19F The Globe Tower, Philippines
39 days ago
Risk Governance Expert

At Globe, our goal is to create a wonderful world for our people, business, and nation. By uniting people of passion who believe they can make a difference, we are confident that we can achieve this goal.

Job Description This role is responsible for ensuring Globe is compliant with information security and data privacy standards and regulations. This includes identifying and mitigating risks, developing and implementing security measures, and collaborating with various teams to foster a strong security and privacy culture across the organization.

DUTIES AND RESPONSIBILITIES:

Assist in information security and data privacy audits and in securing industry-standard certifications or reports including ISO 27001, PCI-DSS, and SWIFT.

Maintain a risk register of information security, data privacy, and AI risk to effectively monitor and track risk and compliance.

Evaluate any related external frameworks or standards (e.g., ITIL, COBIT, National Institute of Standards and Technology [NIST], etc.) or internal standards to determine relevant information security and data privacy compliance requirements and controls. 

Identify and ensure that Globe complies with any applicable laws and regulations

Create, update, review, and cascade Information Security and Data Privacy policies and standards.

Conduct a review of processes and systems to determine compliance with policies or the effectiveness of controls.

Assess the compliance or maturity level of Globe against industry frameworks and standards.

Implement recommendations that will strengthen the security and privacy practices of Globe.

Perform maturity, compliance, or risk assessment to Globe Group against identified applicable frameworks or standards.

Support Globe Group in complying with the information security and privacy requirements as aligned with industry standards and applicable law/regulatory requirements.

Periodically review and update information security and data privacy control requirements, third-party contracts, and processes to ensure the management of information security and data privacy risks.

Support the DPO and the Privacy and Security Risk Governance Head in monitoring information security and data privacy risks of the Globe Group of Companies.

Coordinate with the legal, audit, enterprise risk, fraud, and other relevant teams to identify information security and data privacy compliance requirements.

Engage in continuous data privacy training and education.

Perform all other duties and tasks that will promote information security and data privacy.

KPIs:

Communicate and enforce Security and Privacy Policies across Globe Telecom and Third Party Partners.

Implement effective Security and Privacy Governance Practices.

Build superior capabilities and competencies of people.

TOP 3-5 DELIVERABLES:

Ensure policies and standards are reviewed and updated regularly, and create new policies as necessary

Maintain a comprehensive Risk Register and Risk and Compliance Dashboard to effectively track and monitor risk and compliance

Conduct audits on processes to ensure compliance with policies and assess Globe's compliance or maturity against industry standards.

HIRING REQUIREMENTS:

3 to 5 years of relevant experience (risk management, IT or information security audit or assessment).

Graduate of any 4-year related course (IT, Computer Engineering, Electronics & Communications Engineering)

Preferably has a background in telecommunications and/or digital technology

Strong knowledge of cybersecurity and industry leading frameworks

Knowledge in Artificial Intelligence Governance and Compliance

Experience with GRC platforms to manage risks, track compliance, and automate security tasks.

Ability to conduct security audits, assess the effectiveness of security controls, and identify areas for improvement.

Familiarity with different risk assessment methodologies (NIST, ISO 27005, FAIR) to identify, analyze, and evaluate risks.

Ability to communicate effectively with various stakeholders

Ability to create and implement policies and procedures

Preferably with certifications such as AIGP, CISA, CRISC, ISO 27001/27701 or PCI DSS Lead Implementer

Equal Opportunity Employer
Globe’s hiring process promotes equal opportunity to applicants, Any form of discrimination is not tolerated throughout the entire employee lifecycle, including the hiring process such as in posting vacancies, selecting, and interviewing applicants.

Globe’s Diversity, Equity and Inclusion Policy Commitment can be accessed here

Make Your Passion Part of Your Profession. Attracting the best and brightest Talents is pivotal to our success. If you are ready to share our purpose of Creating a Globe of Good, explore opportunities with us.

Confirm your E-mail: Send Email