Job description: About the job Lead, Governance, Risk & Compliance (GRC)JOB PURPOSE:
The Lead – Governance, Risk & Compliance (GRC) will serve as a critical member of the GRC department within the Governance & Assurance Division, reporting directly to the Head of GRC.
This role is responsible for executing information security governance, risk management, and compliance initiatives, ensuring the organization’s adherence to industry standards and regulatory requirements.
DUTIES & RESPONSIBILITIES:
Governance Excellence
Implement and enhance information security governance frameworks in alignment with organizational objectives.
Drive initiatives to establish and maintain effective IS governance structures, ensuring clarity and accountability.
Risk Management
Lead the identification, assessment, and prioritization of information security risks and performance metrics.
Develop and implement risk management action plans to safeguard organizational assets and information.
Compliance Oversight
Ensure adherence to relevant regulatory requirements and industry standards through periodic monitoring.
Conduct periodic compliance audits and assessments, providing actionable recommendations for improvement.
Policy Development and Implementation
Develop, update, and communicate information security policies and standards.
Ensure comprehensive understanding and adherence to established policies across the organization.
Training and Awareness
Implement programs to educate and raise awareness among staff regarding information security policies and best practices.
Collaborate with the training department to design targeted security awareness training sessions.
Incident Response Coordination
Collaborate with the incident response team to ensure seamless integration of GRC initiatives into incident response planning.
Assist in the development and maintenance of incident response plans related to governance and compliance
QUALIFICATIONS:
BS/BA in ICT, Computer Science, any related field and equivalent work experience
At least (2) Professional Security certifications (e.gs., CISSP, CISM)
PCI-DSS, ISO27001, NIST Cybersecurity Framework, Data Privacy program implementation experience
Experience working in security at a banking industry or similar environment
Must have experience in managing small to mid-size team. Demonstrable people leadership skills.
Excellent verbal and technical writing communication skills.
Work experience in Information Security, Network Security, IT Security, Cybersecurity, IT Risk Management, or related role.
Expected salary:
Location: Makati City, Metro Manila
Job date: Mon, 27 Jan 2025 04:35:38 GMT
To help us track our recruitment effort, please indicate in your email/cover letter where (jobsnear.pro) you saw this job posting.Thanks&Good Luck