Do you want to take the first step in making Filipinos’ lives better everyday? Here in GCash we want to stay at the forefront of the FinTech industry by creating innovative, meaningful, and convenient financial solutions for the nation! G ka ba? Join the G Nation today!
About the Role:
We are seeking an experienced and motivated Third-Party Security Management Lead to elevate our program and ensure compliance, cybersecurity risk management, and operational excellence. As the Third-Party Security Management Lead, you will be responsible for overseeing the security assessments and risk mitigation strategies for our third-party relationships. This role combines strategic thinking with hands-on problem-solving, and you’ll have the opportunity to work cross-functionally with external parties, legal, compliance, business, and IT teams. Your leadership will directly contribute to protecting our business assets and ensuring our partners uphold the same security standards we do.
Key Responsibilities:
Organize and manage the completion of third party cybersecurity risk assessments and closure of identified risks
Conduct thorough cybersecurity risk assessments of third parties, providing risk identification, analysis and recommended controls
Act as a security consultant for projects and initiatives involving third parties.
Provide leadership and mentorship to a team of security analysts.
Present and report cybersecurity items to key stakeholders
Collaborate with procurement, legal, and other key teams to ensure contractual security obligations are met.
Develop and implement continuous improvement initiatives to enhance third-party security management process
What We’re Looking For:
Minimum of 3 years of proven experience in Information Security Risk Management, IT Risk Management, or IT Audit, demonstrating a strong foundation in managing security risks in a dynamic environment.
In-depth knowledge of Third-Party CyberSecurity Risk Management, with a solid track record of performing thorough risk assessments and developing mitigation strategies.
Comprehensive understanding of information security frameworks and controls, particularly those based on industry standards such as ISO 27001, NIST, PCI DSS, CIS, etc. ensuring alignment with best practices.
Working knowledge and exposure with security technologies, including encryption, Data Loss Prevention (DLP), firewalls, and Identity Access Management (IAM) solutions, contributing to a well-rounded technical skill set.
Exposure to emerging areas such as cloud security and AI security, with the ability to adapt to evolving cybersecurity trends and technologies.
Exceptional communication skills, both written and verbal, with the ability to convey complex technical information to diverse audiences, including senior leadership, third-party vendors, and cross-functional teams.
Strong organizational capabilities, with a proven ability to manage multiple priorities, work efficiently under pressure, and maintain attention to detail while meeting deadlines.
A strategic thinker with the capacity to build and nurture collaborative relationships with key internal stakeholders and third parties, driving alignment across departments.
Certification in Information Security or Risk Management (e.g., CISSP, CISA) is highly desirable and will be considered a strong asset.
What We Offer
Opportunity for career growth and development in the #1 FinTech company in the country Working with a dynamic and highly collaborative team who want to change the game A company that values their people with highly competitive and flexible compensation and benefits package