Information Security Compliance Specialist/Officer
MANDALUYONG, Philippines
5d ago

Job Description

  • Support the Security Risk Assessment methodology, policy, strategy and process
  • Perform hands-on gap and risk assessments to identify, document, and track significant information security risks associated with
  • Development
  • Information systems
  • Data centers
  • Cloud and physical IT infrastructure
  • Vendors and other third parties
  • Monitor and review IT Security controls to identify operational effectiveness
  • Map controls to policies, standards, procedures, and process to ensure compliance
  • Manage remediation efforts and track completion status of deficiencies
  • Work with other control teams and other security tools to collect and maintain security and risk information
  • Provide security consulting services to business owners and stakeholders of the entire Unilab Health Group.
  • Maintain broad knowledge of best practices and trends in the field of Information Security and other technologies relevant to systems operated by the Operations teams
  • Interface with technical teams, stakeholders and leadership teams to translate security risk mitigation plans into actionable items to mitigate risk and drive compliance.
  • Required Skills

  • Must have experience implementing or assessing security in a mixed platform environment (cloud and in-premise)
  • Extensive knowledge of security technologies and risk assessment methodologies, policies and processes
  • Desire to rapidly learn new and evolving technologies in a fast-paced environment
  • Must have at least 2 years’ experience working within the technical arena with 2 plus years of information security work experience.
  • Strong technical background in IT systems and networking in Cloud environments
  • Experience using vulnerability assessment tools and writing risk mitigation plans according to the assessment
  • Excellent analytical, evaluative, and problem-solving abilities
  • Must have demonstrated ability to collaborate with technical and non-technical teams to further the goals and mission of the Security Risk and Compliance team
  • Excellent written and oral communication skills, as well as interpersonal skills including the ability to articulate to both technical and non-
  • technical audiences and translate this to actionable reports that management can drive.

  • Experience with RA10173, Data Privacy Act of 2012 and CIS-CSC compliance programs as well as their technical and security requirements
  • Experience in security standards such as ISO 27001, 27002, 27005; NIST, COBIT, ITIL
  • Ability to work independently and with minimal supervision
  • A bachelor's degree in Computer Engineering, Information Technology or Computer Science or any related Engineering discipline plus certifications like CEH, CISSP, CISA is an advantage.
  • Familiarity in working in a company and driving the transformation across different subsidiaries is a plus.
  • Apply
    Add to favorites
    Remove from favorites
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Application form