Banner Default Image

Security Governance, Risk, & Compliance (GRC) Manager

Back to job search

Security Governance, Risk, & Compliance (GRC) Manager

  • Location:

    City of Taguig

  • Sector:

    Monroe Information Technology

  • Job type:

    Permanent

  • Salary:

    Negotiable

  • Contact:

    Mikko Jose Perez

  • Contact email:

    mikko.perez@monroeconsulting.com.ph

  • Job ref:

    BBBH437255_1707362246

  • Published:

    25 days ago

  • Expiry date:

    2024-02-15

Executive recruitment firm Monroe Consulting Group Philippines is recruiting on behalf of the earliest and largest crypto platforms in Southeast Asia offering exchange and wallet services to users. Their product lineup also includes electronic payment service and e-wallet where users can send money to anyone, pay for bills, shop online at over 100,000 merchants, receive money transfers from 200+ countries even without a bank account, and view and purchase cryptocurrencies.
Job Responsibilities:

  • Define, manage and update company's information security policies, standards, and processes in coordination with different business functions to protect infrastructure, business-critical data and customer information
  • Ensure policies are consistently applied across company and monitor adherence to the defined governance principles to ensure expected value is delivered
  • Serve as a SME on information security regulations and advise employees and management on information security requirement and recommendations
  • Plan and deliver security awareness trainings and other awareness activities to the company's employees
  • Develop and enhance relationships with Business and Technology stakeholders to understand current challenges and establish a GRC framework to manage risk and compliance levels
  • Coordinate and execute IT / IS risk assessments and reviews, providing risk-based recommendation and track the implementation of risk mitigation to completion
  • Work with Tech team to develop and test IT business contingency and disaster recovery plans
  • Liaise directly with Compliance and various backend Technology teams on regulator inspection, regulatory reporting, external audit, security certificate programs, and internal audit projects to assure compliance with financial regulations
  • Coordinate and perform compliance activities and checks
  • Conduct and manage external security due diligence checks and 3rd security risk management program that covers onboarding to off boarding
  • Communicate and report to management, present security risks and recommendations in Risk Management Committees (RMC)
  • Manage and track the company overall security program, projects and KPIs against the defined security roadmap and framework


Job Qualifications:

  • BS/MS in Computer Science / Cybersecurity with 5 years and above relevant experience in cyber security or information technology risk management in the banking / financial industry
  • Proven experience in running security compliance programmes
  • Experience maintaining information security standards and regulations such as NIST CSF, PCI DSS, ISO27001, GDPR, Philippines BSP, MAS TRM and other regulations
  • Excellent relationship building and communication skills with the ability to engage people from diverse cultures and different levels
  • Strong stakeholder management skills, with regional experiences to leverage on regional knowledge and resources
  • Excellent planning and organizational skills with an ability to meet tight deadlines
  • Good knowledge of cloud computing, networking, OS and its security aspects
  • Proficient in English and Mandarin is a must to communicate with stakeholders from within the organisation
  • CISSP, CISA, CRISC certifications will be an added advantage