InfoSec & Data Privacy Manager (Financial Services)

• Develops and executes the organization's Information Security Strategy and Roadmap.
• Establishes, updates, and enforces security policies, standards, and procedures.
• Leads maturity improvements aligned with ISO 27001, NIST Cybersecurity Framework, and regulatory expectations.
• Advises leadership on emerging risks, security posture, and investment priorities.

1. Risk Management & Compliance

• Conducts periodic security and privacy risk assessments; creates mitigation plans.
• Ensures alignment with regulatory and industry standards (BSP guidelines, NPC, ISO, NIST).
• Oversees vendor/third‑party security evaluations.
• Coordinates with Audit, Risk, and Compliance teams on internal and external security reviews.

1. Data Privacy Office Leadership (DPO Role)

• Leads compliance with the Data Privacy Act of 2012 and its IRR.
• Conducts Privacy Impact Assessments (PIAs) and maintains the privacy program.
• Oversees privacy breach management, reporting, and NPC coordination.
• Drives privacy culture and ensures proper consent, data lifecycle, and access management controls.

1. Incident Response & Security Operations

• Oversees incident response readiness, execution, documentation, and communication.
• Coordinates forensic investigations and post-incident reviews.
• Ensures proper logging, monitoring, and detection controls are in place.

1. Business Continuity & Security Architecture

• Works closely with IT to strengthen disaster recovery and business continuity capabilities.
• Reviews and validates security architecture for systems, applications, cloud services, and infrastructure.
• Recommends technology solutions to mitigate security risks.

1. Training, Awareness & Culture Building

• Designs and facilitates security and privacy awareness programs organization-wide.
• Leads targeted training for high‑risk user groups and executives.
• Drives measurable behavior change and fosters a proactive security culture.

1. Collaboration & Stakeholder Engagement

• Acts as internal consultant to all departments on cybersecurity and data privacy matters.
• Partners with HR, Legal, Operations, and Compliance on governance initiatives.
• Provides security input on projects, new systems, and process changes.

1. Leadership & People Management (Optional based on org structure)

• Provides guidance to IT and cross-functional teams on security best practices.
• May supervise specialists or external partners involved in security and privacy functions.

Be repsonsible for the development and implementation of infosec policies.Explore and join a growing financial services company.

• Bachelor's degree in Information Technology, Computer Science, Information Security, or related field.
• Master's degree in Cybersecurity, Information Management, or Technology Governance is an advantage.

• At least 7-10 years of experience in Information Security, Cybersecurity, or Risk Management.
• Minimum 3 years leading security governance or privacy compliance initiatives.
• Experience in a regulated industry (financial services, fintech, insurance, telecom, BPO) is preferred.
• Strong background in implementing or working under frameworks such as:
• ISO 27001
• NIST CSF
• COBIT
• PCI DSS (nice to have)

Certifications (highly preferred but flexible)Candidates with any of the following are preferred - not required:

• CISM (Certified Information Security Manager)
• CISSP (Certified Information Systems Security Professional)
• CDPSE (Certified Data Privacy Solutions Engineer)
• ISO 27001 Lead Implementer or Lead Auditor
• CEH or equivalent hands-on technical certification

• Strong understanding of cybersecurity technologies, threats, and controls.
• Deep knowledge of data privacy principles, regulatory compliance, and privacy-by-design.
• Ability to translate technical concepts into business decisions and communicate with executives.
• Strong analytical, problem-solving, and decision-making capabilities.
• Ability to manage multiple priorities and influence stakeholders at all levels.
• High integrity, sound judgment, and commitment to confidentiality.

• Security risk reduction and improved security posture.
• Compliance with IT security and privacy policies.
• Effectiveness of incident response and breach prevention.
• Organization-wide awareness and training adoption.
• Timeliness and quality of regulatory compliance (NPC, audit findings, risk items).

• Competitive salaries and benefits
• Extensive healthcare coverage
• Fixed morning shift

If you are ready to take the next step in your career as an IT Security Officer, we encourage you to apply today!