Overview
Information Security Manager Jobs in Taguig, National Capital Region, Philippines at Pru Life UK
Title: Information Security Manager
Company: Pru Life UK
Location: Taguig, National Capital Region, Philippines
Information Security Lead is a senior cybersecurity leadership position intended to bridge the gap between security and business interests. Information Security Lead is responsible for developing and maintaining the organization’s security posture, managing risk, ensuring compliance, overseeing security training, cybersecurity, and investigating security incidents.
Technical Guidance
Manage and Ensure compliance with local technology related regulatory requirements and GGM policies
Performs self-assessments and provide attestation of compliance to technology related GGM policies
Manage technology and cybersecurity incidents
Manage technology and cybersecurity RCSA for and scenario analysis as first line owner
Prepare and submit technology and security update for management reporting
Review BISG metrics and address any control gap identified
Facilitate GISP solution implementation within LBU
Facilitate technology and security related audit
Oversee IT & security budget spending
Conduct technology and cyber security training to relevant stakeholders
Reviews and approves enhances access (e.g., Cloud Storage, SFTP, RMD, etc.)
Prepares and completes regulatory required documentations – e.g., Risk and Materiality Assessment, Critical System Assessment, Cloud Risk Assessment, Cloud Consultation Presentation, Internet Insurance Attestation, etc.
Manage the remediation of security-related issues raised by GISP teams.
Perform analysis and necessary coordination with relevant teams on the timely remediation of security related KRIs that falls below acceptable threshold.
Review and approve requests related to Email and Website access whitelisting.
Review, approve and release valid quarantined emails.
Review and approve security-related dispensations.
Review and approve Security Design Checkpoint (SDC) related requests
Manages and Conduct Third Party Security Assessment
Manages day-to-day activities in managing Technology risk
Manages and ensures compliance with Privacy laws. Performs day-to-day activities in managing Privacy risk (technology and non-technology related).
Qualifications:
Bachelor’s degree in information technology, Computer Science or other related courses with 10 years minimum work experienced as Business Information Security Officer. Insurance background is added advantage
Agile Methodology
End-to-end Software Development Lifecycle experience
Certifications (CISSP, CCSP, Project Management, CRISC, CISM, Security+)
Experience in one or more of the following:
Agile Strategy / Agile Transformation / Agile Operating Model
Lean Software Development Lifecycle
Fosters agile mindsets and behaviors, championing and influencing a culture of growth, self-leadership, and development.
Problem Solving and Decision Making
Leads solving complex problems and challenges that require the highest competency level as an expert in collaboration with key business stakeholders, tribes, and squads within the organization.
Scrum Master / PMP Certification is an advantage but not required.
ITIL v3/4 Certification is an advantage but not required.
At least 10 years minimum overall related experience to IT Security, Cybersecurity, Operations Risks Management. Manages his/her own team of IT security practitioners.
Join a team who is always asking: what can we do better?
We break down silos to improve our execution-focused approach, so we can use our advantage of scale, discover fresh perspectives, …
