31 Security Measures jobs in the Philippines

Conduct inventory of data processing activities and systems of the Company
- Knowledge in complying requirements and completing registration with the National Privacy Commission (NPC)
- Act as the primary point of contact within the organization for members of staff, regulators, and any relevant public bodies on issues related to data protection

**QUALIFICATIONS**:

- Minimum of 1 year experience working in data protection compliance or any related field
- Information Technology graduated or any related field
- Proficient in the use of Data Protection Software Solutions
- Can work diligently and able to discreetly handle sensitive information
- Knowledgeable on data protection law is a must (Philippine Data Privacy Act 2012)

**Salary**: Php30,000.00 - Php45,000.00 per month

Schedule:

- 8 hour shift

Ability to commute/relocate:

- San Pedro, Laguna: Reliably commute or planning to relocate before starting work (preferred)

Who we are:
br>eFlexervices is a BPO company with a legacy spanning 24 years, we've honed our craft in providing exceptional quality and building unshakable trust. At eFlex, we're not just a BPO company – we're your partners in success. Our approach is all about finding the perfect match between talent and the organizations we support. We're not just investing in our work; we're investing in people, optimizing performance, and maximizing efficiency. We are all about exceptional quality and unwavering trust. < r>
What we are looking for:

Are you ready to take your expertise to the next level? At eFlexervices, we're not just hiring a Compliance Lead / Data Protection Officer – we're empowering your talent to deliver quality and performance. Join us in shaping the success and making an impact that truly matters. < r>
The Compliance Lead / Data Protection Officer (DPO) plays a crucial role in maintaining eFlex’s adherence to various regulatory and industry standards, including SOC 2, ISO 27001, HIPAA, and GDPR. This multifaceted position involves developing and executing the company's overall compliance strategy, meticulously preparing for and coordinating external audits, and guaranteeing that all contractual and regulatory obligations are consistently fulfilled. Furthermore, the Compliance Lead / DPO is at the forefront of eFlex's privacy and data protection efforts, spearheading initiatives to safeguard sensitive information and foster a culture of data security throughout the organization. < r>
What you’ll be doing: < r>
Own the compliance strategy and ensure continuous readiness for all required frameworks.
Serve as Data Protection Officer for GDPR and oversee HIPAA privacy requirements.
Manage compliance policies, procedures, and documentation.
Coordinate with auditors and ensure all evidence is collected on time.
Oversee vendor risk management and ensure compliance clauses are in place.
Monitor regulatory changes and update internal policies accordingly.
Lead cross-department coordination for compliance initiatives.
Report compliance status to executive leadership

Qualifications and Requirements:

Bachelor’s degree in Law, IT, Business, Cybersecurity or related field. < r>3+ years in compliance, audit, privacy, or information security.
Knowledge of SOC 2, ISO 27001, HIPAA, and GDPR frameworks.
Relevant security certifications such as Security+, CISA, CRISC, CISM, CISSP
Strong organizational and communication skills.
Experience with compliance automation tools preferred.
Detail-oriented, proactive, and able to influence across departments.
Capable of handling sensitive information with discretion.
Strong analytical and problem-solving skills

Benefits and Perks:

At eFlex, we're not just a workplace – we're a community of playmakers, committed to fostering growth, learning, and personal connections. Here's what's in store for you: < r>
Living Our Values: We don't just talk the talk; we walk the walk. From learning and personal growth to caring deeply about our team and clients, our values are the compass guiding our vibrant workplace.

Competitive Compensation: Your hard work deserves recognition. Enjoy a competitive salary and benefits package, including comprehensive HMO coverage and optical reimbursements.

Flexible Work Options: Work your way! If you're outside Baguio City, embrace a permanent work-from-home setup. For those within Baguio, our hybrid work model offers the best of both worlds.

Wellness Matters: Recharge and refresh! Our flexible vacation and sick leaves empower you to prioritize your well-being, ensuring a healthy work-life balance.

Pathways to Success: Your journey with us is brimming with growth opportunities. We're dedicated to nurturing your career and supporting your rise through the ranks.

Ready to embark on an enriching journey? Join the eFlex family and experience a workplace that values your individuality and success. Let's thrive together!

Our Client is a renowned Global player in the financial markets.

Position Title: Senior Associate Data Protection & Technology (EMEA/US Shift)
Compensation: USD $800,000 $1,000,000 per annum
Location: Manila, Philippines (Hybrid Minimum 3 days onsite per week)

Role Overview:

As part of the Data Protection team, this role plays a key part in ensuring that data privacy and security practices comply with global regulatory standards. The Senior Associate will contribute to enterprise-wide compliance efforts, supporting various business units and operational functions worldwide.

Key Responsibilities:

• Stay up to date with global data privacy regulations and ensure the organizations practices align with evolving requirements.

• Lead and support annual privacy audits, including data mapping exercises, Privacy Impact Assessments (PIAs), and Data Protection Impact Assessments (DPIAs).

• Manage incoming queries from the privacy inbox, providing guidance or escalating when necessary.

• Evaluate third-party vendors from a privacy and regulatory compliance perspective during onboarding processes.

• Collaborate with internal teams to identify areas of privacy risk and propose appropriate mitigation strategies, especially in relation to new technologies, cloud solutions, or special initiatives.

• Draft, update, and maintain privacy-related documentation such as policies, protocols, and internal guidelines. Support cross-functional teams in aligning broader policies (e.g., employee handbook, IT usage policies) with data privacy standards.

• Monitor changes in privacy legislation and interpret the implications for company operations and compliance.

• Assist with the rollout of annual privacy training and internal awareness campaigns.

• Support the fulfillment of Data Subject Access Requests (DSARs) and ensure efficient handling in compliance with applicable regulations.

• Contribute to regular reviews of data loss prevention measures and personal data handling procedures.

• Incorporate risk and control considerations into daily tasks, ensuring timely identification and escalation of potential issues.

• Stay informed on emerging technologies such as AI and assess their impact on data protection.

• Provide support during data breach investigations and help compile insights for reporting and analysis purposes.

• Participate in other privacy and security-related initiatives as needed.

Note: The responsibilities outlined above are not exhaustive and may evolve over time based on business needs.

Requirements:

• At least 6 years of professional experience in a related field (e.g., data privacy, audit, cybersecurity, risk management, or compliance).

• Bachelors degree preferred; equivalent professional experience considered.

• Recognized industry certifications such as CIPM, CIPP (EU, A, C, or US), or CISSP are highly desirable.

• Strong knowledge of global privacy standards and practical experience in implementing data protection frameworks.

Ready to Create an Extraordinary Caeer?
If you thrive in high-energy environments, we want to hear from you! Join a dynamic team where your ideas matter, your skills shine, and your work puts you on the global stage. 

Apply now and bring your career to life !

Follow me or DM

At SGV, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.

**Consulting-TC-Cyber-Data Privacy Protection & Strategy-Associate-PH**

At SGV, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help SGV become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.

**The opportunity**

We are actively seeking to expand our Cybersecurity team to young, fresh, innovative and engaged individuals who has a passion for information security, data privacy and strategy.

**Your key responsibilities**

As a Cybersecurity professional, you’ll deliver client engagements as well as internal projects. You will help clients gain insights into their privacy and information security programs and capabilities to maintain compliance to local and global privacy regulations while building consumer trust. You will be performing consulting services to our client that will help them grow cybersecurity and privacy posture and gain competitive edge in the market.

**Skills and attributes for success**
- Stay abreast of current business and industry trends relevant to the client’s business.
- Demonstrate technical capabilities and professional knowledge. Demonstrate ability to assimilate to new knowledge.
- Comfortable working in an unstructured & complex environment requiring out of box thinking, logical reasoning
- Able to continuously add value to assigned processes and develop solutions
- Ability to keep confidential sensitive information
- Strong research and communications skills
- Ability to successfully handle multiple tasks.
- Interest in working with a culturally diverse team from around the globe to design, develop, and deploy programs and share knowledge
- Excellent relationship-building and interpersonal skills, with an inclusive approach
- Effective communicator with good written and oral presentation skills
- Team player and active listener with the ability to respond to and develop the ideas of others

**To qualify for the role, you must have**
- A Bachelor’s degree in Law, Accountancy, or in Computer Science, Management Science, Information Security, Data, Business, Ethics or in any related field.
- Solid knowledge and experience presenting using MS Power Point, Excel and Visio.
- Solid oral and written communication skills.

**What we look for**

We’re interested in intellectually curious people with a genuine passion for cybersecurity, data protection and privacy. If you have the confidence in both your presentation and technical abilities to grow into a leading expert here, this is the role for you.

**What we offer**

We offer a competitive remuneration package where you’ll be rewarded for your individual and team performance. Our comprehensive Total Rewards package includes support for flexible working and career development, benefits that suit your needs, covering holidays, health and well-being, insurance, savings and a wide range of discounts, offers and promotions. Plus, we offer:

- **
Continuous learning**: You’ll develop the mindset and skills to navigate whatever comes next.
- ** Success as defined by you**: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
- ** Transformative leadership**:We’ll give you the insights, coaching and confidence to be the leader the world needs.
- ** Diverse and inclusive culture**: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.

**If you can demonstrate that you meet the criteria above, please contact us as soon as possible.**

**The exceptional SGV experience. It’s yours to build.**

**SGV | Building a better working world**

SGV exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.

Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

See more job openings in Banking

**CLIENT**

European Fully-Digital Bank.

**JOB DESCRIPTION**
- Defines rules and procedures for assigning the key roles for data management within the business structure
- Clarifies the roles and responsibilities for each particular role and drafts a code of conduct for the data roles
- Translates the requirements for data management into specific job duties of the key roles and all employees
- Provides guidelines and standards for implementation of the data management framework in his/her domain
- Ensures that the data management process is implemented in accordance with compliance requirements and standards for information security and data quality
- Defines internal policies for the operation of each step of the data management process
- Establishes policies and procedures to manage workflow among data roles and systems
- Clarifies and communicates rules, polices and standards for data exchange between relevant parties
- Determines the state of data capabilities in his/her domain, and hence monitoring and analysing ongoing challenges/risks and recommending possible solutions and improvements
- Based on practical experience, proposes recommendations for improvement of the metrics for monitoring, such as measurement criteria which better reflect the operational reality
- Oversees whether the Global Data Management Data Governance Manual is implemented for data content, standards and control

**JOB QUALIFICATION**
- Minimum 5 years of professional experience in a similar domain (data management, Data Warehousing)
- Knowledge of data management standards and processes
- Regulatory, Compliance and IT expertise
- Knowledge of Policy formation and experience in writing, implementing and assessing policies and standards
- Knowledge of relevant policies, e.g. Information Risk, Data Security, Data Privacy, data protection and data ethics
- Confident and highly articulate

**ACTIVE DATES**
Until June 2019

See more job openings in Banking

**CLIENT**

European Fully-Digital Bank.

**JOB DESCRIPTION**
- Defines rules and procedures for assigning the key roles for data management within the business structure
- Clarifies the roles and responsibilities for each particular role and drafts a code of conduct for the data roles
- Translates the requirements for data management into specific job duties of the key roles and all employees
- Provides guidelines and standards for implementation of the data management framework in his/her domain
- Ensures that the data management process is implemented in accordance with compliance requirements and standards for information security and data quality
- Defines internal policies for the operation of each step of the data management process
- Establishes policies and procedures to manage workflow among data roles and systems
- Clarifies and communicates rules, polices and standards for data exchange between relevant parties
- Determines the state of data capabilities in his/her domain, and hence monitoring and analysing ongoing challenges/risks and recommending possible solutions and improvements
- Based on practical experience, proposes recommendations for improvement of the metrics for monitoring, such as measurement criteria which better reflect the operational reality
- Oversees whether the Global Data Management Data Governance Manual is implemented for data content, standards and control

**JOB QUALIFICATION**
- Minimum 5 years of professional experience in a similar domain (data management, Data Warehousing)
- Knowledge of data management standards and processes
- Regulatory, Compliance and IT expertise
- Knowledge of Policy formation and experience in writing, implementing and assessing policies and standards
- Knowledge of relevant policies, e.g. Information Risk, Data Security, Data Privacy, data protection and data ethics
- Confident and highly articulate

**ACTIVE DATES**
Until June 2019

**Job Overview**:
**Responsibilities**:

- Support in the development, review, and maintenance of information security policies, procedures, and guidelines
- Analyze cybersecurity and data privacy risks by performing risk assessments and recommend mitigation controls
- Work with key personnel from other business functions on security and compliance requirements
- Analyze, collect, and follow-up audit evidence with tech and business teams
- Perform Business Impact Analysis (BIA) to support establishing BCP procedures and testing
- Determine resolution and root cause of security incidents and issues
- Advise internal stakeholders on security and data privacy matters
- Recommend improvements to process
- Support in handling of third-party audits and assessments
- Monitor and enforce compliance to policies, and strengthen awareness of employees regarding information security and data privacy
- Provide support in projects and other security endeavors from time to time

**Job Qualifications**:

- Bachelor's degree in IT or related field (e.g. Information Management, Computer Science, or equivalent; or 4 years of relevant IT experience)
- At least 2-3 years experience in the field of cybersecurity, risk and compliance, IT audit or related area
- At least 1 year working knowledge of security/risk management standards and frameworks (e.g. ISO 27001/31000, NIST CSF, CIS) or conducting risk assessments
- Excellent oral and written communication skills
- Strong analytical and problem-solving skills
- Knowledge and experience with PCIDSS preferred but not required
- Exposure to fintech industry and applicable regulations (e.g. DPA, BSP/AMLA, etc.) a plus, but not mandatory
- IT security and relevant certifications (e.g. Sec+, CEH, CPISI, ISMS-LI/A) an advantage

**KPIs/KRAs**:

- Identification of key security and data privacy risks and mitigating controls
- Execution of risk assessments, BCP testing, incident response tests
- Development and maintenance of security policies, procedures, and guidelines
- Support in attaining/retaining PCIDSS and other certifications

**Job Types**: Full-time, Permanent

**Salary**: Php20,000.00 - Php35,000.00 per month

**Benefits**:

- Additional leave
- Company Christmas gift
- Company events
- Employee discount
- Flexible schedule
- Health insurance
- Life insurance
- Opportunities for promotion
- Paid training
- Promotion to permanent employee

Schedule:

- 8 hour shift
- Day shift

Supplemental Pay:

- 13th month salary
- Overtime pay
- Performance bonus

Who we are:
br>eFlexervices is a BPO company with a legacy spanning 24 years. We've honed our craft in providing exceptional quality and building unshakable trust. At eFlex, we're not just a BPO company – we're your partners in success. Our approach is all about finding the perfect match between talent and the organizations we support. We're not just investing in our work; we're investing in people, optimizing performance, and maximizing efficiency. We are all about exceptional quality and unwavering trust. < r>
What we are looking for:

Are you ready to take your expertise to the next level? At eFlexervices, we're not just hiring a Technical Security & Compliance Analyst – we're empowering your talent to deliver quality and performance. Join us in shaping the success and making an impact that truly matters. < r>
The Technical Security & Compliance Analyst is a critical role focused on maintaining and enhancing an organization's security posture and regulatory adherence by managing technical and operational compliance activities for standards like SOC 2, ISO 27001, HIPAA, and GDPR. This involves the meticulous implementation, continuous monitoring, and thorough documentation of technical controls to protect sensitive data and systems, with all findings recorded in a compliance automation platform. The role demands a deep understanding of security frameworks, regulatory requirements, and technical infrastructure, serving as a vital link between technical and audit teams to mitigate risks, ensure data privacy, and uphold the organization's commitment to security and compliance.

What you’ll be doing: < r>
Operate and maintain the compliance automation tool (e.g., Vanta, Scytale, Secureframe).
Ensure device compliance (encryption, antivirus, MDM policies) across all endpoints.
Conduct periodic access reviews and enforce MFA.
Perform regular vulnerability scans and coordinate remediation with IT/dev teams.
Maintain secure configurations for cloud infrastructure.
Collect and upload technical evidence for audits.
Assist with incident detection, investigation, and response.
Collaborate with internal teams to close compliance gaps.

Qualifications and Requirements:

Bachelor’s degree in IT, Computer Science, Cybersecurity or related field. < r>2+ years in IT security, compliance, or systems administration.
Relevant security certifications such as Security+, CISA, CRISC, CISM, CISSP
Familiarity with SOC 2, ISO 27001, HIPAA, and GDPR preferred.
Experience with compliance or GRC tools is a plus.
Strong knowledge of endpoint, network, and cloud security.
Highly organized with strong attention to detail.
Proactive problem solver who can work independently.
Strong analytical and problem-solving skills

Benefits and Perks:

At eFlex, we're not just a workplace – we're a community of playmakers, committed to fostering growth, learning, and personal connections. Here's what's in store for you: < r>
Living Our Values: We don't just talk the talk; we walk the walk. From learning and personal growth to caring deeply about our team and clients, our values are the compass guiding our vibrant workplace.

Competitive Compensation: Your hard work deserves recognition. Enjoy a competitive salary and benefits package, including comprehensive HMO coverage and optical reimbursements.

Flexible Work Options: Work your way! If you're outside Baguio City, embrace a permanent work-from-home setup. For those within Baguio, our hybrid work model offers the best of both worlds.

Wellness Matters: Recharge and refresh! Our flexible vacation and sick leaves empower you to prioritize your well-being, ensuring a healthy work-life balance.

Pathways to Success: Your journey with us is brimming with growth opportunities. We're dedicated to nurturing your career and supporting your rise through the ranks.

Ready to embark on an enriching journey? Join the eFlex family and experience a workplace that values your individuality and success. Let's thrive together!

Responsible for overseeing information security, cybersecurity and IT risk management programs based on industry-accepted information security and risk management frameworks. Improve and communicate the maturity levels of information security, state of cybersecurity and IT risk practices across Entrego.

Key Responsibilities and Duties

Ensure standard parameters of systems and network used by Entrego is within best practices
Coordinate the continuous development, implementation and updating of security and privacy policies, standards, guidelines, baselines, processes, and procedures in compliance with local regulations and standards.
Develop and manage the frameworks, processes, tools, and consultancy necessary for IT to properly manage risk and to make risk-based decisions to IT activities.
Proactive identification and mitigation of IT risks as well as responding to observations identified by the third-party auditors while assisting in the development of periodic reports and presenting the level of controls compliance and current IT risk posture.
Assist Entrego with the audits and facilitate management response and remediation efforts.
Ensure overall IT compliance with regulatory requirements through proactive planning and communication, ownership, and relationships.
Identify acceptable levels of residual risk and assist with action plans, policy, and procedural changes for risk mitigation. Provide strategic recommendation to key IT projects to help improve project results, quality of deliverables, risk optimizations security processes and compliance with regulations.
Facilitate information security management education and training including user awareness programs. Requirements

Bachelor's degree in computer science or Information management
Experience in risk, compliance, and information security policy
Knowledge of laws and regulations including but not limited to RA10173 or the Data privacy Act of 2012
Experience with development of cybersecurity educational and awareness programs
Excellent organizational and communication skills (both oral and written)
Knowledge of information security processes and controls including risk and control framework.

NIST Frameworks
ITIL v4 best practices
IT security and control best practices
Skills and Certifications that are good to have but not required:
Certification in information security
Advance knowledge in OSI framework

Responsible for overseeing information security, cybersecurity and IT risk management programs based on industry-accepted information security and risk management frameworks.