Senior Information Security Manager For Information Security Group ISG

Discover your 100% YOU with MicroSourcing!

Position: Senior Information Security Manager for Information Security Group (ISG)

Location: Metro Manila

Work setup & shift: Hybrid| Flexible

Why join MicroSourcing?

Youll Have

• Competitive Rewards: Enjoy above-market compensation, healthcare coverage on day one, plus one or more dependents, paid time-off with cash conversion, group life insurance, and performance bonuses
• A Collaborative Spirit: Contribute to a positive and engaging work environment by participating in company-sponsored events and activities.
• Work-Life Harmony: Enjoy the balance between work and life that suits you with flexible work arrangements.
• Career Growth: Take advantage of opportunities for continuous learning and career advancement.
• Inclusive Teamwork: Be part of a team that celebrates diversity and fosters an inclusive culture.
  
  

Your Role

The Sr. Information Security Manager, reporting directly to the Vice President of IT, is a pivotal role responsible for overseeing and executing the organisations information security strategy.

This role plays a critical part in safeguarding the confidentiality, integrity, and availability of sensitive information assets while ensuring compliance with relevant regulations and standards. The Sr. Information Security Manager will lead a team of security professionals and collaborate with cross-functional departments to implement and enhance the organisations information security framework.

Key Responsibilities And Accountabilities

The Senior Information Security Manager for Information Security Group will be responsible for the following:

• Managing and mentoring the Information Security Group (ISG), ensuring team members are well-trained, motivated, and equipped to provide effective support services.
• Define, review and update Information Security Groups service level agreements (SLAS) aligned to the companys business goals and objectives.
• Ensure that SLA commitments are met and achieved, including monitoring and reporting of the same to company stakeholders, both internal and external.
• Strategic Planning:
• Continuously assess and adapt security measures to evolving threats and technological advancements.
  
  

Risk Management

• Identify, assess, and mitigate information security risks across the organisation.
• Security Policy and Procedure Development:
• Develop, implement, and enforce information security policies, standards, and procedures to ensure compliance with industry best practices and regulatory requirements.
  
  

Incident Response

• In conjunction with Information Security Governance Lead and Head of IT, develop and maintain an incident response plan.
• Lead investigations into security incidents, coordinate responses, and ensure timely resolution.
  
  

Security Awareness Training

• Develop and deliver security awareness training programs for employees, contractors, and stakeholders to promote a culture of security awareness throughout the organisation.
  
  

Vendor Risk Management

• Assess and manage third-party vendor security risks, including conducting security assessments and ensuring vendors adhere to security requirements.
  
  

Security Audits And Compliance

• Monitor and enforce compliance with relevant regulatory requirements, industry standards, and contractual obligations.
• Prepare for and manage security audits and assessments.
• Ensure the organisation maintains certification to ISO-27001, PCI-DSS and Essential 8.
  
  

Health & Safety of our People

• Ensure a safe, healthy and sustainable workplace for all employees and contractors, report workplace hazards, and provide a safe and positive workplace.
• Complete all necessary training and compliance requirements and professional development opportunities.
• overseeing external counsel for favorable settlements.
  
  

Qualifications

• At least 10-12 years related work experience specifically at least 7-8 years in Information Security and Compliance; 5-7 years in a managerial/lead role in an IT/InfoSec environment.
• Candidates must possess at least a Bachelors/College Degree or IT-related course.
• Strong understanding of security frameworks, regulations, and best practices (e.g.,ISO 27001, PCI-DSS, Essential 8).
• Deep understanding of cybersecurity frameworks, regulations, and best practices.
• Industry certifications such as CISSP, CRISC or equivalent are desirable.
• Analytical and team management skills are a must.
• Should exhibit strong leadership, interpersonal, communication and decision-making skills.
• Very strong client relationship and Account management with experience handling medium to large complex accounts.
• Ability to work well under pressure, multi-task and meet demanding deadlines.
• Must have effective interpersonal and communications skills.
• Good documentation and presentation skills.
• Call Center / BPO / SI / Provider work experience is highly preferred.
  
  

About MicroSourcing

With over 9,000 professionals across 13 delivery centers, MicroSourcing is the pioneer and largest offshore provider of managed services in the Philippines.

Our commitment to 100% YOU

MicroSourcing firmly believes that our companys strength lies in our peoples diversity and talent. We are proud to foster an inclusive culture that embraces individuals of all races, genders, ethnicities, abilities, and backgrounds. We provide space for everyone, embracing different perspectives, and making room for opportunities for each individual to thrive.

At MicroSourcing, equality is not merely a slogan – its our commitment. Our way of life. Here, we dont just accept your unique authentic self - we celebrate it, valuing every individuals contribution to our collective success and growth. Join us in celebrating YOU and your 100%!

For more information, visit https://www.microsourcing.com/

• Terms & conditions apply

---