Information Security GRC Manager
Salary Market aligned
Consultant Rexanne Gali
Date posted 04 July 20192019-07-04 2019-09-02 it Manila National Capital Region PH PHP 1170000 1300000 1300000 YEAR Robert Walters https://www.robertwalters.com.ph https://www.robertwalters.com.ph/content/dam/robert-walters/global/images/logos/web-logos/square-logo.png
A fintech company is recruiting an Information Security GRC Manager to join their team. The role offered is responsible for leading cross technology governance discussions on policy and standard changes, along with managing deficiencies and exceptions.
About the Information Security GRC Manager Role:
Reporting to the Head of Information Security and Privacy, the Information Security GRC Manager will provide operational and technical support for governance, Risk Management and Compliance (GRC) tools.
- Assist in efforts on Application Security Testing Program management.
- Work through Technology Control design and effective KPI, KRI reporting
- Support other information security programmes and initiatives
- Create meaningful security metrics to communicate information security posture and risks to leadership
- Monitor regulatory compliance as required to ensure alignment within of information security policies and standards
- Execute assessments including audit planning, detailed audit procedures and related testing and reporting in accordance with professional and departmental standards such as Payment Card (PCI), and Targeted Risk Assessments
The successful Information Security GRC Manager must have strong understanding with compliance regulations, IT, security frameworks and standards (i.e. NIST 800, ISO/IEC 27002, GDPR, CCPA, HIPAA, PCI, SOX, HITRUST).
- At least five years of hands-on experience developing, managing, implementing and supporting information security GRC programmes and tool sets
- Ability to assess security risk, controls, and compliance in a variety of situations, architectures, and solutions
- Industry security certifications, such as - Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA) a plus
- Risk assessment skills and the ability to manage multiple risk assessments
Backed by a well-established group of companies, they have already expanded their business including loans, business solutions and platforms. They are committed to exploring innovative avenues towards microfinance.
If you want to be in a role that is both highly strategic and hands-on, you can take your career forward with this challenging Information Security GRC Manager role.
Apply today or call me to discuss this new opportunity.