[ref. w41086202] Cybersecurity Governance, Risk and Compliance Manager - Manila

Job Description

Governance:

• Assist in the development and maintenance of cybersecurity policies, procedures, and standards aligned with industry best practices and regulatory requirements.
• Help manage the organization's cybersecurity risk register, identifying, assessing, and prioritizing cybersecurity risks.
• Assist in the development and implementation of risk management framework for cybersecurity.

Risk Management:

• Assist in the periodic cybersecurity risk assessments using industry standard methodologies.
• Help analyze and prioritize identified cybersecurity risks, recommending appropriate mitigation strategies.
• Assist in the development and facilitation of periodic business impact analysis
• Help track and monitor the effectiveness of implemented risk remediation controls.

Compliance:

• Assist in managing and maintaining compliance with relevant cybersecurity regulations and standards (e.g., CIS, PCI DSS, HIPAA, SOC 2, NIST CSF).
• Assist in facilitating the internal and external audits related to cybersecurity.
• Stay up-to-date on evolving cybersecurity threats and regulations.

Additional Responsibilities:

• Work with other departments across the organization to integrate cybersecurity considerations into business processes.
• Assist in the development and facilitation of cybersecurity awareness training for employees.
• Utilize GRC tools to automate and streamline GRC processes (if applicable).
• Coordinate with the ITSS and business unit counterpart on GRC related activities.
• Assist in the preparation of audit reports on the organization's cybersecurity posture for management review.

Qualifications:

• Bachelor's degree in Information Security, Computer Science, Information System, Information
• Technology, Accountancy, or a related field.
• Minimum 5+ years of experience in information security or a related field.