We’re looking for a Senior Information Security & IT Operations to lead and support the global organization. In this role, you lead all aspects of the client's security and data privacy and protection, drive compliance projects and build our InfoSec Roadmap across the organization. You will help champion corporate best practices and key security initiatives including risk management, effective application security programs, policies and standards to fortify the client's commitment to assuring the trust of our customers and partners.
Responsibilities
Strategy & Planning:
Develop, implement, and monitor a comprehensive security program and policies focused on ensuring the availability, confidentiality, and integrity of owned information that is controlled or processed
Design and implement an effective corporate-wide security awareness training program
Act as Point of Contact by engaging in ongoing communications with peers, senior IT management as well as the various business groups to ensure enterprise wide understanding of security goals
IT Operation Management:
Procuring and managing IT inventory (quoting, receiving goods, software management/license compliance, etc.) and update documentation
Managing and monitoring all end-user devices via MDM (i.e. Moysle, Maraki, Jamf or similar) and ensuring all devices are kept up to date
Owning and managing a suite of SaaS tools such as OneLogin, GSuite, MS Office, Slack, RingCentral and more as well as integrate new SaaS tools
Application Security:
Own Security in SDLC, Security Reviews, Vulnerability Scans, Code Analysis
Build and drive security roadmap items
Organize application Pen Testing and remediation process
Respond to Security questionnaires
Application Security:
Own Security in SDLC, Security Reviews, Vulnerability Scans, Code Analysis
Build and drive security roadmap items
Organize application Pen Testing and remediation process
Respond to Security questionnaire
Create and maintain a Risk Register and conduct Risk Assessments
Lead certification efforts and audits around ISO, SOC etc.
Maintain agreements and inventory of sub-processors (location, business purpose, data shared with, etc.)
Qualifications
5+ years of related work experience
Excellent communication, documentation and organizational skills
Certification or Bachelors degree in Engineering, IT, Information Security or similar fields
Deep understanding of IT controls and IT audit methodologies
Experience managing Governance, Risk and Compliance frameworks
Have familiarity and experience with standards and compliance frameworks like ISO, CSA, SANS, OWASP, NIST, SSAE SOC, ITIL, etc. and strong regulatory and compliance knowledge of CCPA and GDP
Unlock Global Potential with HGS
We are HGS Offshore Staffing Solutions, a premier global partner in building offshore teams in the Philippines, with over 1,500 professionals across Metro Manila and Cebu.
Our goal is to ignite global potential by connecting exceptional talent with companies worldwide. We are committed to propelling your career forward by providing opportunities for growth, where your expertise can flourish in any field. Here, you'll have access to global industries, continuous training opportunities, and a culture where your voice always matters.
At HGS, we go beyond recruiting talented individuals, we cultivate a vibrant community. You'll be able to grow alongside your peers through professional development opportunities at your fingertips and connect with teammates during exciting company events. Our monthly huddles keep you connected with your team and colleagues. We also foster a dynamic community with our charity initiatives, reminding us that our careers can make a real difference. Whether you work remotely or side-by-side, you are always part of the team at HGS.