We are on the look-out for
Information Security Governance Consultant for our FinTech client in Australia.
An ideal candidate must be amenable to morning shift and to hybrid work set up in Paseo de Roxas, Makati (2x per week)
Job description: - Develop/ update and maintain information security controls framework mapped to ISO27001, PCI DSS, SoC2+ and APRA CPS234 and CPS230 requirements
- Design, document, update and maintain information security policies, standards, procedures, and technical baselines and guidelines aligned to NIST, ISO27001, PCI DSS, SoC2+ and APRA CPS234 and CPS230 requirements
- Develop/ update risk registers aligned with ISO27001, PCI DSS, SoC2+ and APRA CPS234 and CPS230 requirements
- Design/ build interactive SharePoint intranet site to enable easy access to information security documentation
- Design/ build SharePoint and/ or Protect ERM tool to enable on-going capturing and review of of evidence against the updated information security controls framework
- Design, develop and publish user information security awareness training content.
Qualifications:
- Strong understanding of IT governance frameworks (such as ITIL and COBIT)
- Strong understanding of security standards (ISO27001, ISO27002, NIST, PCI DSS); and
- Strong understanding of data privacy frameworks (such as GDRP) standards and requirements
- ITIL foundation certification
- ISO27001 certification
- Expertise in MS Sharepoint
- CISA, CISM or CISSP certifications is an advantage
Perks and benefits: - HMO on your first day with dependents, Yearly appraisal, 13th month pay, Paid leaves, Government mandated benefits, Equipment is provided
