Pasig City, Philippines

Senior Analyst, Information Security Governance, Risk and Compliance

Full-time / part-time
Full-time
Level
Mid-Senior Level
Department
Risk & Compliance
Address
Ortigas Center
Pasig City
Philippines

Job description

We need your expertise and knowledge in providing second line support for all aspects of the Group’s Information Security strategy and arrangements encompassing cultural, physical and technology elements throughout the business, with the primary focus being on Info Sec programme governance and oversight.

Working as part of the Group Risk and Compliance department, the second line Info Sec team interact regularly with the first line IT Security team, providing oversight, challenge and validation of operational controls and procedures. The role holder will work closely with business and technology teams to help articulate and communicate the Info Sec governance programme, identify risks and threats, and evaluate and help implement controls and improvements.

This role is critical for us to maintain our ISO 27001 certification as it applies to the Philippines jurisdiction. Providing training and awareness programme including ownership of the compliance process and assessing the threat landscape to developing the content and publication of training materials through corporate channels

You will periodically do security testing activities (e.g. penetration testing, DR exercises) and manage response activities as well as assisting the audit and client management aspects of the Info Sec team, you will need to help design more effective procedures in creating and facilitating the due diligence questionnaires.

Qualifications

Education / professional qualifications

·         3+ years of Information Security experience.

·         Relevant industry certification (e.g. CISSP, CISM, ISO 27001 LA, etc.) highly desirable.

 

Background experience

·         Recent experience of working in a similar capacity, preferably in a financial services organisation.

 

Technical

·         Excellent knowledge of methodologies, processes and tools associated with supporting this function effectively.

 

Computer / program knowledge

·         Experience configuring and managing security operations toolsets.

·         Comfort working with Risk Management platforms.

·         Expertise in standard Microsoft Office products.

 

Company, product and market knowledge

·         Excellent knowledge of the Information Security industry, preferably as it is applied in global financial services organisations.

Management and leadership

·         Must possess the ability to positively influence others without having direct management responsibility.

 

Languages

·         Fluent in English.

 

Additional information

At IQ-EQ we want you to reach your full potential. We offer an inclusive and diverse environment to support your career aspirations. With a strong emphasis on continuous learning and a holistic approach to your professional and personal development. We also offer opportunities across our service lines and our international network of offices.  

Company description

IQ-EQ is a leading Investor Services group which combines global expertise with an unwavering focus on client service delivery. We support fund managers, global companies, family offices and private clients operating worldwide.

Apply now

To apply, please enter your details into the below form. If you experience any issues with this form, please click here to apply via our provider SmartRecruiters directly.

Personal
CV
Allowed document formats are PDF, Word, RTF, JPG or PNG. Maximum file size 2MB.
Current
Do you have the right to work in the location of the vacancy?

If you haven't uploaded a CV, please detail your experience and education.

Experience
Education