IT Governance Manager
Consultant Rexanne Gali
Date posted 24 October 2018 2018-10-242018-12-22 insurance 8767 Paseo De Roxas Makati City 1226 Robert Walters Philippines
One of the largest life insurance groups is looking for an IT Governance Manager to serve as the subject matter expert of IT governance and information security management system framework. You will be responsible for supporting management with its responsibilities in responding to requests from internal and external audit entities including reviewing requests, monitoring audit execution and reviewing findings with governance bodies.
About the IT Governance Manager Role:
Reporting to the local Information Security and Technology Risk Head, you will help in implementing and providing support to the Group security standards, policies, procedures and guidelines and continuously assess and monitor its compliance.
- Ensure business units are informed of policies, standards, and frameworks and enforce compliance
- Define and implement processes and activities to ensure ongoing conformance to security policies, standards, and legal and regulatory requirements
- Verify that information processes meet the security criteria, requirements or policy, standards and procedures
- Monitor compliance and carry out ITGC compliance validation regularly in accordance with the policy criteria, standards, and legal and regulatory requirements
- Review technology actions plans (in coordination with Cyber-security team) to ensure reported finding and associated risks are addressed
The successful IT Governance Manager must have in-depth understanding of IT general controls (security, change management, disaster backup recovery, data center, etc.) and IT application control concepts (application processing controls, system reconciliations, interfaces, reports testing, workflows).
- College diploma or university degree in the field of computer science and/or 10 years' equivalent work experience
- One or more of the following certifications: CISA, CISSP, CISM, CRISC
- Experience in process definition and control definitions based on industry best practices
- In-depth understanding of system development lifecycle methodology, operating system and database platforms (mainframe, client/server, Web services, Windows, UNIT, AS400, DB2, etc.)
- In-depth understanding of data protection processes and technologies
- Proficient understanding of Generally Accepted Security Frameworks, Information Security regulations and laws, risk management, also intermediate-level understanding of the financial or insurance services industry
If you are someone who has the ability to effectively prioritise and execute tasks in a high-pressure environment, then this is the role for you. This is an excellent opportunity to define and implement applicable enterprise IT management practices and activities in accordance with the industry best practices, standards and frameworks.
Apply today or call me to discuss this new opportunity.