Supports the Head of Security GRC in overseeing and executing the company's security compliance initiatives. This includes monitoring adherence to regulatory and internal policy requirements, conducting compliance audits, and liaising with internal and external stakeholders to ensure that the organization's cybersecurity posture aligns with compliance objectives
- Defines and monitors the implementation of the organization's compliance strategy, ensuring alignment with regulatory requirements and internal policies.
- Assists in updating and maintaining the Security Service Catalog relevant to the compliance services.
- Facilitates periodic training sessions during Security Committees to raise awareness and understanding of compliance requirements
- Maintains and drives periodic updates of Information Asset Register across all teams
- Responsible for capacity, resource, and budget planning for the Security team. That includes asset management and licensing for security services.
- Identifies risks specifically related to non-compliance and reports them to the Head of Security GRC.
- Supports Due Diligence Monitoring activities related to compliance.
- Creates and reports on compliance metrics and key performance indicators for IT and OT to the Head of Security GRC.
- Monitors and enforces compliance with Cyber Security Policies, Standards, Guidelines, and Procedures.
- Maintains ISMS compliance and monitors ISMS deliverables based on the ISO 27001 standard, while also creating specialized compliance dashboards
- Manages internal and external compliance audits, including preparation, execution, and follow-up actions.
- Bachelor’s Degree or any 4-year related course.
- A Master's degree in Business or Computer science is an advantage.
- At least 3 years’ experience in security governance, risk, compliance, or audit. Previous experience in OT environments is a plus.
- Experience leading small teams is an advantage but not required
- Demonstrated experience in managing compliance-related projects.
- Professional security certifications like CISSP, CISA, and CISM are preferred but not required. ISO certification is a plus.
- Job Level
- Entry Level / Junior, Apprentice
- Job Category
- IT and Software
- Educational Requirement
- Bachelor's degree graduate
- Recruiter response to application
- Once in a while
- Office Address
- NAC Tower, 32nd Street, Bonifacio Global City
- Oil / Energy / Solar / Greentech
- 1 opening