Security Governance & Compliance Specialist (R&D/Business)

Location: Maynila, Philippines

Thales people architect identity management and data protection solutions at the heart of digital security. Business and governments rely on us to bring trust to the billons of digital interactions they have with people. Our technologies and services help banks exchange funds, people cross borders, energy become smarter and much more. More than 30,000 organizations already rely on us to verify the identities of people and things, grant access to digital services, analyze vast quantities of information and encrypt data to make the connected world more secure.

Thales has been present in the Philippines since 2002, and continues to support the country’s big ambitions in the aerospace, defence and digital security sectors. As a committed partner to the country, Thales works closely with key Filipino partners in the areas of digital identity and security, air traffic management and defence, where its technologies and services supplied Digital Identity & Security business lie at the heart of modern life, from payment to enterprise security and the internet of things. Thales employs a workforce of close to 200 employees in the Philippines, across two facilities in Manila and Laguna.

The Security Governance & Compliance Specialist is responsible for ensuring the security of all aspects of personnel, physical and IT security at all DIS Makati R&D and Business activities as well as related topics in the region as needed. This position is also required to provide technical consultation, guidance, training and assistance to users with reference to security policy clarification and remediation, as required.

• DIS Makati Security Governance & Compliance Specialist (R&D/BU) needs to coordinate closely with Asia  
• Business Security & Compliance Manager to ensure actions/plans align with Thales DIS security roadmap and participate in security audits both internally and externally.

The role will interface with peers in Asia Security team, Asia IT Security team and with business users (R&D, GGS, Sales, Technical Consultant, etc), to share the DIS Central security vision and to solicit their involvement in achieving high levels of enterprise security through information sharing and co-operation, manage DIS R&D / Business security risks through explicit management control and meet customers’ expectations for Information Security.

Missions and Responsibilities :

At DIS Makati R&D and Business activities as well as related business security and compliance at all regional sites as needed.

• Acting in accordance with the DIS Central Security Management System and DIS Central Security Policy to manage all aspects of R&D SW Development Security, IT Security, Personnel Security and Physical Security
• Develop and maintain the Site Security Management System (SMS) to fulfill the regulatory requirements and ensure that an adequate level of security is enforced in all software development and new business activities.
• Provide vision to management and take necessary steps to measure propose thesecurity controls needed to protect information and assets as well as information that has been entrusted to Thales DIS by third parties and customers.
• Enforce implementation of Thales DIS security policies effectively identify, evaluate, monitor, report and mitigate security risks
• Enforce R&D security compliance in the area of source code management, change management and configuration management with Asia IT Security team.
• Proactively monitoring and manage physical security management system, such as Access Control System, Alarm System and CCTV system on daily basis.
• Conduct Physical & Logical security audit internally and complete corrective actions within stipulated timeline.
• Initiates, facilitates and promotes activities to raise security awareness for employees, vendors and other stakeholders as required.
• Conduct physical and logical security assessments and evaluate new security threats and assess their impacts to Thales DIS information assets.
• Ensure R&D center security level compliance with security standards from both DIS Central internal audit and external audit.
• Coordinate with Asia IT Security team and ensure that firewall rule reviews, antivirus management, vulnerability management and patch management are timely performed with systems free of “Critical” issues.
• Coordinate with Asia IT Security team and perform regular checks on R&D systems to eliminate blacklisted software and ensure compliance with Thales DIS Software Policy.
• To formulate security audit plan with Asia Regional Security Manager and perform internal audits of all Makati DIS R&D & Business activities as needed.
• Manage and coordinate with Security supplier, supervise service level and ensure the compliance with service contract.
• Liaise with contractor(s) working on security equipment and ensure the contractual conformity of their performances.

Required Education/Certificate:

• Bachelor’s Degree (IT / Security / Computer Science) or equivalent.
• Appropriate Security Qualifications or Certifications such as CISSP, CISM, CISA and/or other IT security related certification is a plus

Working Experience: 

• 3-5 Years of IT / Security Operations Experience with Physical security operations in managing access controls systems, CCTVs, alarms etc.
• Broad experience of IT going beyond individual components (hardware, software, network, etc.)
• Hands on experience in security solution implementations

Technical Skills:

• Knowledge of software development process and related risks
• Experience in implementation and monitoring security policies
• Ability to investigate and identify root cause of security incidents.
• Trainer experience is a plus.

Personnel Skills:

• Must be a self-starter, with limited supervision and be able to work effectively in a challenging business environment.
• Good analytical, presentation and reporting skills
• Possess strong self-responsibility and teamwork skills.
• Strong interpersonal and communication skills required.
• Ability to liaison and communicate with all levels of people.
• Independent, approachable and analytical; and

Language:

• Fluent in spoken and written English and regional languages if any would be an advantage.

At Thales we provide CAREERS and not only jobs. With Thales employing 80,000 employees in 68 countries our mobility policy enables thousands of employees each year to develop their careers at home and abroad, in their existing areas of expertise or by branching out into new fields. Together we believe that embracing flexibility is a smarter way of working. Great journeys start here, apply now!