isecjobs.com

Information Security Governance, Risk and Compliance (GRC) specialist

Manila, Philippines

Full Time USD 24K - 56K *
Avaloq logo

Avaloq

Partner with a premium cloud banking software and service provider. Increase your efficiency and improve client experience.

View all jobs at Avaloq

Apply now Apply later

Company Description

Founded and headquartered in Switzerland, Avaloq is continuously expanding its global footprint with around 2,500 colleagues in 12 countries, and more than 160 clients in 35 countries. We are an industry-leading provider of wealth management technology and services for financial institutions around the world, including private banks and wealth managers, investment managers, as well as retail and neo banks. Our research led approach and continual innovation is powered by the passion and creativity of our colleagues.
We are always looking for talented people to join us on our mission to orchestrate the financial ecosystem and democratize access to wealth management. Avaloq offers the opportunity to work closely with some of the world’s leading financial institutions as we jointly develop and shape careers. Championing a collaborative, supportive and flexible work environment empowers our colleagues to reach their full potential.

Job Description

We are looking for a skilled Information Security Governance, Risk, and Compliance (GRC) Specialist to join the Avaloq CISO Governance team. The CISO Governance team is responsible for developing, implementing, and maintaining our organization's Information Security governance, risk management, and compliance programs. The ideal candidate has a deep understanding of information security practices, regulatory requirements, and risk management frameworks. The role is based in Manila.

Your key responsibilities

Your key responsibilities will include the following domains. You don't have to be an expert on everything, but you must be willing to learn!

  • Governance and Compliance
    • Participate in the development and maintenance of Avaloq's information security governance framework.
    • Lead and aid with compliance-related issues across stakeholders.
    • Work closely with internal and external audits, both to support the audit activities and to manage the remediation of findings.
    • Report to management and relevant stakeholders on compliance status and security governance effectiveness.
  • Policy Management
    • Provide guidance and assist in the drafting, revision, and implementation of security policies and procedures.
    • Monitor and evaluate the effectiveness of implemented policies and procedures.
    • Participate in regular policy reviews to ensure alignment with changing regulations and organizational objectives.
  • Security Risk Management
    • Conduct and guide risk assessments to identify potential security threats and vulnerabilities.
    • Conduct security assessment of third-party vendors to evaluate compliance with Avaloq’s security standards.
    • Monitor third-party compliance with agreements and performance against organizational benchmarks.
  • Awareness and Advocacy
    • Be an advocate for security among your colleagues.
    • Participate in the development and implementation of a comprehensive cybersecurity awareness program.
    • Craft engaging and informative security training materials for Avaloq employees.
    • Measure the effectiveness of employees' knowledge and competencies and adapt strategies based on feedback and trends.
    • Participate in internal security awareness activities such as new employee onboarding.
    • Stay updated with the latest developments in information security, risk management, and compliance.

Qualifications

  • Educational Background: A bachelor's degree in information technology, computer science, or a related field.
  • Professional Experience: 2-4 years of experience in a GRC-related role or relevant industry experience (e.g. IT auditing, financial regulatory, risk management).
  • Language skills: Professional proficiency in English is mandatory; proficiency in German or Italian is a plus.
  • Excellent analytical, problem-solving, and communication skills.
  • Ability to work independently and as part of a multi-cultural team.

It would be a real bonus if you have

  • Professional Certifications such as CRISC, CISSP, CISA, or GRCP.
  • Strong knowledge of regulatory requirements and industry standards such as ISO 27001, ISO 27005, DORA, MAS regulations, etc.
  • Knowledge of cloud security and related compliance concerns.

Additional Information

We realize that managing work life balance is a challenge we all face in our daily lives and in order to support with this we are pleased to offer hybrid and flexible working for most of our Avaloqers to maintain work life balance and still continue our fantastic Avaloq culture in our global offices. 

In Avaloq we are proud to embrace diversity and understand the success of our business is built on the power of different opinions, we are whole heartedly committed to fostering an equal opportunity environment and inclusive culture where you can be your true authentic self. 

We hire, compensate and promote regardless of origin, age, gender identity, sexual orientation or any other fantastic traits that make us all unique, we have done our best to write this advert in an inclusive and neutral way. 

Please be aware that we will not accept speculative CV submissions for any of our roles from recruitment agencies, and any unsolicited candidate submissions will be exempt from any payment expectations.  

 

#LI-Hybrid

Apply now Apply later
  • Share this job via
  • 𝕏
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  0  0  0
Category: Compliance Jobs

Tags: Audits CISA CISO CISSP Cloud Compliance Computer Science CRISC Governance ISO 27001 ISO 27005 Risk assessment Risk management Security assessment Vulnerabilities

Perks/benefits: Flex hours Salary bonus

Region: Asia/Pacific
Country: Philippines

More jobs like this

« Back to job search To the top ↑

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.

Penetration Tester jobsInformation Systems Security Officer jobsInformation Security Officer jobsInformation Security Specialist jobsSenior Cybersecurity Engineer jobsInformation System Security Officer jobsSenior Cyber Security Engineer jobsSecurity Consultant jobsSenior Network Security Engineer jobsPrincipal Security Engineer jobsIT Security Engineer jobsSenior Penetration Tester jobsSecurity Specialist jobsCyber Security Specialist jobsChief Information Security Officer jobsSenior Information Security Analyst jobsCloud Security Architect jobsInformation System Security Officer (ISSO) jobsStaff Security Engineer jobsCybersecurity Consultant jobsCyber Security Architect jobsIT Security Analyst jobsSecurity Operations Analyst jobsThreat Intelligence Analyst jobsSenior Product Security Engineer jobs
SaaS jobsEncryption jobsSDLC jobsMalware jobsRMF jobsGDPR jobsIDS jobsEDR jobsSplunk jobsIPS jobsForensics jobsSQL jobsBash jobsTop Secret jobsITIL jobsDoDD 8570 jobsFinance jobsOWASP jobsIntrusion detection jobsDocker jobsCompTIA jobsUNIX jobsTerraform jobsCRISC jobsTCP/IP jobs
Active Directory jobsSANS jobsThreat detection jobsPolygraph jobsClearance Required jobsGIAC jobsBanking jobsOSCP jobsVPN jobsJavaScript jobsSOAR jobsAnsible jobsData Analytics jobsHIPAA jobsSOX jobsCCSP jobsArtificial Intelligence jobsSOC 2 jobsDNS jobsJira jobsMITRE ATT&CK jobsIT infrastructure jobsMachine Learning jobsCISO jobsGCIH jobs