Security Monitoring Center Head (Senior Officer)

About the Job

Location: Makati City

Corporate Title: Assistant Vice President to Vice President

Work Arrangement: Hybrid

Our Information Security & Data Protection Office team is looking for experienced professionals to join us in Makati City with the role of Security Monitoring Center Head.

In this role you will have to oversee daily cybersecurity operations, including threat detection and response, while spearheading the bank's cybersecurity program to enhance its security posture and resilience through strategic leadership and continuous improvement initiatives. Lead the implementation and upkeep of advanced security measures, processes, and technologies to safeguard the company's infrastructure and assets, while proactively addressing emerging threats and enhancing security controls to mitigate risks effectively.

Your dream. Our focus.

Whether you're just starting out, or already a seasoned professional, EastWest can help you unleash your potential, and bridge the gap between dream to success.

At EastWest, we empower our employees to drive their careers and are committed to provide the runway for them to grow. We value teamwork and individual initiative. Join us and be part of a highly engaged team, and a workplace that promotes development and goal attainment.

Over 29 years, EastWest has emerged as one of the most consumer-focused universal banks in the Philippines. EastWest is committed to continuously invest in people and in process, product, and service enhancements, and embrace new ideas to enhance the EastWest experience.

What the role will entail

• Lead the development and implementation of an annual cybersecurity operations strategy, overseeing Security Operations Center (SOC) activities, including daily detection, reporting, and project management.
• Spearhead the deployment and maintenance of cybersecurity detection systems and tools, such as SIEM and threat intelligence systems, while leading the design and implementation of comprehensive training programs for team members.
• Oversee the systematic collection of cybersecurity metrics, ensure effective communication of vulnerability threat assessments, and orchestrate the Bank's response to incidents, while continuously evaluating and enhancing security controls and risk management frameworks.
• Spearhead the development and execution of advanced threat management services, leveraging in-depth analysis of threat feeds to prioritize and address evolving cyber threats across the organization.
• Oversee executive-level reporting and management of a comprehensive threat database, collaborating with Risk Management teams to escalate risks, develop mitigation plans, and provide regular updates to senior management and stakeholders.
• Drive strategic alignment between security solutions and the organization's strategy, leading the design and implementation of robust security measures to mitigate risks and align with business objectives.
• Oversee day-to-day security operations, manage security staff, and ensure adherence to policies and controls, while coordinating with internal stakeholders to maintain comprehensive security coverage and compliance.
• Lead all Cybersecurity incident response processes, serving as Incident Response Leader to ensure swift and coordinated actions for containment, eradication, and recovery, while championing planning and training initiatives to enhance incident preparedness.
• Build and mentor teams of security experts, architect end-to-end incident management processes, and establish operational standards for continuous improvement, ensuring the Bank's readiness to address evolving cyber threats effectively.

What were looking for

• Bachelor's Degree in either Computer Science, MIS, Business Management or any related course
• Certified training in security management, risk and compliance solutions and practices (i.e. CISSP, C-CISO, CISA, CISM, GSEC, CRISC) is required
• Experience managing vendor sourced solutions and consultants, ensuring vendor performance and deliverables meet specifications, as well as managing complex information technology programs, preferably within the financial services or information security industries
• Experience in security with security technologies (i.e., Anti-malware, DLP, Threat Detection and Response, Platform Security, etc.).
• At least 10 years of broad technology experience in application development and infrastructure services with a strong record of success in managing information security, with specific focus on resiliency / continuity planning, auditing and risk management, is highly preferred
• Deep working knowledge of industry best practices (NIST, ISO, SANS, COBIT, CERT) and Legislative and Regulatory and Industry Compliance Requirements (SOX, PCI, HIPPA, etc.)
• Ability to communicate security-related concepts, the state of security and risks, as well as cost effective program design and mechanics to a broad range of stakeholders
• Accomplished and effective change leader with prior people management responsibility
• Demonstrable evidence of ability to implement and drive adoption of risk management programs.
• Ability to direct members across the organization, ensuring alignment of resources across functions and matrix.
• Creative, innovative and thorough approach with the ability to operate autonomously

What you can expect from joining our team

• Career development and training opportunities
• Competitive salary package and benefits
• Performance-based incentives and recognition programs to reward high-performing individuals
• Opportunity to work with industry experts and be mentored by them
• Defined career progression paths to guide you in your professional growth