T

Compliance Consulting Senior Analyst

Trends Group, Inc.
On-site
Makati, Metro Manila, Philippines

I.        PURPOSE


 


Manage and support information systems and security implementation and audits in accordance to set objectives. Continuously develop and enhance information systems and security knowledge and skills through participation in upskilling activities, training and awareness initiatives appropriate to the position.


 


II.      DUTIES AND RESPONSIBILITIES



  • Manage internal and external audit and consultation projects delegated by the Compliance Consulting Manager or Compliance Service Head and contribute to the attainment of set goals and established key metrics through effective project plan implementation.

  • Demonstrate the Compliance Consultant role and subject matter expertise by providing relevant, industry-recognized best practices, standards and regulatory recommendations and advisories for both internal and external communications.

  • Enhance information security knowledge and skills through continued learning and participate in credential-building activities to gain the prescribed certifications. Immerse in and facilitate group-initiated activities that promotes soft skills development required for the role.

  • Conduct information systems audit/assessment and prepare audit reports that identify technical and procedural findings and provide recommended remediation strategies/solutions.

  • Assist top management in developing its respective management system as required by certification standards such as ISO 27001, ISO 22301, ISO 27701, etc.

  • Lead the development and control of management documentation such as policies, guidelines, and procedures as necessary.

  • Establish and maintain the organization’s Risk Management methodology based on the context of the organization.

  • Conduct of the internal audit program as facilitated by the internal audit team. As well as providing assistance to the organization on the preparation for external audit, during the audit, and post-audit activities.

  • Maintain and enhance the organization’s management systems programs through the development of awareness initiatives, monitoring of metrics based on objectives.

  • Leads in the conduct of quality checks through periodic sampling, random checking for quality of tickets, reports and calls.

  • Support performance monitoring of the team through proactive feedback.


 


III.    QUALIFICATIONS


 


A.    Minimum Education



  • Bachelor’s Degree of any Information Technology, Accounting or Engineering-related studies


B.    Minimum Experience/Training



  • Has experience in project and/or program management

  • Certifications related to Information Security (CISA, CEH, CCNA, CCNP ,etc) is an advantage

  • Certifications related to standards and framework such as ISO 27001, ISO 22301, ISO 27701, ISO 20000-1, PCI-DSS, COBIT and ITIL is beneficial.


C.    Competency



  • Must have good communication and presentation skills

  • Must be assertive, confident, has critical thinking and good decision-making capabilities

  • Knowledge of computer networking concepts and protocols, and network security methodologies. 

  • Knowledge of risk management processes (e.g., methods for assessing and mitigating risk). 

  • Knowledge of cybersecurity threats and vulnerabilities. 

  • Knowledge of industry-standard and organizationally accepted analysis principles and methods. 

  • Knowledge of Risk Management Framework (RMF) requirements. 

  • Knowledge of organizational process improvement concepts and process maturity models (e.g., Capability Maturity Model Integration (CMMI) for Development, CMMI for Services, and CMMI for Acquisitions). 

  • Knowledge of service management concepts for networks and related standards (e.g., Information Technology Infrastructure Library, current version [ITIL]).

  • Ability to understand technology, management, and leadership issues related to organization processes and problem solving.

  • Ability to understand the basic concepts and issues related to cyber security and its organizational impact.

  • Ability to facilitate group discussions.

  • Ability to prepare and present briefings.

  • Ability to work across departments and business units to implement organization’s privacy principles and programs and align privacy objectives with security objectives.

  • Ability to understand the basic concepts and issues related to cyber and its organizational impact.

  • Strong time management skills to be able to handle multiple tasks or projects and deliver outputs within agreed timeline.




IV.    WORKING CONDITIONS



  • Regular working hours

  • Hybrid work set up.

  • Main office is in Makati City, job may require you to travel to client’s offices for onsite activities.

Open
Share this job
Twitter Facebook Linkedin Email
Job expired?