431191 | Security Governance, Risk & Compliance (GRC) Specialist (FT) - #100874
Monroe Consulting Group
Date: 2 weeks ago
City: Pasig City, Metro Manila
Contract type: Full time
Executive recruitment firm Monroe Consulting Group Philippines is recruiting on behalf of the earliest and largest crypto platforms in Southeast Asia offering exchange and wallet services to users. Their product lineup also includes an electronic payment service and e-wallet where users can send money to anyone, pay for bills, shop online at over 100,000 merchants, receive money transfers from 200+ countries even without a bank account, and view and purchase cryptocurrencies.
- Define, manage, and update the company's information security policies, standards, and processes in coordination with different business functions to protect infrastructure, business-critical data, and customer information.
- Ensure policies are consistently applied across the company and monitor adherence to the defined governance principles to ensure that expected value is delivered.
- Serve as an SME on information security regulations and advise employees and management on information security requirements and recommendations.
- Plan and deliver security awareness training and other awareness activities to the company’s employees.
- Develop and enhance relationships with Business and Technology stakeholders to understand current challenges and establish a GRC framework to manage risk and compliance levels.
- Coordinate and execute IT / IS risk assessments and reviews, providing risk-based recommendations and tracking the implementation of risk mitigation to completion.
- Work with the Tech team to develop and test IT business contingency and disaster recovery plans.
- Liaise directly with Compliance and various backend Technology teams on regulator inspection, regulatory reporting, external audit, security certificate programs, and internal audit projects to ensure compliance with financial regulations.
- Coordinate and perform compliance activities and checks.
- Conduct and manage external security due diligence checks and 3rd security risk management program that covers onboarding to offboarding.
- Communicate and report to management, present security risks, and recommendations in Risk Management Committees (RMC).
- Manage and track the company's overall security program, projects, and KPIs against the defined security roadmap and framework.
- BS/MS in Computer Science / Cybersecurity with 5 years and above relevant experience in cyber security or information technology risk management in the banking / financial industry.
- Proven experience in running security compliance programs.
- Experience maintaining information security standards and regulations such as NIST CSF, PCI DSS, ISO27001, GDPR, Philippines BSP, MAS TRM, and other regulations.
- Excellent relationship-building and communication skills with the ability to engage people from diverse cultures and different levels.
- Strong stakeholder management skills, with regional experiences to leverage regional knowledge and resources.
- Excellent planning and organizational skills with an ability to meet tight deadlines.
- Good knowledge of cloud computing, networking, OS, and its security aspects.
- Proficient in English and Mandarin is a must to communicate with stakeholders from within the organization.
- CISSP, CISA, and CRISC certifications will be an added advantage.
What we Offer:
- Hybrid work set-up, with offices located in Ortigas, Pasig, and BGC.
- Friendly geo-distributed team of experienced professionals, who happily joined us after working in well-known IT/product companies and perspective startups.
- Work and collaborate effectively with cross-functional compact teams that are constantly improving their tools, pipelines, and working environment.
- Customer-driven development: We don't develop features without listening to our customers, each step makes the product more convenient, useful, secure, and reliable for our users.
- Professional growth: We invest time and money in your career by sponsoring IT conferences, courses, and training.
- Paid medical insurance, and technical equipment at choice.
- Paid Sick and Vacation Leaves upon regularization.
- Salary Budget: PHP 250,000.00 per month
- Work Set-up: Hybrid (Pasig City)
- Education Background: Graduate of Bachelor of Science in Information Technology/ Computer Science
- Years of Exp.: 5-8 years of Relevant experience
- Non-negotiable: Security Governance, Risk, & Compliance (GRC) experience