Job Title:
Manager, Governance, Risk and Compliance
Job Description
We're Concentrix. The intelligent transformation partner. Solution-focused. Tech-powered. Intelligence-fueled.
The global technology and services leader that powers the world's best brands, today and into the future. We're solution-focused, tech-powered, intelligence-fueled. With unique data and insights, deep industry expertise, and advanced technology solutions, we're the intelligent transformation partner that powers a world that works, helping companies become refreshingly simple to work, interact, and transact with. We shape new game-changing careers in over 70 countries, attracting the best talent.
In our Information Technology and Global Security team, you will deliver the latest technology infrastructure, transformative software solutions and industry-leading global security for our staff and clients. You will work with the best in the world to design, implement and strategize IT, security, application development, innovation, and solutions in today's hyperconnected world. You will be part of the technology team that is core to our vision of develop, build and run the future of Integrated Services.
Our game-changers around the world have devoted their careers to ensuring every relationship is exceptional. And we're proud to be recognized with awards such as World's Best Workplaces, Best Companies for Career Growth, and Best Company Culture, year after year.
We embrace our game-changers with open arms, people from diverse backgrounds, who are curious and willing to learn. Your natural talent to help others and go beyond WOW for our customers will fit right in with what we do and who we are.
Join us and be part of this journey towards greater opportunities and brighter futures.
The Manager, Governance, Risk & Compliance (GRC) leads information security risk management and client assurance activities across multiple client accounts and regions. This role is accountable for overseeing audits, assessments, and remediation programmes while managing and developing a team of GRC Specialists. The Manager serves as a trusted advisor to internal leaders and client stakeholders, ensuring regulatory, contractual, and client security requirements are met through strong governance, proactive risk management, and clear executive reporting.
Key Responsibilities
Risk Management & Governance
- Provide leadership oversight of information security and compliance risk assessments across client programmes and internal functions.
- Govern core GRC artefacts, including risk registers, control frameworks, exceptions, and risk acceptances.
- Translate regulatory, contractual, and client security requirements into scalable, auditable control expectations.
- Advise senior stakeholders on risk prioritization, materiality, and risk‑business trade‑offs.
- Complete all assigned, mandatory training within the timeframe provided
- Conduct and/or participate in regularly scheduled 1:1 meetings with direct manager and/or direct reports
Client Assurance
- Act as the senior escalation point for client security audits, assessments, and due diligence activities.
- Oversee end‑to‑end delivery of client assurance engagements, ensuring quality, consistency, and on‑time completion.
- Review and approve complex or high‑risk client assurance responses and evidence submissions.
- Ensure effective governance of client‑driven findings through remediation tracking and executive escalation.
Audit, Monitoring & Remediation
- Lead responses to internal and external audits, maintaining audit readiness and consistent narratives.
- Establish and oversee proactive monitoring to identify control failures, emerging risks, and compliance gaps.
- Provide leadership oversight for security incidents and investigations, ensuring effective root cause analysis and remediation.
- Drive systemic improvements to controls, processes, and governance models to prevent recurring issues.
People Leadership & Stakeholder Engagement
- Lead, coach, and develop a team of GRC Specialists through performance management, mentoring, and capability building.
- Produce clear, executive‑level risk reporting on posture, trends, and remediation status.
- Partner with Client Security leadership, IT, Operations, Privacy, Legal, and other stakeholders to ensure aligned priorities and timely execution.
Qualifications
Required
- 8-10 years of experience in information security, governance, risk, compliance, audit, or client assurance.
- Demonstrated experience leading audits, security assessments, and remediation programmes.
- Strong knowledge of common security and compliance frameworks (e.g., ISO/IEC 27001, NIST, SOC 2, PCI DSS).
- Proven ability to communicate complex risk topics to executive and non‑technical audiences.
- Experience managing competing priorities across multiple clients, regions, or regulatory environments.
- Prior people‑management or team‑leadership experience.
Preferred
- Bachelor's degree in Information Security, Risk Management, Business, or a related field (or equivalent experience).
- Professional certifications such as CISSP, CISM, CISA, CRISC, HCISPP, or IAPP credentials.
- Experience with GRC tools, audit platforms, or evidence management systems.
Location:
PHL Cebu City - 17th and 19th floors, Central Bloc Corporate Center 1
Language Requirements:
Time Type:
Full time
