Do you want to take the first step in making Filipinos’ lives better everyday? Here in GCash we want to stay at the forefront of the FinTech industry by creating innovative, meaningful, and convenient financial solutions for the nation! G ka ba? Join the G Nation today!
DUTIES AND RESPONSIBILITIES:
Enterprise
Lead information security and data privacy audits and assist in securing industry standard certifications or reports including ISO 27001, PCI-DSS, and SWIFT.
Evaluate any related external frameworks or standards (e.g., ITIL, COBIT, National Institute of Standards and Technology [NIST], etc.) or internal standards to determine relevant information security and data privacy compliance requirements and controls.
Periodically review and update Globe’s Corporate Information Security Policy, Data Protection Policy, IAM Policy, and other related policies, processes, and manuals to ensure the management of information security and data privacy risks.
THIRD-PARTY
Conduct Vendor Risk Assessments to determine third-party compliance with Globe’s information security and data privacy control requirements.
Communicate compliance standards and requirements to relevant third parties.
Establish and implement a consequence management process for third party violations of information security and data privacy control requirements.
Periodically review and update information security and data privacy control requirements, third-party contracts, and processes to ensure the management of information security and data privacy risks.
Support the DPO in monitoring information security and data privacy risks of the Globe Group of Companies.
Build and maintain a risk register and report levels of information security and data privacy risk and effectiveness of controls to key stakeholders.
Coordinate with the legal team to identify all relevant information security and data privacy compliance requirements.
Improve Globe’s privacy compliance posture by leading and participating in information security and data privacy-related audits and compliance initiatives.
Engage in continuous data privacy training and education.
Perform all other duties and tasks that will promote information security and data privacy.
KPIs:
Define, communicate and enforce effective Vendor Management Policies across Globe Telecom, third-party partners, and subsidiaries.
Establish a roadmap that works toward a best-in-class data privacy organization
Maintain an effective Vendor Risk Management Practice
Build superior capabilities and competencies of our people.
Assess investments that will provide the highest return either by engaging to new partners or reusing existing assets and improve it to a more usable tool that will be beneficial to everyone in the organization.
TOP 3-5 DELIVERABLES:
Lead information security and data privacy audits and assist in securing industry standard certifications or reports including ISO 27001, PCI-DSS, and SWIFT.
Evaluate any related external frameworks or standards (e.g., ITIL, COBIT, National Institute of Standards and Technology [NIST], etc.) or internal standards to determine relevant information security and data privacy compliance requirements and controls.
Periodically review and update Globe’s Corporate Information Security Policy, Data Protection Policy, IAM Policy, and other related policies, processes, and manuals to ensure the management of information security and data privacy risks.
What We Offer
Opportunity for career growth and development in the #1 FinTech company in the country Working with a dynamic and highly collaborative team who want to change the game A company that values their people with highly competitive and flexible compensation and benefits package