Risk and Compliance Manager

Risk and Compliance Manager Hoya Makati, National Capital Region, Philippines Founded in 1941 in Tokyo, Japan, Hoya is a global med-tech company, and a leading supplier of innovative high-tech and medical products. Hoya is active in the fields of healthcare and information technology providing eyeglasses, medical endoscopes, intraocular lenses, optical lenses as well as key components for semiconductor devices, LCD panels and HDDs. With about 160 offices and subsidiaries worldwide, Hoya currently employs a multinational workforce of about 38,000 people. Job Purpose To protect and enhance the organization’s digital systems and processes by developing and implementing strategies, policies, and procedures that mitigate risks and ensure business continuity during disruptive events. Collaborate with cross-functional teams to identify, assess, and prioritize digital related risks, while ensuring compliance with industry standards and regulations. By developing comprehensive digital system recovery plans, coordinating recovery efforts, and fostering stakeholder engagement this role will play a pivotal role in safeguarding the organization’s systems and data and minimizing interruptions to operations. Job Responsibilities Conducts risk assessments for various departments and functions, analyzing potential business impact due to loss of digital systems Identify, analyze, and evaluate digital systems and data related risks, including potential threats, vulnerabilities, and impacts on business continuity Develop and implement risk mitigation strategies and controls to minimize the likelihood and impact of disruptions Conduct regular risk assessments and gap analyses to identify emerging risks and recommend appropriate risk treatment measures Monitor and report on risk indicators and metrics to ensure proactive risk management Align recovery time and point objectives with requirements from the business and technical/financial viability for critical systems Ensure system specific recovery playbooks for critical digital systems are designed, documented and maintained by the relevant technical teams, and capable to support the agreed recovery time, and point objectives Develop comprehensive continuity plans with the business that defines how they will continue to operate while system recovery is ongoing; reviews, revises, and expands existing plans and protocols Ensure business continuity plans are developed, owned and maintained by business stakeholders Conduct regular tests, drills, and exercises to validate the effectiveness of system recovery plans and identify areas for improvement Stay up to date with relevant industry standards, best practices, and regulatory requirements related to IT risk management and business continuity Ensure compliance with applicable laws, regulations, and contractual obligations Conduct periodic audits and assessments to evaluate compliance Implement corrective actions for compliance gaps Collaborate with internal stakeholders, including IT teams, executive management, and business units, to understand their requirements and align risk management and business continuity initiatives with organizational goals Provide guidance and support to business units during the development and implementation of business continuity plans Act as a subject matter expert on IT risk management and business continuity, providing training and awareness programs to enhance the organization’s overall resilience Develops (with support from vendor) and provides staff training on risk management/business continuity and disaster recovery Support the Group IT Director, Head of Security in the definition of the strategic orientations of digital risk management at Hoya Participates in the organization’s business continuity planning together with HSE, Risk to align the organizations emergency management plan with established best practices Education/Training Qualifications University degree/College diploma in the field of computer science and/or information security Experience 10+ years’ experience, preferably with a background in IT Operations and Risk governance process Proven experience developing and implementing IT business continuity plans and strategies Excellent strategic, problem solving, and analytical skills Background in hypothetical situations and concepts and to identify risks and weaknesses in various business processes Ability to collaborate with others to develop an emergency plan Strong knowledge of IT risk management frameworks, such as ISO 27001, NIST Cybersecurity Framework, or COBIT Familiarity with relevant regulatory requirements (e.g., GDPR, HIPAA, SOX) and industry standards (e.g., PCI DSS) Excellent analytical and problem-solving skills, with the ability to assess and prioritize risks effectively Strong communication and interpersonal skills to collaborate with stakeholders at all levels Experience in incident response and crisis management is preferred Professional certifications such as CBCP or CISSP are a plus Creation, management or administration of policies and processes with superior written and verbal communication skills Internal Relationships Hoya BCM Sponsors, CEO’s office, IT Security Committee, IT Audit, Internal Control, Risk, etc. External Relationships 3rd party vendor (e.g., SOC) and external auditor, local regulation authorities Education/Training Qualifications University degree/College diploma in the field of computer science and/or information security Seniority level Mid-Senior level Employment type Full-time Job function Information Technology Industries Medical Device and Technology Information and Media Referrals increase your chances of interviewing at Hoya by 2x Get notified about new Risk Compliance Manager jobs in Makati, National Capital Region, Philippines. Makati, National Capital Region, Philippines 2 days ago We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI. #J-18808-Ljbffr