As an
Information Security Risk Manager you are responsible for helping ensure that SBC's Information Security policies and procedures align with all relevant regulation and company values. S/He helps to facilitate the wider team's understanding of their compliance responsibilities under the relevant regulations and company values and how to best achieve these. Further, s/he supports the assessment of SBC's compliance with regulatory requirements regarding information / cyber security and technology risks.
How You'll Contribute
- Continuously develops and improve the standards and practices of information /cyber security and technology risk management via procedures updates, issue management, risk assessment, risk monitoring and reporting.
- Ensures that all information / cyber security and technology risk management standards are up to date and relevant to the current threat and vulnerability landscape to ensure continuous compliance with BSP and other regulatory bodies
- Assesses, dimensions, and interprets individual, aggregate, and emerging information / cyber security and technology risks using risk analysis to provide meaningful reports to the Risk Oversight Committee via the Information Security Risk Management Committee
- Provides guidance to business and support units on matters related to information / cyber security and technology risk with a philosophy of continuous improvement and excellence, while remaining in compliance with the Bank's policies and procedures and upholding the highest standards of professional conduct
- Collaborates closely with Information Technology, IT Security, Compliance, Internal Audit and senior management to provide inputs to key decision-making activities such as committee deliberations on products, process, projects, incidents, crises and other matters relevant to information / cyber security and technology risk
What We're Looking For
- Must be a Bachelor's Degree holder in Information Technology, Accountancy or any related course.
- With at least 5 years of experience from the banking or financial services industry, preferably in risk management or audit or quality assurance
- Demonstrate deep knowledge of operational risk management frameworks and risk governance standards such as Basel, COSO, etc, as well as BSP regulations related to operational risk management.
- Deep knowledge of control frameworks (NIST, PCI-DSS, ISO, etc.) and the ability to design and evaluate effectiveness of controls embedded within business processes.
- Experience in risk assessment reviews
- Able to evaluate complex information and make strategic decisions based on data
About Security Bank
Security Bank is one of the Philippines best capitalized private domestic universal banks.
Established in 1951 and publicly listed with the Philippine Stock Exchange (PSE:SECB) in 1995, our major businesses cover retail, corporate, commercial, and business (MSME) banking.
We're recognized as an Employer of Choice in Philippine banking by various award giving bodies for our values-based culture, industry-leading engagement and benefits, and commitment to work-life balance.
Most recently, we ranked as the #2 best employer in the Philippines and #54 globally on the prestigious Forbes World's Best Employers 2023 list.
At Security Bank, our approach to Human Capital Management (HCM) is embodied by our Employee Value Proposition (EVP): YOU matter.
