17 Security Governance jobs in the Philippines
Senior Manager, SAP Basis Security Governance
Procter & Gamble
Posted 6 days ago
Job Viewed
Job Description
Job Location
MANILA NET PARK OFFICE
Job Description
We are seeking a highly skilled and experienced professional to assume the role of Senior Manager, SAP Basis Security Governance. In this strategic position, you will support our SAP systems' "second line of defense" activities, ensuring compliance, risk management, vulnerability management, and control effectiveness across the entire SAP ecosystem, including the platform, database, and operating system. You will be responsible for establishing P&G's SAP Security Risk and Compliance Management framework, including controls monitoring and automation. Your expertise will be crucial in maintaining the integrity of our SAP landscape and supporting the organization's overall risk management framework. The SAP Security Governance Team oversees, assesses, and manages risk and compliance activities, develops and deploys the Risk and Compliance Management framework, and serves as an expert in the SAP Risk and Compliance domain.
In your role, you will govern key access management, technology controls, hardening, business continuity, resilience, and cybersecurity efforts in collaboration with the Director of SAP Security Second Line of Defense. You will play a critical role in ensuring the integrity, confidentiality, and availability of our SAP systems by governing the design and implementation of robust security measures, managing SAP vulnerabilities, and ensuring compliance with relevant regulations and standards. Additionally, you will help develop vulnerability remediation and risk management processes, help establish SAP security baseline and oversee its implementation. This role requires strategic partnerships with first line of defense teams, internal stakeholders, and external partners to design, adopt, and integrate effective controls while promoting control automation. The ideal candidate will possess in-depth working knowledge of Basis architecture, industry trends, standards, and proficiency with the latest cybersecurity tools and processes, contributing to a secure and efficient SAP environment that supports our business processes and objectives.
Job Responsibilities
+ Provide technical governance and is responsible for reviewing and further evolving best practices, polices, standards, framework, guidelines and approach
+ Contributes to IT project governance reviews and provides the necessary application governance in support of our standards
+ Support the SAP Security Strategy and Governance Framework on an operational level, acting as both a controls framework specialist and control monitoring / automation tool specialist, supporting security related tasks across lines of defense
+ Support the development, deployment, and continuous improvement of SAP risk management strategies and frameworks.
+ Enforce compliance with relevant industry standards, regulations, and internal IT policies related to SAP systems.
+ Work closely with internal audit teams to ensure SAP-related audits are conducted effectively and timely, addressing any findings or deficiencies.
+ Design and implement robust control frameworks for SAP processes, collaborating with process owners and IT teams to ensure controls are practical and effective.
+ Deliver and maintain incident response plans for SAP systems, ensuring the organization is prepared to address potential security breaches or operational disruptions.
+ Establish proper governance to control and proactively spot problems, vulnerabilities, and changes in the underlying systems' risk profile.
+ Help application, product, and information owners understand the overall risk profile so that the proper controls may be introduced.
+ Proactively identify, assess, and manage inherent risks in our system and promote a risk-mitigating culture.
+ Identify threats, risks, vulnerabilities, and relevant mitigation methods to support risk decisions and carry out security risk assessment operations.
+ Stay up to date with SAP security trends, patches, and vulnerabilities to ensure the protection of SAP environments.
+ Recommend improvements to security policies, role configurations, and user access processes.
+ Foster strong working relationships with various customers, including IT, finance, legal, compliance, and external auditors, to align SAP second line of defense activities with broader organizational objectives.
+ Support Director of SAP Security Governance: Risk and Compliance Management and be a part of a high-performing team responsible for SAP risk management, controls, and compliance activities.
+ Support Director of SAP Security Governance: Risk and Compliance Management communicate risks and outages up to management and across lines of defense for remediation.
Job Qualifications
Required
+ Bachelor's degree in business, Information Systems, or a related field
+ Extensive experience (5+ years) in Audit, risk management, internal controls, compliance, or a related field, focusing on SAP systems.
+ Extensive and broad-based experience and expertise with all stacks of SAP infrastructure and Application stack with demonstrated understanding of SAP Security, Risk, and compliance control within a large and diverse enterprise environment or business community.
+ Knowledge of SAP Automation Tools such as; SAP Focus Run, SAP Solution Manager, Security Weaver, Security Bridge.
+ Solid understanding of SAP processes, modules, and configurations, including ECC, S/4HANA, BTP, SAP Platform Basis, HANA DB, Integration, OS, and related technologies.
+ Proficient in SAP security administration, encompassing OS and HANA database environments, including knowledge of authorization concepts, deployment, and implentation of security controls, conducting audits and vulnerability assessments, alignment to standard methodologies, user management, fix, collaboration with multi-functional teams, and risk mitigation.
Preferred
+ Master's degree preferred in business, Information Systems, or a related field.
+ Ideally, knowledge of the P&G information security framework and the SAP Enterprise Security Control Framework
+ Demonstrable record of accomplishment of leading and managing multi-functional teams, fostering collaboration, and achieving results.
+ Identifying key risks and controls, knowledge of Sarbanes Oxley readiness controls optimization, and configuring controls around security, business process, and within the GRC modules.
+ Knowledge of IT SAP security tools such as code scanners, GRC tools, or tools for SAP SoD monitoring.
+ Relevant certifications such as Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), SAP HANATEC or equivalent are a plus. Experience in working with regulatory requirements and industry standards (e.g., SOX, GDPR) about SAP systems.
+ Knowledge of the NIST cybersecurity framework.
+ Traditional/waterfall and agile project management skills, strong analytical and problem-solving abilities, with keen attention to detail
+ Leading teams to generate a vision, establish direction and motivate members, create an atmosphere of trust, leverage diverse views, coach staff, and encourage improvement and innovation.
About us
We produce globally recognized brands and we grow the best business leaders in the industry. With a portfolio of trusted brands as diverse as ours, it is paramount our leaders are able to lead with courage the vast array of brands, categories and functions. We serve consumers around the world with one of the strongest portfolios of trusted, quality, leadership brands, including Always®, Ariel®, Gillette®, Head & Shoulders®, Herbal Essences®, Oral-B®, Pampers®, Pantene®, Tampax® and more. Our community includes operations in approximately 70 countries worldwide.
Visit to know more.
We are an equal opportunity employer and value diversity at our company. We do not discriminate against individuals on the basis of race, color, gender, age, national origin, religion, sexual orientation, gender identity or expression, marital status, citizenship, disability, HIV/AIDS status, or any other legally protected factor.
Job Schedule
Full time
Job Number
R000128020
Job Segmentation
Experienced Professionals (Job Segmentation)
MANILA NET PARK OFFICE
Job Description
We are seeking a highly skilled and experienced professional to assume the role of Senior Manager, SAP Basis Security Governance. In this strategic position, you will support our SAP systems' "second line of defense" activities, ensuring compliance, risk management, vulnerability management, and control effectiveness across the entire SAP ecosystem, including the platform, database, and operating system. You will be responsible for establishing P&G's SAP Security Risk and Compliance Management framework, including controls monitoring and automation. Your expertise will be crucial in maintaining the integrity of our SAP landscape and supporting the organization's overall risk management framework. The SAP Security Governance Team oversees, assesses, and manages risk and compliance activities, develops and deploys the Risk and Compliance Management framework, and serves as an expert in the SAP Risk and Compliance domain.
In your role, you will govern key access management, technology controls, hardening, business continuity, resilience, and cybersecurity efforts in collaboration with the Director of SAP Security Second Line of Defense. You will play a critical role in ensuring the integrity, confidentiality, and availability of our SAP systems by governing the design and implementation of robust security measures, managing SAP vulnerabilities, and ensuring compliance with relevant regulations and standards. Additionally, you will help develop vulnerability remediation and risk management processes, help establish SAP security baseline and oversee its implementation. This role requires strategic partnerships with first line of defense teams, internal stakeholders, and external partners to design, adopt, and integrate effective controls while promoting control automation. The ideal candidate will possess in-depth working knowledge of Basis architecture, industry trends, standards, and proficiency with the latest cybersecurity tools and processes, contributing to a secure and efficient SAP environment that supports our business processes and objectives.
Job Responsibilities
+ Provide technical governance and is responsible for reviewing and further evolving best practices, polices, standards, framework, guidelines and approach
+ Contributes to IT project governance reviews and provides the necessary application governance in support of our standards
+ Support the SAP Security Strategy and Governance Framework on an operational level, acting as both a controls framework specialist and control monitoring / automation tool specialist, supporting security related tasks across lines of defense
+ Support the development, deployment, and continuous improvement of SAP risk management strategies and frameworks.
+ Enforce compliance with relevant industry standards, regulations, and internal IT policies related to SAP systems.
+ Work closely with internal audit teams to ensure SAP-related audits are conducted effectively and timely, addressing any findings or deficiencies.
+ Design and implement robust control frameworks for SAP processes, collaborating with process owners and IT teams to ensure controls are practical and effective.
+ Deliver and maintain incident response plans for SAP systems, ensuring the organization is prepared to address potential security breaches or operational disruptions.
+ Establish proper governance to control and proactively spot problems, vulnerabilities, and changes in the underlying systems' risk profile.
+ Help application, product, and information owners understand the overall risk profile so that the proper controls may be introduced.
+ Proactively identify, assess, and manage inherent risks in our system and promote a risk-mitigating culture.
+ Identify threats, risks, vulnerabilities, and relevant mitigation methods to support risk decisions and carry out security risk assessment operations.
+ Stay up to date with SAP security trends, patches, and vulnerabilities to ensure the protection of SAP environments.
+ Recommend improvements to security policies, role configurations, and user access processes.
+ Foster strong working relationships with various customers, including IT, finance, legal, compliance, and external auditors, to align SAP second line of defense activities with broader organizational objectives.
+ Support Director of SAP Security Governance: Risk and Compliance Management and be a part of a high-performing team responsible for SAP risk management, controls, and compliance activities.
+ Support Director of SAP Security Governance: Risk and Compliance Management communicate risks and outages up to management and across lines of defense for remediation.
Job Qualifications
Required
+ Bachelor's degree in business, Information Systems, or a related field
+ Extensive experience (5+ years) in Audit, risk management, internal controls, compliance, or a related field, focusing on SAP systems.
+ Extensive and broad-based experience and expertise with all stacks of SAP infrastructure and Application stack with demonstrated understanding of SAP Security, Risk, and compliance control within a large and diverse enterprise environment or business community.
+ Knowledge of SAP Automation Tools such as; SAP Focus Run, SAP Solution Manager, Security Weaver, Security Bridge.
+ Solid understanding of SAP processes, modules, and configurations, including ECC, S/4HANA, BTP, SAP Platform Basis, HANA DB, Integration, OS, and related technologies.
+ Proficient in SAP security administration, encompassing OS and HANA database environments, including knowledge of authorization concepts, deployment, and implentation of security controls, conducting audits and vulnerability assessments, alignment to standard methodologies, user management, fix, collaboration with multi-functional teams, and risk mitigation.
Preferred
+ Master's degree preferred in business, Information Systems, or a related field.
+ Ideally, knowledge of the P&G information security framework and the SAP Enterprise Security Control Framework
+ Demonstrable record of accomplishment of leading and managing multi-functional teams, fostering collaboration, and achieving results.
+ Identifying key risks and controls, knowledge of Sarbanes Oxley readiness controls optimization, and configuring controls around security, business process, and within the GRC modules.
+ Knowledge of IT SAP security tools such as code scanners, GRC tools, or tools for SAP SoD monitoring.
+ Relevant certifications such as Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), SAP HANATEC or equivalent are a plus. Experience in working with regulatory requirements and industry standards (e.g., SOX, GDPR) about SAP systems.
+ Knowledge of the NIST cybersecurity framework.
+ Traditional/waterfall and agile project management skills, strong analytical and problem-solving abilities, with keen attention to detail
+ Leading teams to generate a vision, establish direction and motivate members, create an atmosphere of trust, leverage diverse views, coach staff, and encourage improvement and innovation.
About us
We produce globally recognized brands and we grow the best business leaders in the industry. With a portfolio of trusted brands as diverse as ours, it is paramount our leaders are able to lead with courage the vast array of brands, categories and functions. We serve consumers around the world with one of the strongest portfolios of trusted, quality, leadership brands, including Always®, Ariel®, Gillette®, Head & Shoulders®, Herbal Essences®, Oral-B®, Pampers®, Pantene®, Tampax® and more. Our community includes operations in approximately 70 countries worldwide.
Visit to know more.
We are an equal opportunity employer and value diversity at our company. We do not discriminate against individuals on the basis of race, color, gender, age, national origin, religion, sexual orientation, gender identity or expression, marital status, citizenship, disability, HIV/AIDS status, or any other legally protected factor.
Job Schedule
Full time
Job Number
R000128020
Job Segmentation
Experienced Professionals (Job Segmentation)
This advertiser has chosen not to accept applicants from your region.
0
Information Security Auditor
AECOM
Posted 4 days ago
Job Viewed
Job Description
**Company Description**
**Work with Us. Change the World.**
At AECOM, we're delivering a better world. Whether improving your commute, keeping the lights on, providing access to clean water, or transforming skylines, our work helps people and communities thrive. We are the world's trusted infrastructure consulting firm, partnering with clients to solve the world's most complex challenges and build legacies for future generations.
There has never been a better time to be at AECOM. With accelerating infrastructure investment worldwide, our services are in great demand. We invite you to bring your bold ideas and big dreams and become part of a global team of over 50,000 planners, designers, engineers, scientists, digital innovators, program and construction managers and other professionals delivering projects that create a positive and tangible impact around the world.
We're one global team driven by our common purpose to deliver a better world. Join us.
**Job Description**
**Job Brief**
The primary function is to perform advisory and assurance projects of Audit Services Group (ASG) focused on IT, information security and data privacy risks. ASG is responsible for evaluating the adequacy and effectiveness of the company's systems of internal controls that guide company activities toward accomplishing key business objectives.
**Duties and Responsibilities**
+ Participate in planning, scoping and execution of risk-based IT, information security, and data privacy assurance and advisory projects in accordance with the Institute of Internal Auditors (IIA) and ASG standards
+ Perform test of design and operating effectiveness of controls
+ Effectively communicate audit results to management
+ Work with stakeholders to develop actions plans that address root cause of findings
+ Anticipate the impact of new technologies and strategic initiatives of the Company on its information security and privacy risk profile
+ Demonstrate up-to-date knowledge in information security and privacy and apply this to the development, execution and improvement of audit programs and recommendations
+ Develop and maintain productive working relationships with stakeholders, while maintaining independence and objectivity.
+ Contribute to various department initiatives to streamline processes, improve stakeholder experience, and increase productivity.
+ Contribute specialized expertise to different assigned projects and may provide key updates to Project Lead and Manager.
**Qualifications**
**Minimum Requirements**
+ Bachelor's degree in management information systems, computer science, accounting, finance, or other IT related fields is required
+ 2-4 years of IT auditing, technology, information security, privacy or other relevant work experience is required
+ Must have strong verbal and written communication skills; fluency in English is required
+ Knowledge of auditing cloud services, encryption technology, mobile technology, application security, software development methodologies, and common security frameworks preferred
+ Ability to travel up to 30% including international travel (valid passport required)
+ Professional certifications (e.g., CIA, CISA, CISSP) are preferred
**Additional Information**
Shift schedule: Morning shift (9AM to 6PM)
**About AECOM**
AECOM is proud to offer comprehensive benefits to meet the diverse needs of our employees. Depending on your employment status, AECOM benefits may include medical, dental, vision, life, AD&D, disability benefits, paid time off, leaves of absences, voluntary benefits, perks, flexible work options, well-being resources, employee assistance program, business travel insurance, service recognition awards, retirement savings plan, and employee stock purchase plan.
AECOM is the global infrastructure leader, committed to delivering a better world. As a trusted professional services firm powered by deep technical abilities, we solve our clients' complex challenges in water, environment, energy, transportation and buildings. Our teams partner with public- and private-sector clients to create innovative, sustainable and resilient solutions throughout the project lifecycle - from advisory, planning, design and engineering to program and construction management. AECOM is a Fortune 500 firm that had revenue of $16.1 billion in fiscal year 2024. Learn more at aecom.com.
**What makes AECOM a great place to work**
You will be part of a global team that champions your growth and career ambitions. Work on groundbreaking projects - both in your local community and on a global scale - that are transforming our industry and shaping the future. With cutting-edge technology and a network of experts, you'll have the resources to make a real impact. Our award-winning training and development programs are designed to expand your technical expertise and leadership skills, helping you build the career you've always envisioned. Here, you'll find a welcoming workplace built on respect, collaboration and community - where you have the freedom to grow in a world of opportunity.
As an Equal Opportunity Employer, we believe in your potential and are here to help you achieve it. All your information will be kept confidential according to EEO guidelines.
**ReqID:** J10134928
**Business Line:** Geography OH
**Business Group:** DCS
**Strategic Business Unit:** GBS
**Career Area:** Finance
**Work Location Model:** Hybrid
**Legal Entity:** AECOM Global Business Services - Philippines ROHQ
**Work with Us. Change the World.**
At AECOM, we're delivering a better world. Whether improving your commute, keeping the lights on, providing access to clean water, or transforming skylines, our work helps people and communities thrive. We are the world's trusted infrastructure consulting firm, partnering with clients to solve the world's most complex challenges and build legacies for future generations.
There has never been a better time to be at AECOM. With accelerating infrastructure investment worldwide, our services are in great demand. We invite you to bring your bold ideas and big dreams and become part of a global team of over 50,000 planners, designers, engineers, scientists, digital innovators, program and construction managers and other professionals delivering projects that create a positive and tangible impact around the world.
We're one global team driven by our common purpose to deliver a better world. Join us.
**Job Description**
**Job Brief**
The primary function is to perform advisory and assurance projects of Audit Services Group (ASG) focused on IT, information security and data privacy risks. ASG is responsible for evaluating the adequacy and effectiveness of the company's systems of internal controls that guide company activities toward accomplishing key business objectives.
**Duties and Responsibilities**
+ Participate in planning, scoping and execution of risk-based IT, information security, and data privacy assurance and advisory projects in accordance with the Institute of Internal Auditors (IIA) and ASG standards
+ Perform test of design and operating effectiveness of controls
+ Effectively communicate audit results to management
+ Work with stakeholders to develop actions plans that address root cause of findings
+ Anticipate the impact of new technologies and strategic initiatives of the Company on its information security and privacy risk profile
+ Demonstrate up-to-date knowledge in information security and privacy and apply this to the development, execution and improvement of audit programs and recommendations
+ Develop and maintain productive working relationships with stakeholders, while maintaining independence and objectivity.
+ Contribute to various department initiatives to streamline processes, improve stakeholder experience, and increase productivity.
+ Contribute specialized expertise to different assigned projects and may provide key updates to Project Lead and Manager.
**Qualifications**
**Minimum Requirements**
+ Bachelor's degree in management information systems, computer science, accounting, finance, or other IT related fields is required
+ 2-4 years of IT auditing, technology, information security, privacy or other relevant work experience is required
+ Must have strong verbal and written communication skills; fluency in English is required
+ Knowledge of auditing cloud services, encryption technology, mobile technology, application security, software development methodologies, and common security frameworks preferred
+ Ability to travel up to 30% including international travel (valid passport required)
+ Professional certifications (e.g., CIA, CISA, CISSP) are preferred
**Additional Information**
Shift schedule: Morning shift (9AM to 6PM)
**About AECOM**
AECOM is proud to offer comprehensive benefits to meet the diverse needs of our employees. Depending on your employment status, AECOM benefits may include medical, dental, vision, life, AD&D, disability benefits, paid time off, leaves of absences, voluntary benefits, perks, flexible work options, well-being resources, employee assistance program, business travel insurance, service recognition awards, retirement savings plan, and employee stock purchase plan.
AECOM is the global infrastructure leader, committed to delivering a better world. As a trusted professional services firm powered by deep technical abilities, we solve our clients' complex challenges in water, environment, energy, transportation and buildings. Our teams partner with public- and private-sector clients to create innovative, sustainable and resilient solutions throughout the project lifecycle - from advisory, planning, design and engineering to program and construction management. AECOM is a Fortune 500 firm that had revenue of $16.1 billion in fiscal year 2024. Learn more at aecom.com.
**What makes AECOM a great place to work**
You will be part of a global team that champions your growth and career ambitions. Work on groundbreaking projects - both in your local community and on a global scale - that are transforming our industry and shaping the future. With cutting-edge technology and a network of experts, you'll have the resources to make a real impact. Our award-winning training and development programs are designed to expand your technical expertise and leadership skills, helping you build the career you've always envisioned. Here, you'll find a welcoming workplace built on respect, collaboration and community - where you have the freedom to grow in a world of opportunity.
As an Equal Opportunity Employer, we believe in your potential and are here to help you achieve it. All your information will be kept confidential according to EEO guidelines.
**ReqID:** J10134928
**Business Line:** Geography OH
**Business Group:** DCS
**Strategic Business Unit:** GBS
**Career Area:** Finance
**Work Location Model:** Hybrid
**Legal Entity:** AECOM Global Business Services - Philippines ROHQ
This advertiser has chosen not to accept applicants from your region.
1
Information Security Architect (Hybrid)
Blaseek
Posted 7 days ago
Job Viewed
Job Description
Position Overview:
As a Security Architect, you will engage across various domains within information security, focusing on: br>Evaluating and auditing existing security controls and solutions.
Designing and implementing new security measures.
Providing expert counsel within the department and beyond.
Assisting in the design and optimization of our SIEM/MDR solutions.
Conducting risk assessments for infrastructure, applications, and vendors.
Qualifications:
Bachelor's degree in any field; degrees in Information Security, Computer Science, or Software Engineering preferred but not mandatory.
Certifications such as Azure Architect, Azure Security, OSCP, OSEP, CISSP, Security+, ISO 27001, CISM, or CRISC are advantageous but not required.
Excellent English communication skills.
Knowledge in areas such as:
Risk Management
Third-Party Risk Management
Control Management
Security Frameworks (ISO 27001/27002/27005, NIST 800-53, NIST CSF)
Policy and Procedure Development
Infrastructure and Cloud Security (Azure)
MDR/SIEM/Log Analytics
Incident Response
Vulnerability and Penetration Testing
Identity and Access Management (IAM)
Technical Security and Risk Assessments
Disaster Recovery Planning
Willingness to engage with the CISO on professional matters.
As a Security Architect, you will engage across various domains within information security, focusing on: br>Evaluating and auditing existing security controls and solutions.
Designing and implementing new security measures.
Providing expert counsel within the department and beyond.
Assisting in the design and optimization of our SIEM/MDR solutions.
Conducting risk assessments for infrastructure, applications, and vendors.
Qualifications:
Bachelor's degree in any field; degrees in Information Security, Computer Science, or Software Engineering preferred but not mandatory.
Certifications such as Azure Architect, Azure Security, OSCP, OSEP, CISSP, Security+, ISO 27001, CISM, or CRISC are advantageous but not required.
Excellent English communication skills.
Knowledge in areas such as:
Risk Management
Third-Party Risk Management
Control Management
Security Frameworks (ISO 27001/27002/27005, NIST 800-53, NIST CSF)
Policy and Procedure Development
Infrastructure and Cloud Security (Azure)
MDR/SIEM/Log Analytics
Incident Response
Vulnerability and Penetration Testing
Identity and Access Management (IAM)
Technical Security and Risk Assessments
Disaster Recovery Planning
Willingness to engage with the CISO on professional matters.
This advertiser has chosen not to accept applicants from your region.
2
Information Security Analyst II
Manila, Metropolitan Manila
RELX INC
Posted 20 days ago
Job Viewed
Job Description
Job Scope:
To manage all RX security assessments and play a key part in ensuring RX's security compliance optimization. Monitor assessments while ensuring that Reed Exhibitions internal systems are compliant with RELX and industry standards. Proactively manage the third-party risk assessments, compliance evidence gathering of their IT services, infrastructure, applications and relevant services against their Security policies and related frameworks. Training and development will be provided in all areas of the role as required.
Key Responsibilities:
Security Assessment Management
+ Serve as an advanced technical advisor for third-party assessments, providing detailed security insights and solutions.
+ Perform in-depth security reviews and risk assessments for new and existing third-party vendors, ensuring compliance with organizational and regulatory requirements.
+ Demonstrate advanced knowledge in RELX security compliance policies and procedures.
+ Stay current with updates and developments in security standards such as OWASP Top 10, ISO27001, and SOC 2, and ensure their proper implementation across the organization.
+ Develop and deliver training and awareness on security policies and standards to business units.
+ Gain in-depth knowledge of the organization's major infrastructure security controls, ensuring they align with RELX Policies and Standards, industry best practices, and regulatory requirements.
+ Coordinate with technology/service owners and business owners to conduct annual security audits, vulnerability assessments, and penetration tests where applicable.
+ Work collaboratively within all business areas and key stakeholders to ensure the review and approach of all security governance, risk, and compliance scope is appropriate and proactive.
+ Ensure continuous monitoring and reporting of compliance and risk status against NIST2.0, RELX Framework, ISO27001, SOC2, PCI DSS, regional and global regulations, and all other relevant standards.
+ Support internal and external audits by providing detailed documentation and evidence of security controls and practices.
+ Perform RX Business Unit and Third-Party security audits according to the CISO office strategic plan and produce detailed documentation and evidence against security controls and practices tested.
+ Act as a point of escalation for security-related incidents, providing advanced security support and guidance to Level I Analysts and other team members.
+ Provide regular updates and at least monthly metric reports to senior management on security compliance and risk posture.
+ Escalation of high impact security issues to Security Compliance Manager.
Ideal candidate profile:
Technical Skills:
+ Bachelor's Degree holder.
+ Background in IT, compliance, and/or information security.
+ Ability to work across all levels of seniority within business teams to drive a working partnership.
+ Strong analytical and critical thinking skills.
+ Understanding of industry standards for IT security (e.g., ISO27001/2, SOC 2, PCI DSS).
+ Basic understanding of IT security applications (e.g., firewalls, intrusion detection, virus protection).
+ Understanding of IT security testing and vulnerability management, and Threat Modeling.
+ Understanding in Cloud Environment (e.g., AWS, Azure or GCP)
+ Understanding of Service Level Management.
+ Desired understanding of OneTrust portal or Similar.
+ With CompTIA Security+ or Similar or Higher.
Personal Skills:
+ Ability to work across all levels of seniority within the organization and suppliers to drive a working partnership.
+ Good communication skills at all levels, both oral and written.
+ Good interpersonal skills.
+ Ability to produce effective influence and persuasive arguments in support of security assessment process goals.
+ Highly driven and self-motivated individuals.
+ Skilled in project management and able to work independently in a fast-paced environment.
We are committed to providing a fair and accessible hiring process. If you have a disability or other need that requires accommodation or adjustment, please let us know by completing our Applicant Request Support Form or please contact 1- .
Criminals may pose as recruiters asking for money or personal information. We never request money or banking details from job applicants. Learn more about spotting and avoiding scams here .
Please read our Candidate Privacy Policy .
We are an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law.
USA Job Seekers:
EEO Know Your Rights .
RELX is a global provider of information-based analytics and decision tools for professional and business customers, enabling them to make better decisions, get better results and be more productive.
Our purpose is to benefit society by developing products that help researchers advance scientific knowledge; doctors and nurses improve the lives of patients; lawyers promote the rule of law and achieve justice and fair results for their clients; businesses and governments prevent fraud; consumers access financial services and get fair prices on insurance; and customers learn about markets and complete transactions.
Our purpose guides our actions beyond the products that we develop. It defines us as a company. Every day across RELX our employees are inspired to undertake initiatives that make unique contributions to society and the communities in which we operate.
To manage all RX security assessments and play a key part in ensuring RX's security compliance optimization. Monitor assessments while ensuring that Reed Exhibitions internal systems are compliant with RELX and industry standards. Proactively manage the third-party risk assessments, compliance evidence gathering of their IT services, infrastructure, applications and relevant services against their Security policies and related frameworks. Training and development will be provided in all areas of the role as required.
Key Responsibilities:
Security Assessment Management
+ Serve as an advanced technical advisor for third-party assessments, providing detailed security insights and solutions.
+ Perform in-depth security reviews and risk assessments for new and existing third-party vendors, ensuring compliance with organizational and regulatory requirements.
+ Demonstrate advanced knowledge in RELX security compliance policies and procedures.
+ Stay current with updates and developments in security standards such as OWASP Top 10, ISO27001, and SOC 2, and ensure their proper implementation across the organization.
+ Develop and deliver training and awareness on security policies and standards to business units.
+ Gain in-depth knowledge of the organization's major infrastructure security controls, ensuring they align with RELX Policies and Standards, industry best practices, and regulatory requirements.
+ Coordinate with technology/service owners and business owners to conduct annual security audits, vulnerability assessments, and penetration tests where applicable.
+ Work collaboratively within all business areas and key stakeholders to ensure the review and approach of all security governance, risk, and compliance scope is appropriate and proactive.
+ Ensure continuous monitoring and reporting of compliance and risk status against NIST2.0, RELX Framework, ISO27001, SOC2, PCI DSS, regional and global regulations, and all other relevant standards.
+ Support internal and external audits by providing detailed documentation and evidence of security controls and practices.
+ Perform RX Business Unit and Third-Party security audits according to the CISO office strategic plan and produce detailed documentation and evidence against security controls and practices tested.
+ Act as a point of escalation for security-related incidents, providing advanced security support and guidance to Level I Analysts and other team members.
+ Provide regular updates and at least monthly metric reports to senior management on security compliance and risk posture.
+ Escalation of high impact security issues to Security Compliance Manager.
Ideal candidate profile:
Technical Skills:
+ Bachelor's Degree holder.
+ Background in IT, compliance, and/or information security.
+ Ability to work across all levels of seniority within business teams to drive a working partnership.
+ Strong analytical and critical thinking skills.
+ Understanding of industry standards for IT security (e.g., ISO27001/2, SOC 2, PCI DSS).
+ Basic understanding of IT security applications (e.g., firewalls, intrusion detection, virus protection).
+ Understanding of IT security testing and vulnerability management, and Threat Modeling.
+ Understanding in Cloud Environment (e.g., AWS, Azure or GCP)
+ Understanding of Service Level Management.
+ Desired understanding of OneTrust portal or Similar.
+ With CompTIA Security+ or Similar or Higher.
Personal Skills:
+ Ability to work across all levels of seniority within the organization and suppliers to drive a working partnership.
+ Good communication skills at all levels, both oral and written.
+ Good interpersonal skills.
+ Ability to produce effective influence and persuasive arguments in support of security assessment process goals.
+ Highly driven and self-motivated individuals.
+ Skilled in project management and able to work independently in a fast-paced environment.
We are committed to providing a fair and accessible hiring process. If you have a disability or other need that requires accommodation or adjustment, please let us know by completing our Applicant Request Support Form or please contact 1- .
Criminals may pose as recruiters asking for money or personal information. We never request money or banking details from job applicants. Learn more about spotting and avoiding scams here .
Please read our Candidate Privacy Policy .
We are an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law.
USA Job Seekers:
EEO Know Your Rights .
RELX is a global provider of information-based analytics and decision tools for professional and business customers, enabling them to make better decisions, get better results and be more productive.
Our purpose is to benefit society by developing products that help researchers advance scientific knowledge; doctors and nurses improve the lives of patients; lawyers promote the rule of law and achieve justice and fair results for their clients; businesses and governments prevent fraud; consumers access financial services and get fair prices on insurance; and customers learn about markets and complete transactions.
Our purpose guides our actions beyond the products that we develop. It defines us as a company. Every day across RELX our employees are inspired to undertake initiatives that make unique contributions to society and the communities in which we operate.
This advertiser has chosen not to accept applicants from your region.
3
Chief Information Security Officer (CISO)
1631 Taguig, National Capital Region
Career Connect
Posted 15 days ago
Job Viewed
Job Description
Job Overview: The Chief Information Security Officer works with other executives across different departments to design security systems and assets. The CISO’s main responsibility is creating and implementing an information security program that is designed to protect enterprise communications, systems, and assets from any potential threats. He/She will ensure compliance to legal security practices.Job Description: ● Define and own a multi-year cybersecurity roadmap and key performance indicators focused on reducing cyber risk ● Build and inspire a highly skilled and diverse Cybersecurity team. Foster a culture of trusted cross-functional partnership, service, and continuous improvement ● Create quarterly, annual, and long-term cyber security and cyber risk management goals, articulate strategies, define metrics and provide necessary updates to executive leadership ● Partner with leadership for the development, planning, and execution of major security initiatives. Support Secure Software Development Lifecycle ● Collaborate with the SOC team and ISO 27001 Core team to establish appropriate security standards and provide an effective governance structure to ensure cyber compliance and accountability ● Lead Security Incident Response, Third Party Information Security Assessment, Data Protection and Encryption, ● Identity & Access Management and Privileged User Access to protect customer and employee data ● Define cyber security governance and control strategies for emerging technologies such as cloud & containerization, blockchain, etc. ● Keep well informed of developing security threats, and proactively create strategies to understand and mitigate potential security problems that might arise from acquisitions or other big business moves ● Other job-related activities may be assigned from time to time.RequirementsRequirements: ● Education – At least graduate with a Bachelor’s Degree in IT, Computer Science, Engineering, or any related course. ● Related Work Experience - Key Industry certifications in Information Security, such as CISSP, CISM and CISA ● Knowledge – Knowledgeable in security and operations processes. ● 15+ years of experience in Information/Cybersecurity in a public or large private technology company with a global customer base ● 7+ years people management experience with hands-on experience building diverse teams while promoting an inclusive organization ● A demonstrated knowledge of information security standards (e.g., NIST, ISO-27001), rules and regulations related to information security and data confidentiality (e.g., PCI, NIST, NSA) and other various security standards and policies ● A strong understanding of Cloud Security Mode and key principles, such as CSPs Shared Responsibility Models, Security and Infrastructure as Code, Preventive/Reactive Guardrails, Containerization, Server-less Computing, Continuous monitoring/drift detection, and the importance of end-to-end automation ● Strong interpersonal and communication skills with the ability to influence at all levels of the organization, while being able to simplify complex topics for understanding and critical decision making by Executive Management and the Board ● Ability to understand not only emerging industry trends as far as cyber security is concerned but also the landscape of emerging threats, making appropriate adjustments within the cybersecurity program
This advertiser has chosen not to accept applicants from your region.
4
Risk Management Staff
National Capital Region, National Capital Region
MEC Networks Corp.
Posted 20 days ago
Job Viewed
Job Description
About Us:
MEC is a leading organization in Technology. We are committed to excellence and the continuous improvement of our risk management processes to protect our assets, reputation, and financial standing. We are looking for a detail-oriented and highly organized Risk Management Staff to join our team. br>
Job Description:
We are seeking a proactive and responsible Risk Management Staff to provide essential support in identifying, assessing, and managing various business risks. This role will involve assisting with the development and execution of risk management strategies to minimize potential liabilities and ensure the organization operates smoothly and securely.
Key Responsibilities:
• Assist in conducting risk assessments and evaluations across various departments and projects. < r>• nsure implementation of the internal audit program. < r>• S pport the development, implementation, and maintenance of risk management policies and procedures. < r>• E ecute monthly/quarterly operational audits. < r>• M nitor and record progress of process cases reported and ensure compliance with regulatory requirements accordingly. < r>• A sist in the annual ISO accreditation and compliances of the company < r>• A alyze risk data and provide insights for improving risk mitigation strategies. < r>• P epare and maintain risk reports, tracking potential and existing risks. < r>• A sist with the preparation of documentation for internal audits program and risk management reviews to contribute for process enhancement. < r>• P ovide administrative and logistical support services to assist in business and operational functions < r>• S pport in all audit activities, process enhancements, data management and analysis < r>• H lp and support the Risk Management team in all other ad hoc tasks that the Audit Team is assigned to. < r>
Qualifications:
• E ucation: Bachelor's degree in any Business Course required. < r>• E perience: Minimum of 2-year experience in a Business Process or Employee-facing role is preferred. < r>• S ills: Strong business acumen advanced Excel skills, keen analytical abilities, high aptitude for problem-solving and organizational skills < r>• H s time management, with sharp and unyielding attention to detail, knowledgeable in basic accounting concepts. < r>• S rong and clear communication skills, both written and verbal. And has strong drive for excellence. < r>• A ility to work independently and as part of a team in a fast-paced environment.
MEC is a leading organization in Technology. We are committed to excellence and the continuous improvement of our risk management processes to protect our assets, reputation, and financial standing. We are looking for a detail-oriented and highly organized Risk Management Staff to join our team. br>
Job Description:
We are seeking a proactive and responsible Risk Management Staff to provide essential support in identifying, assessing, and managing various business risks. This role will involve assisting with the development and execution of risk management strategies to minimize potential liabilities and ensure the organization operates smoothly and securely.
Key Responsibilities:
• Assist in conducting risk assessments and evaluations across various departments and projects. < r>• nsure implementation of the internal audit program. < r>• S pport the development, implementation, and maintenance of risk management policies and procedures. < r>• E ecute monthly/quarterly operational audits. < r>• M nitor and record progress of process cases reported and ensure compliance with regulatory requirements accordingly. < r>• A sist in the annual ISO accreditation and compliances of the company < r>• A alyze risk data and provide insights for improving risk mitigation strategies. < r>• P epare and maintain risk reports, tracking potential and existing risks. < r>• A sist with the preparation of documentation for internal audits program and risk management reviews to contribute for process enhancement. < r>• P ovide administrative and logistical support services to assist in business and operational functions < r>• S pport in all audit activities, process enhancements, data management and analysis < r>• H lp and support the Risk Management team in all other ad hoc tasks that the Audit Team is assigned to. < r>
Qualifications:
• E ucation: Bachelor's degree in any Business Course required. < r>• E perience: Minimum of 2-year experience in a Business Process or Employee-facing role is preferred. < r>• S ills: Strong business acumen advanced Excel skills, keen analytical abilities, high aptitude for problem-solving and organizational skills < r>• H s time management, with sharp and unyielding attention to detail, knowledgeable in basic accounting concepts. < r>• S rong and clear communication skills, both written and verbal. And has strong drive for excellence. < r>• A ility to work independently and as part of a team in a fast-paced environment.
This advertiser has chosen not to accept applicants from your region.
5
Compliance Analyst, Risk Management
Parañaque, National Capital Region
J&J Family of Companies
Posted 6 days ago
Job Viewed
Job Description
At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity. Learn more at Function:**
Finance
**Job Sub** **Function:**
Risk Management
**Job Category:**
Professional
**All Job Posting Locations:**
Paranaque, National Capital Region (Manila), Philippines
**Job Description:**
Assists with the administration of Risk Management processes.
Conduct processes for compliance with SOPs and SOx compliance with appropriate supervision by manager and senior director.
Execute financial transactions with direction and oversight by manager for expenses and premiums.
Conducts collection of data from other departments and external TPAs, brokers, and insurers and prepare submissions for the placement of property and casualty insurance programs.
Day to day handling of property and casualty claims working with legal department, occupational health, and insurers both in and outside the US.
Maintain claims and other data essential to the operations of $4B captive insurance company.
Assist manager and senior director in contract reviews and M&A Due Diligence
Assists in providing data for internal or external audits or regulatory examinations.
Understands and applies Johnson & Johnson's Credo and Leadership Imperatives in day-to-day interactions with team.
This job does not require any experience. This job is overtime eligible.
Finance
**Job Sub** **Function:**
Risk Management
**Job Category:**
Professional
**All Job Posting Locations:**
Paranaque, National Capital Region (Manila), Philippines
**Job Description:**
Assists with the administration of Risk Management processes.
Conduct processes for compliance with SOPs and SOx compliance with appropriate supervision by manager and senior director.
Execute financial transactions with direction and oversight by manager for expenses and premiums.
Conducts collection of data from other departments and external TPAs, brokers, and insurers and prepare submissions for the placement of property and casualty insurance programs.
Day to day handling of property and casualty claims working with legal department, occupational health, and insurers both in and outside the US.
Maintain claims and other data essential to the operations of $4B captive insurance company.
Assist manager and senior director in contract reviews and M&A Due Diligence
Assists in providing data for internal or external audits or regulatory examinations.
Understands and applies Johnson & Johnson's Credo and Leadership Imperatives in day-to-day interactions with team.
This job does not require any experience. This job is overtime eligible.
This advertiser has chosen not to accept applicants from your region.
Be The First To Know
About the latest Security governance Jobs in Philippines !
6
Manager Information Risk Management
Manulife
Posted 10 days ago
Job Viewed
Job Description
The **Manager, Information Risk Management** is responsible for supporting the Directors within the team in the delivery of the 2nd Line of Defense risk oversight program across North America. The incumbent will serve as or has the foundation to become a Subject Matter Expert on information security, technology risk, and business continuity and disaster recovery management within the North America IRM team.
**Position Responsibilities:**
+ Support the directors on delivering the 2nd line information risk oversight and challenge program to the U.S. and Canadian Segments while enabling the Segments' L1 teams to manage their information risks efficiently and effectively. The L2 program covers key initiatives, high risk third parties, business continuity and disaster recovery, severe incidents and loss events, risk exceptions, issues and CAPs, Risk and Control Self Assessments (RCSAs), etc.
+ Promote a strong information risk culture and diversity, equity and inclusive values.
+ Stay abreast of new regulations, laws and requirements for information security, cybersecurity, information protection and privacy across jurisdictions.
+ Maintain and foster relationships with internal customers and risk partners.
**Required Qualifications:**
+ Minimum of 6 years of experience in risk and control space, specifically in the areas of Information Security, Business Resiliency, and Technology Risk
+ Expertise and prior experience in various aspects of security and information risk management (2nd line of defense preferred)
+ Strong communication skills and ability to explain highly technical concepts to non-technologists including business executives
+ Familiarity with IT and security, programming/coding and/or IT compliance
**Preferred Qualifications:**
+ Recognized professional designations in Information Security, Audit and Business Continuity (e.g. CISSP, CISA, CISM, CRISC, CSSLP, MBCP)
+ Results driven: Timely delivery with high quality
+ Strong time management and organizational skills to manage multiple tasks and changing priorities
+ Strong and effective communication
+ Ability to develop and maintain strong relationships
+ Ability to influence without authority
+ Strong team player with a collaborative approach
**_When you join our team:_**
+ We'll empower you to learn and grow the career you want.
+ We'll recognize and support you in a flexible environment where well-being and inclusion are more than just words.
+ As part of our global team, we'll support you in shaping the future you want to see.
**Acerca de Manulife y John Hancock**
Manulife Financial Corporation es un importante proveedor internacional de servicios financieros que ayuda a las personas a tomar decisiones de una manera más fácil y a vivir mejor. Para obtener más información acerca de nosotros, visite .
**Manulife es un empleador que ofrece igualdad de oportunidades**
En Manulife/John Hancock, valoramos nuestra diversidad. Nos esforzamos por atraer, formar y retener una fuerza laboral tan diversa como los clientes a los que prestamos servicios, y para fomentar un entorno laboral inclusivo en el que se aprovechen las fortalezas de las culturas y las personas. Estamos comprometidos con la equidad en las contrataciones, la retención de talento, el ascenso y la remuneración, y administramos todas nuestras prácticas y programas sin discriminación por motivos de raza, ascendencia, lugar de origen, color, origen étnico, ciudadanía, religión o creencias religiosas, credo, sexo (incluyendo el embarazo y las afecciones relacionadas con este), orientación sexual, características genéticas, condición de veterano, identidad de género, expresión de género, edad, estado civil, estatus familiar, discapacidad, o cualquier otro aspecto protegido por la ley vigente.
Nuestra prioridad es eliminar las barreras para garantizar la igualdad de acceso al empleo. Un representante de Recursos Humanos trabajará con los solicitantes que requieran una adaptación razonable durante el proceso de solicitud. Toda la información que se haya compartido durante el proceso de solicitud de adaptación se almacenará y utilizará de manera congruente con las leyes y las políticas de Manulife/John Hancock correspondientes. Para solicitar una adaptación razonable en el proceso de solicitud, envíenos un mensaje a .
**Modalidades de Trabajo**
Híbrido
**Position Responsibilities:**
+ Support the directors on delivering the 2nd line information risk oversight and challenge program to the U.S. and Canadian Segments while enabling the Segments' L1 teams to manage their information risks efficiently and effectively. The L2 program covers key initiatives, high risk third parties, business continuity and disaster recovery, severe incidents and loss events, risk exceptions, issues and CAPs, Risk and Control Self Assessments (RCSAs), etc.
+ Promote a strong information risk culture and diversity, equity and inclusive values.
+ Stay abreast of new regulations, laws and requirements for information security, cybersecurity, information protection and privacy across jurisdictions.
+ Maintain and foster relationships with internal customers and risk partners.
**Required Qualifications:**
+ Minimum of 6 years of experience in risk and control space, specifically in the areas of Information Security, Business Resiliency, and Technology Risk
+ Expertise and prior experience in various aspects of security and information risk management (2nd line of defense preferred)
+ Strong communication skills and ability to explain highly technical concepts to non-technologists including business executives
+ Familiarity with IT and security, programming/coding and/or IT compliance
**Preferred Qualifications:**
+ Recognized professional designations in Information Security, Audit and Business Continuity (e.g. CISSP, CISA, CISM, CRISC, CSSLP, MBCP)
+ Results driven: Timely delivery with high quality
+ Strong time management and organizational skills to manage multiple tasks and changing priorities
+ Strong and effective communication
+ Ability to develop and maintain strong relationships
+ Ability to influence without authority
+ Strong team player with a collaborative approach
**_When you join our team:_**
+ We'll empower you to learn and grow the career you want.
+ We'll recognize and support you in a flexible environment where well-being and inclusion are more than just words.
+ As part of our global team, we'll support you in shaping the future you want to see.
**Acerca de Manulife y John Hancock**
Manulife Financial Corporation es un importante proveedor internacional de servicios financieros que ayuda a las personas a tomar decisiones de una manera más fácil y a vivir mejor. Para obtener más información acerca de nosotros, visite .
**Manulife es un empleador que ofrece igualdad de oportunidades**
En Manulife/John Hancock, valoramos nuestra diversidad. Nos esforzamos por atraer, formar y retener una fuerza laboral tan diversa como los clientes a los que prestamos servicios, y para fomentar un entorno laboral inclusivo en el que se aprovechen las fortalezas de las culturas y las personas. Estamos comprometidos con la equidad en las contrataciones, la retención de talento, el ascenso y la remuneración, y administramos todas nuestras prácticas y programas sin discriminación por motivos de raza, ascendencia, lugar de origen, color, origen étnico, ciudadanía, religión o creencias religiosas, credo, sexo (incluyendo el embarazo y las afecciones relacionadas con este), orientación sexual, características genéticas, condición de veterano, identidad de género, expresión de género, edad, estado civil, estatus familiar, discapacidad, o cualquier otro aspecto protegido por la ley vigente.
Nuestra prioridad es eliminar las barreras para garantizar la igualdad de acceso al empleo. Un representante de Recursos Humanos trabajará con los solicitantes que requieran una adaptación razonable durante el proceso de solicitud. Toda la información que se haya compartido durante el proceso de solicitud de adaptación se almacenará y utilizará de manera congruente con las leyes y las políticas de Manulife/John Hancock correspondientes. Para solicitar una adaptación razonable en el proceso de solicitud, envíenos un mensaje a .
**Modalidades de Trabajo**
Híbrido
This advertiser has chosen not to accept applicants from your region.
7
Manager, Information Risk Management
Manulife
Posted 19 days ago
Job Viewed
Job Description
As the **Information Risk Manager** , you will work closely with different lines of defense to bolster our information risk management processes. You'll focus on evolving our assurance practices, standardizing procedures, and ensuring compliance with global information risk management standards.
**Position Responsibilities:**
+ Lead the development and refinement of the framework for reporting the organization's risk posture.
+ Manage and perform scenario analyses to evaluate the impact of changes to the risk management framework.
+ Oversee the design and implementation of Power BI solutions to expand and optimize risk reporting capabilities.
+ Collaborate with cross-functional teams and stakeholders to gather requirements and ensure alignment with organizational goals.
+ Ensure the accuracy, consistency, and reliability of data across all reports and dashboards.
+ Provide strategic insights and actionable recommendations based on risk data analysis to inform decision-making.
+ Support the development and maintenance of the global Information Risk Management policies, standards, controls, and related risk assessment, oversight and assurance processes.
+ Support the standardization of information risk management activities by designing and/or researching best practices related to Information Risk Management assessment processes and tools.
+ Mentor and develop team members, fostering a culture of continuous improvement and professional growth.
+ Stay abreast of industry trends, best practices, and technological advancements in information risk management and data reporting.
+ Assist in developing the Information Risk Analysis strategy and framework.
+ Responsible for finding opportunities to improve data quality alignment across all functions/segments.
+ Proactively communicate reporting modifications and process changes to contributors based on senior management requests and personal observations.
**Required Qualifications:**
+ University Degree in Technology, Business, Risk Management, Auditing, or related field. A master's degree or relevant professional certification is a plus.
+ Minimum of 7 years of experience in Microsoft Excel and Power BI, with a track record of designing complex reports and dashboards.
+ Expertise in controls, IT risk management, data analysis, metrics design/development and reporting for risk function, preferably in the financial services industry
+ Strong analytical, problem-solving, and decision-making skills, with a keen attention to detail.
+ Excellent leadership and communication skills, with the ability to influence and engage stakeholders at all levels.
+ Familiarity with risk management principles, frameworks, and methodologies.
+ Ability to Independently undertake projects of an intricate nature and ad-hoc requests as required.
+ Proven experience in a management role within information risk management or a related field.
**Preferred Qualifications:**
+ Experience with data visualization and business intelligence tools.
+ Knowledge of database management, SQL, and data governance.
+ Strong organizational and project management skills, with the ability to manage multiple priorities.
**_When you join our team:_**
+ We'll empower you to learn and grow the career you want.
+ We'll recognize and support you in a flexible environment where well-being and inclusion are more than just words.
+ As part of our global team, we'll support you in shaping the future you want to see.
**Acerca de Manulife y John Hancock**
Manulife Financial Corporation es un importante proveedor internacional de servicios financieros que ayuda a las personas a tomar decisiones de una manera más fácil y a vivir mejor. Para obtener más información acerca de nosotros, visite .
**Manulife es un empleador que ofrece igualdad de oportunidades**
En Manulife/John Hancock, valoramos nuestra diversidad. Nos esforzamos por atraer, formar y retener una fuerza laboral tan diversa como los clientes a los que prestamos servicios, y para fomentar un entorno laboral inclusivo en el que se aprovechen las fortalezas de las culturas y las personas. Estamos comprometidos con la equidad en las contrataciones, la retención de talento, el ascenso y la remuneración, y administramos todas nuestras prácticas y programas sin discriminación por motivos de raza, ascendencia, lugar de origen, color, origen étnico, ciudadanía, religión o creencias religiosas, credo, sexo (incluyendo el embarazo y las afecciones relacionadas con este), orientación sexual, características genéticas, condición de veterano, identidad de género, expresión de género, edad, estado civil, estatus familiar, discapacidad, o cualquier otro aspecto protegido por la ley vigente.
Nuestra prioridad es eliminar las barreras para garantizar la igualdad de acceso al empleo. Un representante de Recursos Humanos trabajará con los solicitantes que requieran una adaptación razonable durante el proceso de solicitud. Toda la información que se haya compartido durante el proceso de solicitud de adaptación se almacenará y utilizará de manera congruente con las leyes y las políticas de Manulife/John Hancock correspondientes. Para solicitar una adaptación razonable en el proceso de solicitud, envíenos un mensaje a .
**Modalidades de Trabajo**
Híbrido
**Position Responsibilities:**
+ Lead the development and refinement of the framework for reporting the organization's risk posture.
+ Manage and perform scenario analyses to evaluate the impact of changes to the risk management framework.
+ Oversee the design and implementation of Power BI solutions to expand and optimize risk reporting capabilities.
+ Collaborate with cross-functional teams and stakeholders to gather requirements and ensure alignment with organizational goals.
+ Ensure the accuracy, consistency, and reliability of data across all reports and dashboards.
+ Provide strategic insights and actionable recommendations based on risk data analysis to inform decision-making.
+ Support the development and maintenance of the global Information Risk Management policies, standards, controls, and related risk assessment, oversight and assurance processes.
+ Support the standardization of information risk management activities by designing and/or researching best practices related to Information Risk Management assessment processes and tools.
+ Mentor and develop team members, fostering a culture of continuous improvement and professional growth.
+ Stay abreast of industry trends, best practices, and technological advancements in information risk management and data reporting.
+ Assist in developing the Information Risk Analysis strategy and framework.
+ Responsible for finding opportunities to improve data quality alignment across all functions/segments.
+ Proactively communicate reporting modifications and process changes to contributors based on senior management requests and personal observations.
**Required Qualifications:**
+ University Degree in Technology, Business, Risk Management, Auditing, or related field. A master's degree or relevant professional certification is a plus.
+ Minimum of 7 years of experience in Microsoft Excel and Power BI, with a track record of designing complex reports and dashboards.
+ Expertise in controls, IT risk management, data analysis, metrics design/development and reporting for risk function, preferably in the financial services industry
+ Strong analytical, problem-solving, and decision-making skills, with a keen attention to detail.
+ Excellent leadership and communication skills, with the ability to influence and engage stakeholders at all levels.
+ Familiarity with risk management principles, frameworks, and methodologies.
+ Ability to Independently undertake projects of an intricate nature and ad-hoc requests as required.
+ Proven experience in a management role within information risk management or a related field.
**Preferred Qualifications:**
+ Experience with data visualization and business intelligence tools.
+ Knowledge of database management, SQL, and data governance.
+ Strong organizational and project management skills, with the ability to manage multiple priorities.
**_When you join our team:_**
+ We'll empower you to learn and grow the career you want.
+ We'll recognize and support you in a flexible environment where well-being and inclusion are more than just words.
+ As part of our global team, we'll support you in shaping the future you want to see.
**Acerca de Manulife y John Hancock**
Manulife Financial Corporation es un importante proveedor internacional de servicios financieros que ayuda a las personas a tomar decisiones de una manera más fácil y a vivir mejor. Para obtener más información acerca de nosotros, visite .
**Manulife es un empleador que ofrece igualdad de oportunidades**
En Manulife/John Hancock, valoramos nuestra diversidad. Nos esforzamos por atraer, formar y retener una fuerza laboral tan diversa como los clientes a los que prestamos servicios, y para fomentar un entorno laboral inclusivo en el que se aprovechen las fortalezas de las culturas y las personas. Estamos comprometidos con la equidad en las contrataciones, la retención de talento, el ascenso y la remuneración, y administramos todas nuestras prácticas y programas sin discriminación por motivos de raza, ascendencia, lugar de origen, color, origen étnico, ciudadanía, religión o creencias religiosas, credo, sexo (incluyendo el embarazo y las afecciones relacionadas con este), orientación sexual, características genéticas, condición de veterano, identidad de género, expresión de género, edad, estado civil, estatus familiar, discapacidad, o cualquier otro aspecto protegido por la ley vigente.
Nuestra prioridad es eliminar las barreras para garantizar la igualdad de acceso al empleo. Un representante de Recursos Humanos trabajará con los solicitantes que requieran una adaptación razonable durante el proceso de solicitud. Toda la información que se haya compartido durante el proceso de solicitud de adaptación se almacenará y utilizará de manera congruente con las leyes y las políticas de Manulife/John Hancock correspondientes. Para solicitar una adaptación razonable en el proceso de solicitud, envíenos un mensaje a .
**Modalidades de Trabajo**
Híbrido
This advertiser has chosen not to accept applicants from your region.
8
Senior Risk Analyst, Information Risk Management
Manulife
Posted 26 days ago
Job Viewed
Job Description
We are seeking a detail-oriented **Information Risk Analyst** to join our Information Risk Management team. The successful candidate will assist in developing risk dashboards, support data governance and quality initiatives, and contribute to the evolution of our risk management framework.
**Position Responsibilities:**
+ Assist in the development and maintenance of risk dashboards to provide timely and accurate risk insights.
+ Support data governance and quality initiatives to ensure data integrity, consistency, and reliability.
+ Contribute to the analysis and assessment of framework change scenarios to evaluate potential impacts on risk management practices.
+ Collaborate in designing and implementing Power BI solutions to expand and enhance risk reporting capabilities.
+ Work with cross-functional teams to gather data requirements and ensure alignment with organizational objectives.
+ Maintain and update Excel models to support risk analysis and reporting tasks.
+ Provide analytical support and insights to help inform risk-related decision-making processes.
+ Stay updated on industry trends and best practices in information risk management and data analytics.
**Required Qualifications:**
+ **Minimum of 3 years of experience in a risk analysis or data analytics role within a corporate environment.**
+ **Expertise in controls, IT risk management, data analysis, metrics design/development and reporting for risk function, preferably in the financial services industry**
+ University Degree in Technology, Business, Risk Management, Auditing, or related field. A master's degree or relevant professional certification is a plus.
+ Proficiency in Microsoft Excel and Power BI, with the ability to develop complex reports and dashboards.
+ Strong analytical and critical thinking skills, with attention to detail and accuracy.
+ Familiarity with risk management concepts and data governance practices.
**_When you join our team:_**
+ We'll empower you to learn and grow the career you want.
+ We'll recognize and support you in a flexible environment where well-being and inclusion are more than just words.
+ As part of our global team, we'll support you in shaping the future you want to see.
**Acerca de Manulife y John Hancock**
Manulife Financial Corporation es un importante proveedor internacional de servicios financieros que ayuda a las personas a tomar decisiones de una manera más fácil y a vivir mejor. Para obtener más información acerca de nosotros, visite .
**Manulife es un empleador que ofrece igualdad de oportunidades**
En Manulife/John Hancock, valoramos nuestra diversidad. Nos esforzamos por atraer, formar y retener una fuerza laboral tan diversa como los clientes a los que prestamos servicios, y para fomentar un entorno laboral inclusivo en el que se aprovechen las fortalezas de las culturas y las personas. Estamos comprometidos con la equidad en las contrataciones, la retención de talento, el ascenso y la remuneración, y administramos todas nuestras prácticas y programas sin discriminación por motivos de raza, ascendencia, lugar de origen, color, origen étnico, ciudadanía, religión o creencias religiosas, credo, sexo (incluyendo el embarazo y las afecciones relacionadas con este), orientación sexual, características genéticas, condición de veterano, identidad de género, expresión de género, edad, estado civil, estatus familiar, discapacidad, o cualquier otro aspecto protegido por la ley vigente.
Nuestra prioridad es eliminar las barreras para garantizar la igualdad de acceso al empleo. Un representante de Recursos Humanos trabajará con los solicitantes que requieran una adaptación razonable durante el proceso de solicitud. Toda la información que se haya compartido durante el proceso de solicitud de adaptación se almacenará y utilizará de manera congruente con las leyes y las políticas de Manulife/John Hancock correspondientes. Para solicitar una adaptación razonable en el proceso de solicitud, envíenos un mensaje a .
**Modalidades de Trabajo**
Híbrido
**Position Responsibilities:**
+ Assist in the development and maintenance of risk dashboards to provide timely and accurate risk insights.
+ Support data governance and quality initiatives to ensure data integrity, consistency, and reliability.
+ Contribute to the analysis and assessment of framework change scenarios to evaluate potential impacts on risk management practices.
+ Collaborate in designing and implementing Power BI solutions to expand and enhance risk reporting capabilities.
+ Work with cross-functional teams to gather data requirements and ensure alignment with organizational objectives.
+ Maintain and update Excel models to support risk analysis and reporting tasks.
+ Provide analytical support and insights to help inform risk-related decision-making processes.
+ Stay updated on industry trends and best practices in information risk management and data analytics.
**Required Qualifications:**
+ **Minimum of 3 years of experience in a risk analysis or data analytics role within a corporate environment.**
+ **Expertise in controls, IT risk management, data analysis, metrics design/development and reporting for risk function, preferably in the financial services industry**
+ University Degree in Technology, Business, Risk Management, Auditing, or related field. A master's degree or relevant professional certification is a plus.
+ Proficiency in Microsoft Excel and Power BI, with the ability to develop complex reports and dashboards.
+ Strong analytical and critical thinking skills, with attention to detail and accuracy.
+ Familiarity with risk management concepts and data governance practices.
**_When you join our team:_**
+ We'll empower you to learn and grow the career you want.
+ We'll recognize and support you in a flexible environment where well-being and inclusion are more than just words.
+ As part of our global team, we'll support you in shaping the future you want to see.
**Acerca de Manulife y John Hancock**
Manulife Financial Corporation es un importante proveedor internacional de servicios financieros que ayuda a las personas a tomar decisiones de una manera más fácil y a vivir mejor. Para obtener más información acerca de nosotros, visite .
**Manulife es un empleador que ofrece igualdad de oportunidades**
En Manulife/John Hancock, valoramos nuestra diversidad. Nos esforzamos por atraer, formar y retener una fuerza laboral tan diversa como los clientes a los que prestamos servicios, y para fomentar un entorno laboral inclusivo en el que se aprovechen las fortalezas de las culturas y las personas. Estamos comprometidos con la equidad en las contrataciones, la retención de talento, el ascenso y la remuneración, y administramos todas nuestras prácticas y programas sin discriminación por motivos de raza, ascendencia, lugar de origen, color, origen étnico, ciudadanía, religión o creencias religiosas, credo, sexo (incluyendo el embarazo y las afecciones relacionadas con este), orientación sexual, características genéticas, condición de veterano, identidad de género, expresión de género, edad, estado civil, estatus familiar, discapacidad, o cualquier otro aspecto protegido por la ley vigente.
Nuestra prioridad es eliminar las barreras para garantizar la igualdad de acceso al empleo. Un representante de Recursos Humanos trabajará con los solicitantes que requieran una adaptación razonable durante el proceso de solicitud. Toda la información que se haya compartido durante el proceso de solicitud de adaptación se almacenará y utilizará de manera congruente con las leyes y las políticas de Manulife/John Hancock correspondientes. Para solicitar una adaptación razonable en el proceso de solicitud, envíenos un mensaje a .
**Modalidades de Trabajo**
Híbrido
This advertiser has chosen not to accept applicants from your region.
9