Senior IT Security and Regulatory Consultant

A leading global organisation is seeking a Senior IT Security and Regulatory Consultant to play a pivotal role in safeguarding its IT landscape while ensuring compliance with the latest cybersecurity laws and regulations.

This position offers you the opportunity to collaborate closely with IT, business units, legal, and compliance teams, translating complex regulatory requirements into practical solutions that protect the organisation’s interests. You will be empowered to lead projects that integrate new regulatory demands into existing frameworks, provide expert consultation on technical and information security matters, and support strategic initiatives that shape the future of cybersecurity within the company. The environment is highly collaborative, offering hybrid working arrangements based in Makati, and you will report functionally to the Head of Governance, Risk & Compliance. If you are passionate about making a tangible impact on organisational security and enjoy working across diverse teams to deliver meaningful results, this is your chance to join a forward-thinking team dedicated to excellence.

• Be at the forefront of interpreting and implementing emerging cybersecurity regulations in a supportive, cross-functional environment where your expertise will directly influence organisational strategy.
• Enjoy flexible hybrid working arrangements in Makati while collaborating with knowledgeable professionals who value your input on critical governance, risk, and compliance initiatives.
• Lead impactful projects that enhance supply chain security and third-party risk management, positioning the organisation as an industry leader in effective cybersecurity practices.

What you'll do:

As a Senior IT Security and Regulatory Consultant, you will immerse yourself in a role that bridges technical expertise with regulatory insight. Your day-to-day activities will involve analysing new cybersecurity laws and translating these into practical steps for various departments. You will conduct thorough risk assessments to ensure every aspect of the organisation’s IT infrastructure remains compliant with current standards. By providing expert advice on information security matters, you will help shape policies that safeguard sensitive data while supporting major governance initiatives. Your leadership in project delivery will see you integrating new controls seamlessly into existing frameworks or building them from scratch when required. Working closely with colleagues from different disciplines ensures that your recommendations are both actionable and aligned with broader business objectives. You will also play a key part in managing third-party cyber risks within the supply chain by ensuring all partners meet stringent legal requirements. Regular reporting to senior leadership keeps everyone informed of progress while your commitment to continuous improvement drives ongoing enhancements in security posture.

• Analyse emerging IT cybersecurity laws and regulations, translating them into actionable requirements through close collaboration with IT, business units, legal, and compliance teams.
• Conduct comprehensive risk assessments and compliance reviews to ensure ongoing alignment with evolving regulatory obligations across all areas of the organisation’s IT landscape.
• Provide expert consultation on technical and information security matters to support the development, implementation, and operation of the Global Governance, Risk, and Compliance programme.
• Lead projects focused on integrating new regulatory requirements into existing control frameworks or establishing new controls as necessary in partnership with the Global Governance, Risk & Compliance team.
• Support the third-party cyber risk management programme by ensuring compliance with legal supply chain risk management requirements.
• Functionally report to the Head of Governance, Risk & Compliance Team while contributing to strategic global initiatives that drive continuous improvement in governance, risk management, and compliance.
• Collaborate effectively with cross-functional teams and high-level stakeholders to proactively resolve issues related to information security management systems.
• Deliver clear communication and presentations regarding regulatory changes and their impact on internal processes to both technical and non-technical audiences.
• Maintain up-to-date knowledge of relevant standards such as ISO 27001, NIST Cybersecurity Framework, CIS Controls (Center for Internet Security), OWASP, GDPR, and other applicable regulations.
• Champion a culture of continuous improvement by identifying opportunities for process enhancements within information security management.

What you bring:

Your extensive background in IT security equips you with deep knowledge of information security management systems under globally recognised standards such as ISO 27001. With at least seven years’ experience navigating regulatory environments, you have honed your ability to interpret complex legislation into practical actions that benefit both technical teams and business stakeholders alike. Your professional certifications—such as CISA or ITIL—demonstrate your commitment to best practice while any exposure to SAP Infrastructure further enhances your suitability for this post. You bring a proven history of managing third-party cyber risks within large organisations or supply chains. Your approach combines analytical rigour with excellent interpersonal skills; you thrive when collaborating across departments or presenting findings at senior level meetings. A passion for continuous improvement means you are always looking for ways to refine processes or introduce efficiencies without compromising on quality or compliance. Your fluency in English supports clear communication whether drafting reports or delivering presentations. Finally, your flexibility allows you to adapt easily to hybrid working patterns based out of Makati’s central business district.

• Bachelor's Degree in Information Technology, Computer Science, IT Business Applications or other relevant courses is essential for this role.
• A minimum of seven years’ experience working within IT Security and Regulatory environments is required; hands-on experience handling Information Security Management Systems under ISO 27001 is crucial.
• Proven track record implementing controls using frameworks such as NIST Cybersecurity Framework or CIS Controls (Center for Internet Security) is highly valued.
• Experience managing Third Party Cyber Risk Management programmes demonstrates your ability to oversee complex supply chain relationships securely.
• Relevant certifications such as CISA (Certified Information Systems Auditor) and Information Technology Infrastructure Library (ITIL) are mandatory; exposure to SAP Infrastructure is considered an advantage.
• Solid understanding of international standards including ISO 27001, OWASP guidelines, GDPR compliance requirements is expected for success in this position.
• A continuous improvement mindset combined with strong problem-solving abilities enables you to identify opportunities for enhancement within established processes.
• Excellent project management skills allow you to coordinate multiple initiatives simultaneously while maintaining attention to detail.
• Outstanding communication and presentation skills ensure you can convey complex regulatory concepts clearly to diverse audiences across all levels of the organisation.
• Fluency in both spoken and written English is essential; willingness to work mid-shift hours (1:00 PM – 10:00 PM) on a hybrid basis from Ayala Avenue in Makati is required.

What sets this company apart:

This organisation stands out for its unwavering commitment to maintaining robust cybersecurity practices while fostering an inclusive environment where collaboration thrives. Employees benefit from flexible hybrid working arrangements designed around work-life balance needs without sacrificing professional growth opportunities. The company invests heavily in training programmes so staff remain at the cutting edge of industry developments—ensuring everyone has access to resources needed for personal advancement. Strategic initiatives are driven by knowledgeable leaders who value input from all team members regardless of seniority; this creates a culture where ideas are shared openly and successes celebrated collectively. The focus on supply chain integrity means employees contribute directly towards securing not just internal operations but also those of trusted partners worldwide—making every role here truly impactful. By joining this team you become part of an organisation renowned for its ethical approach towards governance while enjoying generous support structures tailored towards long-term career satisfaction.

What's next:

If you are ready to make a significant contribution towards shaping secure futures within a respected global organisation—this is your moment!

Apply today by clicking on the link provided below.

Due to the high volume of applications we are experiencing, our team will only be in touch with you if your application is shortlisted.