetterBanking has become the gold standard in improving the banking lives of millions of Filipinos. But we’re far from done.

In our constant pursuit of excellence and improvement, we create teams that support our business and each other.

The Role

The Governance & Compliance Head is responsible to lead and manage Governance & Program Management teams. 

Primarily responsible to manage the documentation of Policies/IGs, training, reporting of overall status of the group, enforce security policies, govern and oversee cyber and information security program and projects, administrative tasks such as budget and actual spend tracking, awareness to all employees, compliance testing of controls for all business units and performing gap analysis for regulatory circulars or laws related to information security.

How you'll contribute

• Perform all activities necessary to develop and successfully implement an information security plan and the program based on that plan;
• Perform all activities required to ensure proper oversight, risk management, and compliance with legal, regulatory, policy, and other information-security related requirements with which the organization is required to comply;
• Ensure that all documentation requirements of the division are executed from the creation, modification, periodic review and publication to all employees;
• Ensure that controls are adequate to meet legal, regulatory, policy, standards, and security requirements adopted by the Bank and its subsidiaries;
• Ensure that information security awareness requirements are updated and executed as per security awareness plan/program;
• Ensure that all required training requirements are properly documented and tracked;
• Lead the budget planning process and consolidate inputs from the different sub units;
• Ensure that gap analysis is performed for new or updated circular and laws coming from different government agencies and coordinate with different affected groups for remediation;
• Ensure that compliance testing requirements of the group is executed as per compliance testing plan;
• Report to the Board, CISO/Deputy CISO, CRO and/or CEO/President all the status of initiatives of the group;
• Provide coaching, mentoring and best practices to personnel;
• Provide additional work as required by the supervisor;

What we’re looking for

• Graduate of IT related or any business course
• Preferably with ISO 27001, CISA, CISM certification
• 5-10 years of experience in IT, IT Security, Information Security, and IS Audit
• Knowledge on different domains of IT, Network/Infrastructure/Design, Project Management
• Knowledgeable and with prior experience in implementing various global information security and auditing standards/framework i.e., ISO 27001, PCI-DSS, NIST, SSAE 16, SOX, etc.
• Experience in document writing / policy making.
• High degree of organizational & analytical skills.
• Excellent interpersonal communication & presentation skills.
• Proficient in both oral & written communication

#LI-JL1

#LI-Hybrid