Chief Information Security Officer - Bank - Up to 250K - Makati

Role: Chief Information Secutiry Officer
Job Rank: Senior Manager to AVP
Industry: Banking
Location: Makati
Set up: Onsite
Schedule: Mon-Fri
Salary: Up to 250K

General Function

The Chief Information Security Officer (CISO) shall be the primary responsible for formulating the Information Security Strategic Plan (ISSP) and Information Security Program (ISP) of the bank. He/She shall implement and manage the duly-approved ISSP and ISP. He/She shall coordinate and work with the business process owners and executives across different departments/divisions to ensure that information security requirements support business needs and security systems and processes are working as intended.

The CISO is a senior level executive with sufficient authority within the bank. The CISO shall report directly to the Risk Oversight Committee and report administratively to the President. To ensure appropriate segregation of duties, the CISO should perform the task of a risk manager and should be independent from the IT Department.

Specific Duties and Responsibilities

• Develop, implement and monitor a strategic, comprehensive enterprise information security plan.
• Develop and/or enhance information security programs.
• Provide leadership to the enterprises information security organization.
• Work directly with the business units to facilitate risk assessment and risk management processes.
• Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems, and services.
• Appropriately assess risk when business decisions are made, demonstrating particular consideration for the banks reputation.
• Assist with the overall business technology planning, providing a current
• knowledge and future vision of technology and systems.

Experience:

Minimum of 8 years of experience in a combination of risk management, information security and IT-related jobs.

Knowledge/Skills/Abilities:

• Strong knowledge of information security management frameworks such as, but not limited to, ISO/IEC 27001, NIST, PCI-DSS and BSP MORB Section 148.
• Demonstrate both technical acumen and critical thinking abilities. 
• Strong interpersonal and presentation skills.