Information Security Manager

Sodali & Co Manila, National Capital Region, Philippines Sodali & Co is a leading provider of shareholder engagement advisory and governance consulting services to corporate clients around the world. The firm provides corporate boards and executives with strategic advice and services relating to a broad range of activities, including mergers and acquisitions, annual and special meetings, shareholder activism initiatives, multinational cross‑border transactions, sustainability issues and debt restructuring. From headquarters in New York, London, and Sydney with offices in the world’s major capital markets, Sodali & Co serves more than 2,000 corporate clients in over 80 countries. The Opportunity The Information Security Officer will develop, implement, and maintain the information security program, protecting enterprise communications, IT systems, and company and customer assets from internal and external threats. Key Responsibilities Lead the information security function across the company to ensure consistent and high-quality information security management in support of the business goals. Develop, implement, and monitor a comprehensive enterprise information security program that aligns with the strategic plan and best‑in‑class compliance and industry requirements. Maintain ISO 27001, SOC 2 Type¢2, GDPR, and UK Cyber Essentials certification and related activities. Manage annual internal and external penetration testing and remediation. Monitor the external threat environment for emerging threats and advise stakeholders on appropriate actions. Manage security incidents and events to protect corporate IT assets, including intellectual property, regulated data, and the company’s reputation. Coordinate the development and implementation of incident‑response plans and procedures to ensure business‑critical services are recovered during a security event. Develop, implement, and enhance an up‑to‑date information‑security management framework. Create, implement, and manage confidentiality, data safeguarding, and data‑retention policies and procedures. Develop, maintain, and roll out training and activities for information‑security awareness within the organization. Evaluate security trends, evolving threats, risks, and vulnerabilities and apply tools to mitigate risk as necessary. Provide regular reporting on the security program’s status to stakeholders and facilitate a metrics and reporting framework to measure program efficiency and effectiveness. Role Requirements Experience working in international organizations is an advantage. Demonstrated ability to build successful cybersecurity programs. Expert understanding of cybersecurity concepts, principles, and practices. Unquestionable personal code of ethics, integrity, diversity, and trust. Ability to navigate ambiguity in a fast‑paced environment. Experience with formal risk‑assessment methodologies. In depth understanding of networks, databases, and business applications as they relate to security. Excellent knowledge of vulnerability management tools and solutions. Deep expertise with the Azure platform. Keeps up to date on all matters pertaining to IT security. Knowledge of leading‑practice incident‑management processes. Solution‑driven with a demonstrated ability to meet deadlines and deliver results. Education & Qualifications Bachelor’s degree or equivalent program in Computer Science, Business Information Systems, Information Security, or Information Technology. Relevant professional certification essential: CISSP, CISA, CISM, or CRISC. Minimum 10 years in a senior information‑security or similar role. Excellent knowledge and experience of ISO 27001, SOC 2 Type¢2, and GDPR. Knowledge of risk‑management processes (e.g., methods for assessing and mitigating risk). An Equal Employment Opportunity (EEO) Employer We are an equal‑opportunity employer and are committed to building a diverse and inclusive workplace. We consider all qualified candidates regardless of race, color, religion, creed, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, marital status, familial status, caregiver status, pregnancy, reproductive health decisions, veteran status, unemployment status, arrest or conviction record, or any other status protected under federal, state, or local law. Seniority Level Mid‑Senior level Employment Type Full‑time Job Function Information Technology Industries Business Consulting and Services #J-18808-Ljbffr