As the Risk Management Specialist, your role is vital to the success of the QCBE department and contributing to our organization’s growth and success.
DUTIES AND RESPONSIBILITIES :
Drives compliance towards the industry’s recognized frameworks and methodologies
Monitors assigned project(s) to completion through timely follow up and coordination with the stakeholders
Reviews policies & procedures and recommend improvement based on industry’s best practices and client / stakeholder requirements
Conducts regular audit / floor sweep on the implementation of Acquire BPO's ISMS policies.
Shall act as an Information Security Awareness specialist to spearhead activities and programs increasing employee knowledge on Information Security.
Develops and drafts learning and media materials to increase employee awareness of Acquire BPO's policies.
Creates function based ISMS trainings to ensure that staff are aware of ISMS policies and procedures.
Generates security awareness program that meets industry's regulations, standards and compliance requirements.
Performs testing and spot-checks on the effectivity of Acquire BPO ISMS policies.
Generates noncompliance report for violation tracking and remediation.
Responsible for maintaining "Acknowledgment Forms" platform which host Acquire BPO's ISMS policies.
Provides assistance to employee inquiries about AIS, Acknowledgement Forms and Acquire Locker Management Application Inquiries.
Assists employees with compliance related concerns.
Shall ensure that newly published policies are communicated to key staff and department.
Works with members of management to develop and implement process improvements.
Participates in special projects assigned by the management.
SKILLS AND QUALIFICATIONS :
Analytical, demonstrates reasoned logic to decision making and judgments, considers external / internal factors and is able to recommend solutions in complex situations
Must be organized and able to handle multiple responsibilities, priorities and tasks with minimal supervision
Sound negotiation skills, able to foster a collaborative approach to manage conflict to achieve solutions
Has familiarity on PCI DSS ; CPISI Certification
Has familiarity on Risk Management and based on ISO 27001 and ISO 31000
Effective communication skills.
Practical knowledge of terminologies and technologies involved in information security.
Ability to produce clear, precise and concise written materials.
Can display knowledge of different message distribution techniques and channels to ensure information can reach employees.
Highly effective interpersonal skills, tailors approach and can influence behavior
Adaptable to changing situations
Intermediate knowledge in MS Office applications specifically Excel
Intermediate knowledge in photo editing and video editing applications.
Knowledge in audio and voice recording editing application is an advantage.
Knowledge of different performance management framework and methodologies is an advantage