Security Assurance and Assessment Officer

Job Summary:

• Develop tactical plans and programs for the establishment and maintenance of the Bank’s third party information security risk management framework and ensure alignment with the enterprise risk framework
• Performs third party security, system security and information asset based risk assessment. Analyze and review of complex bank processes, application system and network security implementation and third party relationships to identify potential risk including the determination of risk mitigation strategies
• Analysis and review of complex application system and network security implementation on the current production environments to identify potential risk including the determination of risk mitigation strategies
• Recommend strategies to control risks from inadequate protection of confidentiality, integrity and availability of the information assets, processing facilities and connected services

Qualifications:

• Bachelor's Degree
• At least 3 years experience in IT audit and information security, preferably with a strong background on system security risk assessments
• Can perform information security risk-based prioritization decisions, analyze business risk, and can articulate complex business/risk trade-off recommendations and decisions
• Experienced on project security technical review and risk assessment
• Analytical and risk identification skills to analyze a variety of information security –related risk situations and develop recommendations on the best course of action
• Should also be abreast with security best practices and knowledge of common and emerging security threats
• Professional Certification may include CISA, CISM, CRISK, PCI-DSS, ISO-27001 LA or equivalent is an advantage

Other Details:

Rank: Junior Officer

Unit: Financial and Control Sector / Information Security Division / Security Quality Assurance and Risk Assessment Department

Location: Metrobank Center, BGC, Taguig City