Jobs
Security Bank logoSecurity Bank

Infosec Risk Manager

About Security Bank

We are the Philippines' largest independent bank, having won countless awards over the years, including Philippines' Top Employer, named by Statistica, and Best Bank for Diversity and Inclusion, awarded by Asiamoney.​​

We’re changing how people bank. From the moment customers enter our branches to their experience online, we make them feel valued and empowered.​​Now, with more than 300+ branches nationwide, BetterBanking has become the gold standard in improving the banking lives of millions of Filipinos. But we’re far from done.​

In our constant pursuit of excellence and improvement, we create teams that support our business and each other. 

About the role:

The InfoSec Risk Manager is responsible for assessing, mitigating, reporting and preventing enterprise risks that are related to the information system through governance, compliance and regulation. S/He also provides guidance and recommendations in mitigating identified risks based on the Bank’s security requirements.

  • Performs reviews of the Security Standards for Pre-Deployed Information Systems (SSPIS), which includes performing security assessments of new and/ or existing application systems.
  • Conducts security reviews, risk analysis, and controls assessment in adherence to security policy.
  • Performs document reviews and provides guidance in creating and updating the documents for the Implementation Guidelines, Policies and Standards.
  • Facilitates accomplishment of the Third-Party Questionnaires, which includes gathering information and providing valid and accurate responses.
  • Provides guidance and recommendations on items related to Information Security; Works with related departments and coordinate conference calls for risk remediation, technical discussion or any events that requires touch point and participation of the team.
  • Supports a positive and collaborative digital delivery culture with a philosophy of continuous improvement, development, innovation and excellence, while remaining in compliance with the bank’s policies and procedures and upholding the highest standards of professional conduct

What we’re looking for

  • Strong knowledge of risk management methodologies and frameworks, such as NIST, ISO 27001/2, COBIT, and FAIR.
  • Strong project management skills, with the ability to coordinate cross-functional teams to deliver complex projects.
  • Understanding of regulatory requirements, such as PCI DSS, HIPAA, and other privacy and security laws.
  • In-depth understanding of information security principles, such as confidentiality, integrity, availability, and non-repudiation.
  • Knowledge of security technologies such as firewalls, intrusion detection/prevention systems, and encryption.
  • Knowledge of cloud security, network security, endpoint security, and security operations.
  • Knowledge of incident response and business continuity planning.
  • Understanding of threat intelligence and cyber threat analysis.

Cyber Security Jobs by Category

Full Time jobsManager jobsIncident Response jobs

Cyber Security Salaries

Full Time SalaryManager SalaryIncident Response Salary