Security Compliance And Assurance Manager | It | Sb Finance | Makati
Makati, Makati, Philippines
About Security Bank
We're one of the Philippines’ leading universal banks. Over the years, we received various awards and accolades for being one of the most stable in the banking industry.
As Security Compliance & Assurance Manager, you will ensure that the department members with security duties and responsibilities across the SBF are aligned and driving toward the desired organizational control objectives and consistent methods and solutions.
How you'll contribute
1. Executing security certification renewals, ensuring continuous compliance with ISO 27001, ISO27707, SOC 1, SOC 2, DPA, and PCI DSS.
2. Assist in cybersecurity governance and help in creation of an architecture that ensure SBF’s security programs are aligned with business objectives and compliant with regulations and standards to ensure the security and protection of internet-connected systems such as hardware, software, and data from cyberthreats.
3. Drive cross-organizational collaboration and teamwork in integrating information security controls into business processes and operations through an information security program and risk management process.
4. Addressing Third-Party Security Risk questionnaires, providing detailed insights into SBF security protocols and practices.
5. Evaluating and recommending potential security vendors, ensuring optimal compatibility and efficiency portfolio.
6. Assist in developing security frameworks across SBF security programs.
7. Assist in managing the resolution and escalation of issues, incidents, and concerns of department members and ensure timely escalation to the Department Head regarding critical or sensitive issues.
8.Serve as a SME on information security regulations and advise employees and management on information security requirements and recommendations.
9. Develop and enhance relationships with Business and Technology stakeholders to understand current challenges and establish a GRC framework to manage risk and compliance levels.
10. Liaise directly with Compliance and various backend Technology teams on regulator inspection, regulatory reporting, external audit, security certificate programs, and internal audit projects to assure compliance with all applicable regulations.
11. Coordinate and perform compliance activities and checks.
12. Assist in collecting feedback from stakeholders periodically to drive service improvements and security enhancements.
13. Assist in ensure the inclusion and implementation of appropriate security controls in the design and development of new projects and/or key changes and the conduct of vetting processes to ensure adequate mitigation of vulnerabilities.
14. Assist in managing and tracking the company overall security program, projects, and KPIs against the defined security roadmap and framework.
What we’re looking for
- Bachelor’s Degree in BSIT, Computer Science, or related field
- At least 5 yrs. experience relevant experience from Banking/Lending Companies/Fintech
- Experience working in security at a Financial Technology Company or similar environment.
- Leadership skills to drive large-scale complex programs with high collaboration and leadership.
- Knowledge of industry standards such as but not limited to PCI-DSS, ISO27001, ISO27701, AWS Best Practice, NIST Cybersecurity Framework, and Data Privacy Act.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
More jobs like this
Bengaluru, Karnataka, India Bengaluru, Karnataka, India Full TimeSenior Senior-levelUSD 45K - 84K * USD 45K+ *
Threat Intelligence LeaderArtificial Intelligence Cloud Encryption Incident response Machine Learning Monitoring +4
Career development Competitive pay Flex hours Flex vacation Pet friendly +1
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Information Security Officer jobs
- Open Security Operations Engineer jobs
- Open Analyste CERT / Incident Responder junior (H/F) jobs
- Open Ingénieur DevSecops H/F jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Security Architect jobs
- Open Chief Information Security Officer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Analyste CERT / Incident Responder senior (H/F) jobs
- Open o365 Security Architect jobs
- Open Senior Security Analyst jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Staff Product Security Engineer jobs
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open Product Security Engineer jobs
- Open Security Researcher jobs
- Open Cyber Security Architect jobs
- Open GCP-related jobs
- Open SOC-related jobs
- Open Risk assessment-related jobs
- Open Network security-related jobs
- Open Governance-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Analytics-related jobs
- Open CISM-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Security assessment-related jobs
- Open Forensics-related jobs
- Open APIs-related jobs
- Open SQL-related jobs
- Open CI/CD-related jobs
- Open EDR-related jobs