Security and Compliance Senior Manager
Enshored
Date: 2 days ago
City: Pasig City
Contract type: Full time
Enshored has been powering growth for disruptive brands and leading companies in the US and Europe since 2014. As part of Inc 5000 fastest-growing companies in the US, our commitment to pushing the extra mile helps our clients reach their business’ optimal growth potential, may it be from the ground up or by innovative transformation.
Our Team Is Composed Of Hand-picked Talented Individuals Adapted To Handle Themselves In a Balanced Environment Of Smart And Hard Work While Maintaining a Dynamic Relationship With Stakeholders, Leaders, And Team Members. Important Decisions Revolve Around The Guidance Of Our Core Values, Especially When Choosing The Right People
Don’t just take our word for it; experience the growth yourself!
If you don’t know where to start, check us out at www.enshored.com.
The Security and Compliance Manager will lead the organization's security and regulatory compliance strategies, ensuring the protection of digital assets, AI-driven systems, and sensitive data. This role requires cybersecurity, AI governance, regulatory compliance, and risk management expertise. The individual will implement security frameworks, ensure adherence to industry regulations, and mitigate risks associated with AI and data privacy.
Key Responsibilities
Security & Compliance Leadership
Develop and enforce security policies, procedures, and AI compliance frameworks.
Ensure compliance with industry standards such as ISO 27001, VAPT, GDPR, HIPAA, SOC 2, AI Act regulations, and other compliance requirements.
Conduct risk assessments and audits to identify vulnerabilities and recommend security enhancements.
Establish AI ethics and governance policies to ensure responsible AI deployment.
Prepare compliance reports, support audit processes, measure SOC performance metrics, and report on security incidents.
Support security audits, including follow-ups, documentation reviews, performance tests, tabletop exercises, and corrective action plans for identified risks.
AI Security & Risk Management
Implement AI security best practices, including adversarial attack defense, model robustness, and bias mitigation.
Assess risks related to AI-driven decision-making and data processing.
Develop frameworks to monitor AI security incidents and model performance.
Identify potential risks across finance, operations, compliance, cybersecurity, and other business areas.
Evaluate risk likelihood and impact using qualitative and quantitative analysis.
Develop policies, controls, and procedures to minimize security risks.
Threat Management & Incident Response
Continuously monitor for cyber threats using Security Information and Event Management (SIEM) tools.
Collect and analyze threat intelligence from various sources (e.g., logs, dark web monitoring, security vendors).
Stay updated on emerging threats, vulnerabilities, and attack techniques.
Conduct risk assessments to identify and classify security threats.
Perform vulnerability scans and penetration testing to uncover security gaps.
Collaborate with IT and security teams to patch vulnerabilities.
Investigate security alerts and determine their potential risks.
Prioritize incidents based on severity and impact.
Isolate affected systems to prevent threat propagation.
Apply remediation steps, such as disabling compromised accounts, blocking malicious IPs, and deploying security patches.
Develop AI-driven threat detection and anomaly detection systems for proactive security.
Conduct internal investigations to maintain organizational integrity and perform root cause analysis.
Lead incident response teams in case of security breaches and data leaks.
Implement AI-driven security automation tools to enhance defense mechanisms.
Data Privacy & Regulatory Compliance
Ensure AI models comply with global data protection laws, including GDPR, the California Consumer Privacy Act (CCPA), and the Philippine Data Privacy Act (PDPA).
Establish data governance policies for ethical AI and automated decision-making.
Conduct Privacy Impact Assessments (PIAs) for AI applications.
Training & Awareness
Define incident response plans, playbooks, and escalation procedures.
Train internal teams on risk management, AI security risks, and compliance requirements.
Conduct regular security awareness programs for employees and stakeholders.
Lead the company in the review and implementation of the Business Continuity Plan.
Conduct phishing simulations and security training for employees.
Educate employees on secure practices to prevent social engineering attacks.
Manage security training programs and support global teams in implementing best practices.
Technical Skills Requirement
Cybersecurity Expertise: Cloud security, endpoint security, encryption, Identity and Access Management, and zero trust.
AI & ML Security: AI model risk assessment, adversarial AI defense, explainability.
Regulatory Compliance: ISO 27001, VAPT, GDPR, HIPAA, AI Ethics guidelines.
Incident Response: Threat intelligence, SIEM tools, forensic analysis.
Risk Assessment & Audits: Penetration testing, vulnerability assessments.
Soft Skills Requirement
Strong leadership and decision-making abilities.
Quick Decision Making under pressure
Strong analytical and problem-solving abilities
Excellent communication and Management Team skills.
Ability to work in high-pressure environments and handle security crises.
Education & Experience
Bachelor’s/Master’s degree in Cybersecurity, Information Security, Computer Science, or related field.
Certifications Preferred: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Ethical Hacker (CEH), Certified Cloud Security Professional (CCSP), or AI-specific security certifications.
Experience: 10+ years in cybersecurity, risk Operations Management Team, or compliance; 3+ years in AI security.
About Enshored
Enshored is the leading outsourcer for start-ups. We’re here for the innovators, for the scalers. We’re here for the creators, for the makers, for the horizon scanners who saw it and then went out there and built it. We believe that when our people thrive, our clients thrive too. When we all thrive, the world becomes a better place.
At Enshored, this means: We support our people to achieve their potential and contribute to their best ability through structured learning and career development. We embrace diversity. We understand that people are all different and need different challenges. We don’t treat individuals as cogs in the machine. We provide the environment, tools, and support system to thrive.
Our Team Is Composed Of Hand-picked Talented Individuals Adapted To Handle Themselves In a Balanced Environment Of Smart And Hard Work While Maintaining a Dynamic Relationship With Stakeholders, Leaders, And Team Members. Important Decisions Revolve Around The Guidance Of Our Core Values, Especially When Choosing The Right People
- Grit. We never give up. We don't always know the answer, but we don't give up until we crack it. Sticking at it makes us stronger.
- Curiosity. We want to know you, what makes you tick and what it will take to help you grow.
- Learning. Learning is the key to mobility, growth, and transformation. It's a commitment. We're committed.
- Grace. The unconditional love for our fellow man. What is this world without love – merely a transactional scorecard of winners and losers. We don't want to reinforce that operating system. We are driving a paradigm shift to an infinite mindset where we start from the knowledge that there is plenty to go around.
- Honesty & Sincerity. Being true to ourselves. Being honest, being open, trustworthy and truthful. Sincerity provides depth to honesty, as our honesty at times can even betray us, as we all hide behind our deep pain and hurt.
- Integrity. Integrity is standing up for what we believe is right and living by our highest values.
Don’t just take our word for it; experience the growth yourself!
If you don’t know where to start, check us out at www.enshored.com.
The Security and Compliance Manager will lead the organization's security and regulatory compliance strategies, ensuring the protection of digital assets, AI-driven systems, and sensitive data. This role requires cybersecurity, AI governance, regulatory compliance, and risk management expertise. The individual will implement security frameworks, ensure adherence to industry regulations, and mitigate risks associated with AI and data privacy.
Key Responsibilities
Security & Compliance Leadership
Develop and enforce security policies, procedures, and AI compliance frameworks.
Ensure compliance with industry standards such as ISO 27001, VAPT, GDPR, HIPAA, SOC 2, AI Act regulations, and other compliance requirements.
Conduct risk assessments and audits to identify vulnerabilities and recommend security enhancements.
Establish AI ethics and governance policies to ensure responsible AI deployment.
Prepare compliance reports, support audit processes, measure SOC performance metrics, and report on security incidents.
Support security audits, including follow-ups, documentation reviews, performance tests, tabletop exercises, and corrective action plans for identified risks.
AI Security & Risk Management
Implement AI security best practices, including adversarial attack defense, model robustness, and bias mitigation.
Assess risks related to AI-driven decision-making and data processing.
Develop frameworks to monitor AI security incidents and model performance.
Identify potential risks across finance, operations, compliance, cybersecurity, and other business areas.
Evaluate risk likelihood and impact using qualitative and quantitative analysis.
Develop policies, controls, and procedures to minimize security risks.
Threat Management & Incident Response
Continuously monitor for cyber threats using Security Information and Event Management (SIEM) tools.
Collect and analyze threat intelligence from various sources (e.g., logs, dark web monitoring, security vendors).
Stay updated on emerging threats, vulnerabilities, and attack techniques.
Conduct risk assessments to identify and classify security threats.
Perform vulnerability scans and penetration testing to uncover security gaps.
Collaborate with IT and security teams to patch vulnerabilities.
Investigate security alerts and determine their potential risks.
Prioritize incidents based on severity and impact.
Isolate affected systems to prevent threat propagation.
Apply remediation steps, such as disabling compromised accounts, blocking malicious IPs, and deploying security patches.
Develop AI-driven threat detection and anomaly detection systems for proactive security.
Conduct internal investigations to maintain organizational integrity and perform root cause analysis.
Lead incident response teams in case of security breaches and data leaks.
Implement AI-driven security automation tools to enhance defense mechanisms.
Data Privacy & Regulatory Compliance
Ensure AI models comply with global data protection laws, including GDPR, the California Consumer Privacy Act (CCPA), and the Philippine Data Privacy Act (PDPA).
Establish data governance policies for ethical AI and automated decision-making.
Conduct Privacy Impact Assessments (PIAs) for AI applications.
Training & Awareness
Define incident response plans, playbooks, and escalation procedures.
Train internal teams on risk management, AI security risks, and compliance requirements.
Conduct regular security awareness programs for employees and stakeholders.
Lead the company in the review and implementation of the Business Continuity Plan.
Conduct phishing simulations and security training for employees.
Educate employees on secure practices to prevent social engineering attacks.
Manage security training programs and support global teams in implementing best practices.
Technical Skills Requirement
Cybersecurity Expertise: Cloud security, endpoint security, encryption, Identity and Access Management, and zero trust.
AI & ML Security: AI model risk assessment, adversarial AI defense, explainability.
Regulatory Compliance: ISO 27001, VAPT, GDPR, HIPAA, AI Ethics guidelines.
Incident Response: Threat intelligence, SIEM tools, forensic analysis.
Risk Assessment & Audits: Penetration testing, vulnerability assessments.
Soft Skills Requirement
Strong leadership and decision-making abilities.
Quick Decision Making under pressure
Strong analytical and problem-solving abilities
Excellent communication and Management Team skills.
Ability to work in high-pressure environments and handle security crises.
Education & Experience
Bachelor’s/Master’s degree in Cybersecurity, Information Security, Computer Science, or related field.
Certifications Preferred: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Ethical Hacker (CEH), Certified Cloud Security Professional (CCSP), or AI-specific security certifications.
Experience: 10+ years in cybersecurity, risk Operations Management Team, or compliance; 3+ years in AI security.
About Enshored
Enshored is the leading outsourcer for start-ups. We’re here for the innovators, for the scalers. We’re here for the creators, for the makers, for the horizon scanners who saw it and then went out there and built it. We believe that when our people thrive, our clients thrive too. When we all thrive, the world becomes a better place.
At Enshored, this means: We support our people to achieve their potential and contribute to their best ability through structured learning and career development. We embrace diversity. We understand that people are all different and need different challenges. We don’t treat individuals as cogs in the machine. We provide the environment, tools, and support system to thrive.
How to apply
To apply for this job you need to authorize on our website. If you don't have an account yet, please register.
Post a resumeSimilar jobs
Insurance Operations Specialist
MicroSourcing,
Pasig City
3 days ago
Discover your 100% YOU with MicroSourcing!Position: Insurance Operations SpecialistLocation: Ortigas, PasigWork setup & shift: Onsite | Day ShiftWhy join MicroSourcing?You'll HaveCompetitive Rewards: Enjoy above-market compensation, healthcare coverage on day one, plus one or more dependents, paid time-off with cash conversion, group life insurance, and performance bonuses.A Collaborative Spirit: Contribute to a positive and engaging work environment by participating in company-sponsored...
Engineering Technician - Pasig
Jollibee Group,
Pasig City
3 days ago
Title: Engineering Technician - PasigThe Engineering Technician is responsible for monitoring, executing, troubleshooting, and repairing of refrigeration system, compressed air system, power system, and steam system and preventive maintenance activities.Provides mechanical technical services necessary for the installation of production, utility, and other support equipment.Performs preventive maintenance, predictive maintenance, and condition monitoring regularly.Prepares written report and/or immediately refers to the supervisor...
Facilities Coordinator
NTT DATA, Inc.,
Pasig City
3 days ago
Make an impact with NTT DATAJoin a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive.Your day at NTT DATAThe Senior Facilities...
