Analyst, Vendor Risk Management

3 weeks ago


Metro Manila Philippines Buscojobs Full time

Analyst Vendor Risk Management

Location: Taguig / Mandaluyong, National Capital Region

Salary: ₱ - ₱

Employer: Bank of Commerce (Philippines)

Posted: 1 day ago

Job Description
  • Oversee employees, consultant, subsidiaries and vendor's compliance with ISPP regarding the security of the Bank's information assets;
  • Monitor the adequacy and effectiveness of the systems of internal control to ensure the systems minimize operations risk and identify exposures while the consequences are still avoidable;
  • Provide effective assessment of risks to ensure the soundness of information technology; and
  • Provide consulting activity to improve the risk management process of the organization.

Job Description (continued):

  • Maintain a good working relationship with unit management and meet with Group Heads or senior Bank management to explain information pertaining to adequacy, effectiveness and efficiency of internal control systems to mitigate the risks identified.
  • Develop and maintain key relationships with professional associations and/or individuals to exchange information on unusual or emerging technical issues and risk engines.
  • Facilitate periodic risk assessments following the ACES and ISRA methodologies of the bank information assets.
  • Conduct or review complex or specialized risk assessment of functions, identify and evaluate risk concerns, recommend mitigating controls and report summary information deficiencies of business and operating units.
  • Recommend strategies and programs in relation to the Bank's Information Security.
  • Provide consulting activities to business and operating units on IT risks and information security issues covering Bank's processes, operating policies and procedures.
  • Ensure adequacy and relevance of Information Security Policies and Procedures; oversee users' adherence to security policy and report breaches to the appropriate authority.
  • Develop or enhance the risk assessment program on information security and privacy matters; provide continuing education and advisory on information security and privacy for Bank personnel.
  • Participate in Business Continuity Planning; assist in facilitating vulnerability assessment and penetration testing exercises conducted by third party consultants and monitor resolution; ensure timely resolution of internal and regulatory findings.
  • Keep abreast of latest information security and privacy regulations and vulnerabilities and new and emerging security technologies; prepare, assist and gather information for management or BROC reporting.

Job Qualifications

  • At least 5-7 years of professional experience in Information Security, IT Risk Management, or related fields.
  • Minimum 2-3 years in a supervisory or leadership role managing risk assessments, audits, or compliance activities.
  • Strong knowledge of information security frameworks (NIST CSF, ISO 27001, CIS Controls).
  • Proficiency in risk management methodologies such as ISRA, RCSA, and SASRA, including risk registers and heatmaps.
Security Risk Assessment Analyst

Posted today

Job Description

General responsibilities include performing risk assessment for in-flight projects, collaborating with project managers and teams on security requirements and risk mitigation, ensuring timely delivery of security assessment reports, monitoring Service Level Objectives, and tracking risk mitigation.

  • Keep abreast of emerging threats and vulnerabilities; provide mentorship and supervision to a pool of Risk Assessment analysts; contribute to continuous process improvement; support assessment tools (e.g., GRC).

Technical competencies include operating systems, networking, cloud basics, IT security domains (NIST, ISO27001, CIS), risk-based assessment approaches, and basic threat modeling (STRIDE).

Qualifications: Bachelor’s degree in Computer Science/Engineering/IT or Accountancy; 4-5 years in Security Risk Management, IT Audit, or IT Security; strong communication and leadership skills; professional certifications (CISA/CISM/CRISC/ISO27000) preferred.

IT Security Risk Assessment Officer

Posted 1 day ago

Location: Metrobank Center, Taguig City

Role overview: Develop and maintain third‑party information security risk management framework aligned with enterprise risk framework; perform third-party security and information asset risk assessments; assess complex processes and networks to identify risks and mitigation strategies.

  • Coordinate security risk assessments across business units; maintain risk registers; track remediation; prepare risk assessment reports for stakeholders.
  • Ensure security policies are up-to-date and that controls are adequate to mitigate information security risk.
Financial Risk Management Manager

Location: Mandaluyong, National Capital Region

Salary: ₱90,000 - ₱120,000

Employer: Remitly

Posted: 1 day ago

Job Description

Lead FRM engagements covering credit, market and liquidity risk; develop/validate models; perform data/risk analytics; collaborate with the team to improve methodologies; support risk decisions.

Qualifications:

  • Intermediate background in mathematics, statistics, or economics; analytical and project management skills; ability to work in cross-functional teams.
  • Minimum 5 years of relevant experience.

Desired skills:

  • Critical thinking, task prioritization, strong communication, ability to drive change, proficiency in MS Office; experience with PM methodologies and R/SAS is a plus.
Financial Risk Management Associate

Posted today

Job Description

Support FRM engagements; assist other service lines; perform administrative tasks and desk research; strong background in mathematics/statistics/data analytics.

Qualifications:

  • Bachelor’s or Master’s in Mathematics, Statistics, Data Analytics, Finance, or related field.
  • Proficiency in statistical tools (R, Python, Tableau, SQL); 2+ years in data analytics or risk management preferred; CFA is a plus; fresh graduates welcome.
Financial Risk Management Senior Associate

Posted today

Job Description

Similar FRM responsibilities as above with emphasis on data analytics and risk modeling; qualifications mirror senior-level experience (3-5 years).

Qualifications:

  • 3-5 years of relevant FRM or risk analytics experience; strong technical and communication skills.
Financial Risk Management Assistant Manager

Posted today

Job Description

FRM engagements across credit, market, and liquidity risk; develop/implement risk models; data analytics.

Qualifications:

  • 4-5 years of experience; bachelor’s in finance/accounting/statistics; MBA or Master’s preferred; strong leadership and communication skills.
Financial Risk Management Senior/Assistant Manager - Additional Details

Location: Mandaluyong / Taguig

Salary ranges provided in postings above; multiple postings consolidated for clarity.

Remitly Enterprise Risk Management - Senior Associate

Location: Mandaluyong, National Capital Region

Posted: Today

Job Description

Enterprise Risk Analyst responsible for development, implementation, and execution of risk management programs; support ERM framework across jurisdictions; perform risk assessments; assist in risk decision making; maintain risk policies and monitoring programs; ensure regulatory compliance and risk controls across organization.

You will:

  • Contribute to ERM framework and risk identification/measures;
  • Perform risk assessments and analyze current risks; identify controls;
  • Coordinate with stakeholders; maintain risk universe; report to leadership;
  • Maintain policies, monitoring programs, risk maps, remediation tracking, and risk reports.

Requirements:

  • Bachelor’s in Finance/Economics/Business Admin or related field.
  • 3-5 years in risk management within financial services; strong regulatory knowledge.
  • Analytical skills; effective communication; data-driven decision making.
#J-18808-Ljbffr

  • Manila, Philippines CloudPay Full time

    CloudPay Manila, National Capital Region, Philippines Overview Join to apply for the Vendor Risk Management Specialist role at CloudPay . CloudPay Manila, National Capital Region, Philippines. 2 days ago Be among the first 25 applicants. Get AI-powered advice on this job and more exclusive features. Direct message the job poster from CloudPay. Talent...


  • , Metro Manila, Philippines Tribute Technology Full time

    3 days ago Be among the first 25 applicants ABOUT TRIBUTE TECHNOLOGY: At Tribute Technology, we make end-of-life celebrations memorable, meaningful, and effortless through thoughtful and innovative technology solutions. Our mission is to help communities around the world celebrate life and pay tribute to those we love. Our comprehensive platform brings...


  • , Metro Manila, Philippines Buscojobs Full time

    Job Overview Multiple postings for roles in Risk Management, Information Security, and Compliance across organizations in the Philippines. Roles include Security Risk Assessment Analyst, IT Security Risk Assessment Officer, Risk Management Officer, Head of Enterprise Risk, and related positions. Typical responsibilities include risk assessments, policy...


  • , Metro Manila, Philippines Buscojobs Full time

    Risk And Compliance Analyst Location: Taguig Posted today Job Description Qualifications: Bachelor's Degree is an advantage - (Computer Science, Information Technology or other relevant fields) Risk management and Information Security Management System auditing experience Knowledge and experience with standards such as ISO 27001, ISO 22301, PCI-DSS and data...


  • Manila, Philippines Chevron Full time

    Overview Vendor Master Analyst role at Chevron. Location: 6750 Building, Makati City, Philippines. Chevron is a leading multinational energy company with operations in over 180 countries. About Chevron: a global energy company committed to responsible and innovative energy solutions. Responsibilities Maintains vendor master records in SAP – PC3-010...


  • , Metro Manila, Philippines Aurecon Full time

    IT Risk and Assurance Manager Join Aurecon as an IT Risk and Assurance Manager to proactively identify and manage risk across all Aurecon technology functions and support information security assurance across critical services. Overview Aurecon seeks a visionary leader to lead, develop, implement, enhance and continually evaluate IT risk management and...

  • Tech Risk Analyst

    5 days ago


    Manila, National Capital Region, Philippines LIMIX IT Solutions Full time

    Limix IT Solutions (LIMIX) is a fast-growing IT outsourcing startup, specializing in delivering innovative software solutions across multiple industries, including finance, cryptocurrency & blockchain technology, AI and beyond. Backed by strong financial investment and a wide range of industry experts, we have quickly scaled our operations to meet the high...

  • Vendor Manager

    1 week ago


    Eastwood, Metro Manila, Philippines INTELASSIST INC. Full time ₱1,200,000 - ₱2,400,000 per year

    Duties and Responsibilities:The Vendor Manager will oversee and drive performance across our outsourced customer service BPO partners located in India and The Philippines. This role is critical in managing day-to-day operations and ensuring our BPO vendors deliver best-in-class customer experiences across voice, chat, and back-office support functions.The...

  • Risk Analyst

    2 weeks ago


    , , Philippines MicroSourcing Full time

    Overview Join to apply for the Risk Analyst role at MicroSourcing . Position: Risk Analyst Why join MicroSourcing? You’ll Have Competitive Rewards: Enjoy above-market compensation, healthcare coverage on day one, plus one or more dependents, paid time-off with cash conversion, group life insurance, and performance bonuses A Collaborative Spirit: Contribute...


  • , Metro Manila, Philippines Buscojobs Full time

    Associate Risk Analyst Conflicts Management Posted 1 day ago Job Description Enhanced Due Diligence (EDD) Investigations Conduct thorough reviews of high-risk customers, including Politically Exposed Persons (PEPs), sanctioned individuals, foreign players, and customers with adverse media hits. Request, collect, and analyze Source of Funds (SOF) and Source...