Information Security Analyst

About Security Bank

We are the Philippines' largest independent bank, having won countless awards over the years, including Philippines' Top Employer, named by Statistica, and Best Bank for Diversity and Inclusion, awarded by Asiamoney.​​

We’re changing how people bank. From the moment customers enter our branches to their experience online, we make them feel valued and empowered.​
​
Now, with more than 300+ branches nationwide, BetterBanking has become the gold standard in improving the banking lives of millions of Filipinos. But we’re far from done.​

In our constant pursuit of excellence and improvement, we create teams that support our business and each other. 

About the role:

The Governance Manager is responsible for supporting SBC's efforts against an ever-evolving cyber threat landscape and helps to protect the bank's critical information assets. S/He manages the documentation of Policies/IGs, training, and reporting of the overall compliance status of the group enforces security policies, and tracks the progress and issues for cyber and information security programs

How you'll contribute: 

• Designs and updates SBC's security control standards to ensure that they are all up to date and relevant to the current threat and vulnerability landscape applicable to the financial industry; Helps to ensure that SBC's information security policies are aligned with overall business objectives
• Collaborates with IT & business leaders from across SBC to understand business requirements, ensure governance frameworks for Information security are being properly implemented and develop and execute required security initiatives.
• Assists projects or functional groups in security reviews, risk analysis, and controls assessment in adherence to security policy.
• Helps ensure that all policies, pre-emptive actions, security breaches and incident responses are properly documented for internal and external reporting purposes.
• Performs document reviews and guides in creating and updating the documents for the Implementation Guidelines, Policies, and Standards.
• Supports a positive and collaborative digital delivery culture with a philosophy of continuous improvement, development, innovation and excellence, while remaining in compliance with the bank’s policies and procedures and upholding the highest standards of professional conduct

What we’re looking for

• Strong knowledge of information security frameworks, such as ISO 27001, NIST, and CIS Controls.
• Familiarity with risk assessment methodologies, including threat modeling and vulnerability assessments.
• Knowledge of information security regulations and best practices.
• Excellent project management, leadership, and communication skills.
• Understanding of the current threat landscape and the latest cyber-attacks and techniques used by hackers.
• Familiarity with enterprise security architecture, including network security, security operations, and identity and access management.
• Understanding of information security governance, risk management, and compliance.