Lead, Governance, Risk & Compliance (GRC)

Job title: Lead, Governance, Risk & Compliance (GRC)

Company: EastWest Bank


Job description: About the job Lead, Governance, Risk & Compliance (GRC)JOB PURPOSE:

• The Lead – Governance, Risk & Compliance (GRC) will serve as a critical member of the GRC department within the Governance & Assurance Division, reporting directly to the Head of GRC.

• This role is responsible for executing information security governance, risk management, and compliance initiatives, ensuring the organization’s adherence to industry standards and regulatory requirements.

DUTIES & RESPONSIBILITIES:

• Governance Excellence

• Implement and enhance information security governance frameworks in alignment with organizational objectives.
• Drive initiatives to establish and maintain effective IS governance structures, ensuring clarity and accountability.

• Risk Management

• Lead the identification, assessment, and prioritization of information security risks and performance metrics.
• Develop and implement risk management action plans to safeguard organizational assets and information.

• Compliance Oversight

• Ensure adherence to relevant regulatory requirements and industry standards through periodic monitoring.
• Conduct periodic compliance audits and assessments, providing actionable recommendations for improvement.

• Policy Development and Implementation

• Develop, update, and communicate information security policies and standards.
• Ensure comprehensive understanding and adherence to established policies across the organization.

• Training and Awareness

• Implement programs to educate and raise awareness among staff regarding information security policies and best practices.
• Collaborate with the training department to design targeted security awareness training sessions.

• Incident Response Coordination

• Collaborate with the incident response team to ensure seamless integration of GRC initiatives into incident response planning.
• Assist in the development and maintenance of incident response plans related to governance and compliance

QUALIFICATIONS:

• BS/BA in ICT, Computer Science, any related field and equivalent work experience
• At least (2) Professional Security certifications (e.gs., CISSP, CISM)
• PCI-DSS, ISO27001, NIST Cybersecurity Framework, Data Privacy program implementation experience
• Experience working in security at a banking industry or similar environment
• Must have experience in managing small to mid-size team. Demonstrable people leadership skills.
• Excellent verbal and technical writing communication skills.
• Work experience in Information Security, Network Security, IT Security, Cybersecurity, IT Risk Management, or related role.

Expected salary:

Location: Makati City, Metro Manila

Job date: Mon, 27 Jan 2025 04:35:38 GMT

To help us track our recruitment effort, please indicate in your email/cover letter where (jobsnear.pro) you saw this job posting.Thanks&Good Luck