Business Unit Security Officer
Manulife
- Makati City, Metro Manila
- Permanent
- Full-time
- Perform Canadian Business Unit project and technology information risk assessments including assessing risks and define controls as well as tracking the implementation of controls.
- Design, document and/or implement BAU security controls applicable to the cloud-based infrastructure, platform, and services.
- Evaluate products for implementing security controls in the cloud or on-premises spaces.
- Responsible for the execution of information risk assessment processes in compliance with global Information Risk Assessment methodology.
- Ensure the appropriate steps are taken to ensure the Information Risk Assessment process is followed in integration with other related processes: architecture review, project risk management framework, etc.
- Manage the priorities between the tasks assigned with input from the risk owners.
- Attend project meetings, provide timely updates, advise on risks and impact around the changes.
- Ensure each information risk assessment completed is peer-reviewed & communicated to larger distribution to various stakeholders.
- Provide training to key stakeholders around the information risk assessment processes.
- Respond to audits, regulatory reviews, risk and controls self-assessments.
- Degree holder of Computer Science, Information Technology, Software Engineering, Business Administration, or relevant educational and professional experience.
- Relevant professional designations (e.g., CISSP, CRISC, CISM, CISA, GSEC).
- 5+ years of experience in a combination of relevant technical disciplines in the field of Information Security: network security, application security, identity and access management, IT operations security, vulnerability management, information protection, physical security, cybersecurity.
- 5+ years of IT/Information Risk management experience: vendor risk management, project risk management, IT audit or IT controls assessment.
- Deep knowledge of cloud computing security and IaaS, PaaS, or SaaS environments.
- Knowledge of security frameworks (e.g., ISO 27001, COBIT), regulatory requirements and standards (e.g., NIST, GDPR, Sarbanes-Oxley).
- Strong communication, presentation, and facilitation skills to all levels and audiences.
- Influence behavior to reduce risks and foster a strong information security risk management culture.
- Problem solving, analytical, and innovative mindset.
- Strong team player (collaborative).
- Strong time management and organizational skills to manage multiple tasks and changing priorities.
- Knowledge and understanding of the financial industry is preferred.
- You obsess about customers, listen, engage and act for their benefit.
- You think big, with curiosity to discover ways to use your agile approach and enable business outcomes.
- You thrive in teams and enjoy getting things done together.
- You take ownership and build solutions, focusing on what matters.
- You do what is right, work with integrity and speak up.
- You share your humanity, helping us build a diverse and inclusive work environment for everyone.
- A competitive salary and benefits packages.
- A growth trajectory that extends upward and outward, encouraging you to follow your passions and learn new skills.
- A focus on growing your career path with us.
- Flexible work policies and strong work-life balance.
- Professional development and leadership opportunities.
- Values-first culture