IT Risk Management Lead

Do you want to take the first step in making Filipinos’ lives better everyday? Here in GCash we want to stay at the forefront of the FinTech industry by creating innovative, meaningful, and convenient financial solutions for the nation! G ka ba? Join the G Nation today!

RESPONSIBILITIES

• Design, develop, implement, and maintain simplified information security risk assessment approach and framework that enable effective oversight and regular reporting including a consistent way to identify and assess risks and communicate them with relevant stakeholders.
• Conduct enterprise-wide information security assessment exercises with the concerned stakeholders
• Work with the concerned stakeholders to determine and document the top risks and critical threats.
• Ensure that security controls, checkpoints, relevant assurance processes are embedded throughout the lifecycle of information, systems, applications, products, services.
• Establish and maintain a highly skilled and equipped information security assessment team capable of providing sound consulting and advisory services to the business and operations.
• Liaise and work with process owners and other stakeholders to support conduct of security risk assessments and ensure that risk mitigation strategies are identified and implemented.
• Manage reporting, communication and documentation of the assessments conducted.
• Perform other security related assessments and reviews covering management systems, organizational controls, technical and physical security measures to ensure that safeguards are adequate to protect the business and mitigate risks.

QUALIFICATIONS

• With experience in handling Information security risk assessment of production applications including access, network, and IT infrastructure components, or equivalent work experience.
• 3+ years of work experience in Information Security, IT Security, Cybersecurity, IT Risk Management, or related role
• Outstanding communication skills with the ability to clearly articulate complex issues.
• Knowledge on PCI-DSS, ISO27001, NIST Cybersecurity Framework, Data Privacy and other information security related standards program implementation experience.
• Professional Security certifications (e.gs., CISSP, CISM, CISA)is a plus.

What We Offer

Opportunity for career growth and development in the #1 FinTech company in the country Working with a dynamic and highly collaborative team who want to change the game A company that values their people with highly competitive and flexible compensation and benefits package