Security Architecture and Engineering Head (Senior Officer)

About the Job

Location: Makati City

Corporate Title: Assistant Vice President to Senior Assistant Vice President

Work Arrangement: Hybrid

Our Information Security & Data Protection Office team is looking for experienced professionals to join us in Makati City with the role of Security Architecture and Engineering Head.

In this role you will have to design, operate, and optimize the Information Security Architecture and Engineering function ensuring that the core security and privacy principles, standards, and control requirements are adequately embedded in the people, process, and technology aspects by design and sustained all throughout the business operations lifecycle.

Your dream. Our focus.

Whether you're just starting out, or already a seasoned professional, EastWest can help you unleash your potential, and bridge the gap between dream to success.

At EastWest, we empower our employees to drive their careers and are committed to provide the runway for them to grow. We value teamwork and individual initiative. Join us and be part of a highly engaged team, and a workplace that promotes development and goal attainment.

Over 29 years, EastWest has emerged as one of the most consumer-focused universal banks in the Philippines. EastWest is committed to continuously invest in people and in process, product, and service enhancements, and embrace new ideas to enhance the EastWest experience.

What the role will entail

• Collaborate with the business and operations teams to understand their strategic objectives, goals, technology needs, and emerging trends.
• Lead the overall security architecture direction for the organization and ensure alignment with risk/threat models.
• Define enterprise-level security measures and reference architecture patterns and manage traceability between business strategy and cybersecurity.
• Provide expert technical guidance on the design and implementation of security capabilities to effectively mitigate security risks and threats arising from people, processes, and technology.
• Lead the collaboration with the enterprise architecture team to integrate enterprise security capabilities into the solution architecture.
• Manage collaborative risk assessment and threat modeling exercises with the enterprise architecture team to identify risks, prioritize them, and develop a roadmap for remediation in preparation for annual Risk Treatment Planning (RTP).
• Lead as the primary point of escalation for security architecture decisions that impact multiple teams across the Bank.
• Supervise a team to engineer security solutions to deliver and maintain core security infrastructure services and effect necessary enhancements to optimize efficiency and effectiveness in mitigating risks.
• Manage the integration of appropriate security controls into new projects throughout all phases of the development lifecycle, encompassing product design and development, product requirements solutioning, systems integration, infrastructure development, and application development, prior to production cutover.
• Lead the development of documented policies, standards, strategies, frameworks, roadmaps, and blueprints.
• Drive process improvement and control implementation projects by collaborating closely with internal and external stakeholders, ensuring comprehensive review and stakeholder engagement throughout the project lifecycle.

What were looking for

• Bachelors Degree in either ICT, Computer Science, any related course

• Holder of a Professional Security certification (i.e. CISSP, CISM, etc.)
• At least 10 years work experience in Information Security, Network Security, IT Security, Cybersecurity, IT Risk Management, or related role, as well as o implementing a security framework, solution and service, from design, engineering through implementation for a medium to large organization ideally gained from the banking industry or similar environment
• Proven expertise in designing, monitoring and optimizing security measures to protect information assets in cloud-based solutions setup (i.e. IaaS, PaaS, SaaS)
• Manifest sound working knowledge of industry leading practices (i.e. ISO, NIST, SANS, COBIT) and legislative / regulatory compliance requirements (i.e. PCI, DPA, BSP, etc.)
• Ability to analyze situations, challenges, and problems with perceptiveness and provide effective insights to address concerns

What you can expect from joining our team

• Career development and training opportunities

• Competitive salary package and benefits
• Performance-based incentives and recognition programs to reward high-performing individuals
• Opportunity to work with industry experts and be mentored by them
• Defined career progression paths to guide you in your professional growth