Security Governance & Assurance Head

About the Job

Location: Makati

Corporate Title: Assistant Vice President to Vice President

Work Arrangement: Onsite

Our Information Security and Data Privacy team is looking for experienced professionals to join us in Makati with the role of Security Governance & Assurance Head.

In this role you will lead and align security duties across the Bank to ensure consistent control objectives and solutions while fostering relationships and collaborating on security governance and principles. You will also provide expert security advice manage and lead information security teams and oversee vulnerability management and penetration testing to secure all key assets.

Your dream. Our focus.

Whether youre just starting out or already a seasoned professional EastWest can help you unleash your potential and bridge the gap between dream to success.

At EastWest we empower our employees to drive their careers and are committed to provide the runway for them to grow. We value teamwork and individual initiative. Join us and be part of a highly engaged team and a workplace that promotes development and goal attainment.

Over 29 years EastWest has emerged as one of the most consumer-focused universal banks in the Philippines. EastWest is committed to continuously invest in people and in process product and service enhancements and embrace new ideas to enhance the EastWest experience.

What the role will entail

• Develop implement and update the Banks security policies standards strategies and frameworks aligned with business risks and regulatory requirements.
• Integrate information security controls into business processes through cross-organizational collaboration and an information security management system.
• Conduct enterprise-wide information security risk analysis implement risk treatment plans and develop metrics for periodic monitoring.
• Implement process improvements to enhance the efficiency and effectiveness of information security management systems and address security weaknesses.
• Collect regular stakeholder feedback to drive service improvements and oversee the review and refresh of information security governance materials.
• Oversee the preparation and monitoring of the annual budget audit compliance activities and ensure timely delivery of ISDPO initiatives and programs.
• Lead the recruitment development and retention of critical talents in ISDPO establish performance standards and drive employee engagement.

What were looking for

• Holder of a Bachelors Degree in ICT Computer Science any related field
• Must have at least (2) Professional Security certifications (. CISSP CISM)
• Established experience in PCI-DSS ISO27001 NIST Cybersecurity Framework Data Privacy program implementation
• Experience working in security at a banking industry or similar environment as well as managing a team are required
• At least 10 years work experience in Information Security Network Security IT Security Cybersecurity IT Risk Management or related role.
• Proficiency with VAPT tools such as Kali Linux Tenable Rapid 7 Metasploit Burp Suite Qualys Nmap etc.
• Knowledge of vulnerability scanning source code analysis advanced network protocol manipulation and custom penetration testing tool creation
• Strong understanding of Networking (TCP/IP SSH SFTP VPN Firewalls Routers etc.) and Server and workstation operating systems (Windows Linux etc.)

What you can expect from joining our team

• Career development and training opportunities
• Competitive salary package and benefits
• Performance-based incentives and recognition programs to reward high-performing individuals
• Opportunity to work with industry experts and be mentored by them
• Defined career progression paths to guide you in your professional growth