Risk Control Officer

Sterling Global Call Center Inc.

Mustahak
RM3.6-7.2K[Bulanan]
Di lokasi - Pasig3 - 5 Tahun PengalamanSarjana MudaKontrak
Kongsi

Keterangan Kerja

The Risk & Compliance Officer owns the day-to-day operation of the organization’s Governance, Risk, and Compliance program. The role identifies and assesses risks, maintains the control framework, drives remediation with control owners, and ensures ongoing compliance with applicable standards, contracts, and regulations (e.g., ISO 27001:2022, SOC 2, PCI DSS, Data Privacy Act of 2012, HIPAA as applicable). The officer partners with IT, Security, Operations, Legal, HR, and third parties to keep risk within appetite and audit-ready.


Key Responsibilities


  • Governance & Policy: Maintain and update Information Security & Privacy policies; ensure dissemination and alignment with control frameworks.
  • Risk Management: Conduct periodic enterprise and vendor risk assessments; maintain the Risk Register and oversee mitigation plans.
  • Compliance & Audits: Lead readiness for ISO 27001, SOC 2, and regulatory audits; support client due diligence and gap remediation.
  • Vendor Security: Manage supplier security due diligence, contract reviews, and ongoing risk monitoring.
  • Control Assurance: Validate and monitor key security controls (access, vulnerability, backup, EDR, SIEM, encryption).
  • Training & Awareness: Implement annual security and privacy training; conduct targeted awareness campaigns.
  • Incident Support: Assist in incident response, RCA, and change management reviews.
  • Reporting: Deliver regular GRC dashboards and act as point of contact for audits and client security inquiries.


Qualifications


  • Education: Bachelor’s degree in IT, Information Security, Business, or related field (or equivalent experience).
  • Experience: 3–7+ years in Risk, Audit, Information Security, or Compliance (GRC) roles.
  • Frameworks: Hands-on with at least two — ISO 27001, SOC 2, PCI DSS, NIST CSF, HIPAA, or PH Data Privacy Act.
  • Technical Skills: Strong grasp of access control, vulnerability management, incident response, SIEM, and cloud/SaaS security.
  • Communication: Able to translate technical risk into business impact.

Preferred Certifications: ISO 27001 Lead Implementer/Auditor, CISA, CISM, CRISC, PCI ISA/PCIP, CIPM/CIPT, ITIL, or PH DPO training.

Tools Familiarity: GRC platforms (ServiceNow, OneTrust, Drata), Identity (Azure AD, Okta), SIEM/EDR (Sentinel, Defender), and cloud (Azure/AWS/GCP).

Core Competencies: Risk analysis, control testing, vendor management, policy writing, stakeholder engagement, and project execution.

Success Indicators: Timely audit closures, high control pass rates, risk reduction, strong training compliance, and SLA adherence.

Preview

James Villajuan

RecruiterSterling Global Call Center Inc.

Aktif hari ini

Tempat Bertugas

15, Raffles Corporate Center. Raffles Corporate Center Building, F. Ortigas Jr. Rd, Ortigas Center, Pasig, Metro Manila, Philippines

Disiarkan pada 22 October 2025

Pekerjaan Serupa

Lihat selanjutnya

Sterling Global Call Center Inc.

Tidak Dibiayai

>1000 Pekerja

BPO & Pusat Panggilan

Lihat pengambilan kerja

Laporkan

Peringatan Keselamatan Bossjob

Jika jawatan memerlukan anda bekerja di luar negara, sila berhati-hati dan berhati-hati dengan penipuan.

Jika anda menemui majikan yang mempunyai tindakan berikut semasa pencarian kerja anda, sila laporkan segera

  • menahan ID anda,
  • menghendaki anda memberikan jaminan atau mengumpulkan sesuatu,
  • memaksa anda untuk melabur atau mengumpul dana,
  • mengumpul faedah haram,
  • atau situasi haram yang lain.
Tips
×

Some of our features may not work properly on your device.

If you are using a mobile device, please use a desktop browser to access our website.

Or use our app: Download App