Information Security Risk Officer | Hybrid | Sri Lanka
Job Details
permanent
Sri Lanka
Emapta
02.11.2023
Want updates for this and similar Jobs?
Full Job Description
Make your mark in the world of global technology.
In the ever-evolving world of IT, there is
nothing more career-fulfilling than making your own mark and leaving a
legacy. Today, technology changes the world in massive ways we cannot
imagine, creating things we thought could never exist, and
revolutionizing the way we live. It must feel satisfying and
successful to contribute to the changes and be the name behind an
innovation that reshaped the world of the global outsourcing
business.
Introducing our
Information Security Risk Officer role, your new path to a revitalized
success. Imagine joining a team of motivated and globally competitive
individuals ready to conquer the world, while staying in your home
country, surrounded by your peers, friends, and family. Envision
having a flourishing global career that not only helps you, but also
aims to empower your fellow Filipinos to reach beyond their potential
and achieve their international dreams.
And the best part? You get to do this in a harmonious
blend of work-from-home and onsite arrangements, allowing you to work
in the comfort of your home office and rise alongside an energized
team.
Whom you’ll work with:
Be part of a company that
empowers people to fulfill their international dreams.
You will be working with an outsourcing company
that builds stable international careers with above-market salaries,
plenty of growth opportunities, and a company culture that puts yours
and its people’s needs in front and center. With over 500 global
partners that prefer opening remote jobs in the country, our vision is
to help you and thousand more Filipinos reach your full potential and
dreams without the need to leave the country and work abroad.
Here, you will be surrounded by
likeminded and globally competitive individuals from around the globe,
catapulting you to heights you’ve never seen before and allowing you
to leave a lasting legacy in the world of outsourcing. As your gateway
to international success, you indulge in the comfort of work-life
balance topped with above-market compensation and superior
benefits.
Job Description
The Information Security
Risk Officer will contribute their expertise, training, and
abilities to support the Information Security Department. Their
primary responsibilities include managing client-facing and
client-level security risks, as well as actively participating in the
launch of new campaigns for both new and existing clients, ensuring
the collection of essential security requirements.
Here’s an overview of your future role:
Employment Type: Full-time
Schedule: 4:30 AM to 1:30 PM
Work Arrangement:
Hybrid, Sri Lanka
What do you
need to succeed?
- 2-5 years of experience in
IT audit, IT Governance/Risk/Compliance, data privacy, or information
security management
- Excellent written and oral
communication skills, as this role involves client-facing
responsibilities
- Proficient knowledge of ISO 27001,
PCI-DSS, SOC 2 Security, and Data Privacy Laws, such as EU-GDPR and
PH-DPA
- Strong familiarity with and experience in
managing endpoint and network security controls, including Windows
GPOs, VPN, DLP, RMM, Anti-Malware, and NGFW
- Proficiency
in creating risk-control matrices (RCM) and security risk reports
- Strong project management and interpersonal skills
What awaits you in this role?
- Client-Facing & Client-Level Security Risk
Management
- Participation in the launch of new
campaigns with new or existing clients, gathering necessary security
requirements for the creation of client risk profiles, and
implementation of commensurate security controls
- Facilitation of control activity tests with test users before full
security control implementations
- Maintenance of risk
registers and security information inventory for each of Emapta’s
clients
- Presentation of value-adding security
recommendations to clients
- Involvement in addressing
existing and prospective client security concerns or responding to
their written questionnaires
- Compliance with Security
Certifications (e.g., ISO 27001, SOC-2, PCI-DSS)
- Conducting Gap Analyses and Internal Audits in alignment with
security standards, regulations, and frameworks (e.g., ISO 27001,
SOC-2, PCI-DSS)
- Collaboration with Process Owners and
provision of recommendations
- Close monitoring of
identified security and compliance gaps and continuous follow-up for
remediation actions and artifacts
- Creation and
maintenance of policies
- Development of new security
policies (if needed to remediate gaps)
- Periodic review
of policies to align with changes in security processes or to update
security policies in response to emerging critical risks
- Ensuring policy alignment with the requirements of standards and
regulations that Emapta aims to comply with
- Third-Party
Risk Management
- Assessment of security risks posed by
current and prospective vendors/partners and the technologies to be
acquired
- Maintenance of security risk profiles of
vendors
- Security Awareness and Education
- Collaboration with HR and Learning & Development Teams for the
mandatory annual completion of the Information Security and Data
Privacy Course by everyone in Emapta, including contractors with
access to Emapta’s private information
- Launch of
Awareness Programs, Phishing Exercises, Security Reminders, and Secure
Channels for reporting incidents of fraud, security breaches, or
noncompliance with policies
Why choose us?
- Competitive Package
- Medical
Life Insurance
- Hyrbid work arrangement
- Semi-flexible shift
- Standard government and Emapta
benefits
- Well-equipped, modern, and accessible
offices
- Fun engagement activities for employees
- Mentorship and exposure to global leaders and teams
With a wide roster of international clients from
various industries and a proven track record of success, Emapta
offers a stable foundation for your career . Team up with
like-minded professionals who are passionate about making a meaningful
impact through premium global opportunities at your fingertips. Apply
now and create a better future with us.
#EmaptaExperience
Report Job
Information Security Risk Officer | Hybrid | Sri Lanka
Emapta
Report to WhatJobs
All Direct Job Ads are subject to WhatJobs Terms of Service. We allow users to flag postings that may be in violation of those terms. Job Ads may also be flagged by WhatJobs. However, no moderation system is perfect, and flagging a posting does not ensure that it will be removed.