Share this Job

Manager - Cyber Policy and Strategy Planner

Aboitiz Equity Ventures, Inc.
Regular

Taguig, Metro Manila, PH, 1634

Posted:  Sep 13, 2022

Here at Aboitiz, success means winning together to shape a better future for people, planet, and profit. As we embrace innovation, we grow diverse industries and shape the country’s future. We create careers without boundaries for those who inspire their teams to rise with them. When you work at Aboitiz, you are part of a family committed to advancing business and communities.

Job Mission/Purpose

 

Lead and manage the execution of the cyber security strategy and programs and its maturity to ensure that information assets and associated technology, applications, systems, infrastructure and processes are adequately protected through the Cyber Security Program.

 

Lead and manage the delivery of Cyber security services, manage the requisite projects and conduct the necessary assessments and finance management and reporting mechanisms to support the Aboitiz corporate information security strategy and programs to support and advance business objectives.

 

Develops and maintains cybersecurity plans, strategy, and policy to support and align with organizational cybersecurity initiatives and regulatory compliance requirements.

Responsibilities

Cost Management:
Manage the Cybersecurity budget, optimize resources to provide more value and communicate this with the appropriate parties

 

Stakeholder Engagement:
● Supervise, manage and lead the delivery of reliable Cyber Security services that are centrally managed, aligned and compliant with the Aboitiz Group IT Management and Information Security Policies and the IT Security Minimum Standards.
● Facilitate process improvements and solutions to optimize the quality of IT security controls and/or services with the requisite due diligence and assessments of our 3rd Party service partners.

 

Execution Excellence - Governance:

● Manage the Cybersecurity Roadmap based on the Cybersecurity Maturity Model Framework.
● Manage the implementation of cybersecurity strategy and the programs (include strategic, personnel, infrastructure, requirements, policy enforcement, emergency planning, security
awareness, and other resources) for the protection of all information assets and measure the effectiveness and efficiency against the desired level of maturity.
● Ensure implementation of strategic, comprehensive cyber security programs to ensure appropriate levels of confidentiality, integrity, availability, safety, privacy and recovery of information assets owned, controlled or/and processed by the organization.
● Monitor activities and ensure that updates are provided for the regular reporting on the cybersecurity program.
● Serve as the secretariat supporting the Board Cybersecurity Committee and the Cyber Management Committee.


Execution Excellence - Risk Management:

● Ensure implementation of a risk-based process for the assessment and mitigation of cyber security and information security risks and compliance in the ecosystem consisting of supply chain partners, vendors, consumers and any other third parties.
● Facilitate and conduct cybersecurity risk assessment and risk management process (due diligence, documentation, validation and assessment and authorization) to assure that existing and new IT systems meet the organization's cybersecurity and risk requirements and meet the risk level acceptable to the Management or Business Units’ risk appetite.

Execution Excellence - Cyber Security Operations:

● Support the preparation and development of incident response plans and procedures (playbooks) to increase in the organization's readiness state, to mitigate immediate and potential threats, and to respond to crises or urgent situations.
● Participate and support investigation, analysis, response and recovery to cyber security incidents and events to ensure that business-critical services are recovered in the event of a security event and to protect corporate assets, intellectual property, regulated data and the company's reputation.
● Conduct threats and vulnerability assessments to determine deviations from the minimum standard and acceptable configurations, and assess the level of risk to develop and/or
recommend appropriate mitigating control to protect all information assets.

Build Human Capital:
● Support cybersecurity training and awareness initiatives for the different information security-related duties and responsibilities for all employees, contractors and approved system users.
● Manage and track the team's individual development plan, activities, and training to improve capability and achieve the desired competencies.
 

Education

Bachelor's Degree in Information Technology

Work Experience

At least 7 years of relevant work experience

JOB APPLICATION NOTICE:
We urge everyone to be vigilant against scams that involve fraudulent offers of employment with Aboitiz Equity Ventures. Scammers are falsely claiming to be representatives of Aboitiz, offering jobs in exchange for recruitment fees. Aboitiz does not ask for money from our applicants at any point of the job application process.