Primary Function: Responsible for assisting in data gathering, validation, and analysis in relation to the company’s information security practices, its documentation, implementation, and evaluation covering existing and new practices, policies and processes.
1. Details out workflow and establishes and embeds necessary controls based on ISO 27001.
2. Provides relevant information/data for identified process deviations and incidents as a means to aid the Information Security Lead in formulating appropriate and specific action plans that will address such deviations.
3. Develops presentation materials on policy implementations; documents agreements and concerns related to the presentations made to concerned parties.
4. Monitors test run/pilot of new or modified policies, processes, and procedures, addresses concerns of process owners that affect the company’s information security practice.
5. Monitors and reports fulfillment of Service Level Agreements (SLAs) of assigned departments.
6. Performs other tasks that may be assigned by the CISO.
7. Conducts non-financial (process and IT systems) audit to determine conformance to information security policies and standards, identify reasons and implications of non-conformance, report audit results, gather commitments from concerned functions to resolve issues, and monitor progress of resolutions.
8. Provides inputs to Gap Analysis of existing company processes vs. proposed processes based on audit results including industry trends prior to actual recommendation in support to identifying process areas for improvement.
· Graduate of Computer Science, Information Technology, or any related field. Preferably with securityrelated certifications.
· With at least 3 years of related work experience
· Willing to be assigned in Ortigas or Novaliches