Show more filters
Banner image for UnionBank

IT Supply Chain Security Risk Manager

UnionBank of the Philippines

3.0
14 reviews
UnionBank
Job Type   /   Job Level
Full-time   /   Others/Any
Company Location
Philippines
Company: Union Bank of the Philippines

Position: IT Supply Chain Security Risk Manager

Job Summary: The Third-Party Security Risk Manager shall be responsible for the third-party risk assessment to ensure that the Bank’s security requirements are met, and that appropriate due diligence and security assessment is conducted in selecting and onboarding third-party service providers.

Duties And Responsibilities

  • Develop, coordinate, plan and execute security assessments of Bank’s third-party contractors and partners focusing on compliance with regulations and applicable standards.
  • Lead the implementation of programs and mechanisms to properly monitor the performance of third-party service providers and assess whether sufficient level of security controls is maintained, and Bank procedures, policies and internal controls are being complied with.
  • Ensure that contracts sufficiently detail information security requirements, particularly for third-party service providers that store, transmit, process, or dispose of customer information.
  • Collaborate with business units and stakeholders to assist in governance structure and oversight of security frameworks of third-party providers in compliance with PCI-DSS, ISO27001, and other applicable standards.
  • Establish and drive security best practice and governance across all third-party risk management activities of the Bank.
  • Work with relevant groups to identify, assess, and document third party relationships, including the regular security review of vendors and critical outsourcing arrangements. Gather input from technical groups to define the baseline security requirements for suppliers and third-party providers based on the service they provide and the frequency of assessments.
  • Identify vendor frameworks and communicate vendor risk concepts to ensure these are reflected in the Bank’s policies, standards, procedures.

Qualifications

  • Bachelor's degree in Information Security, Computer Science, or a related field.
  • Minimum of 3 years of relevant experience in data security or a related role.
  • Strong knowledge of data protection regulations (e.g., ISO27001, NIST, GDPR).
  • Experience with data security tools and technologies.
  • Excellent analytical and problem-solving skills.
Jobs in Philippines   »   Jobs in Pasig, National Capital Region, Philippines   »   IT Supply Chain Security Risk Manager

More jobs