Analyst, Vendor Risk Management

Analyst Vendor Risk Management

Location: Taguig / Mandaluyong, National Capital Region

Salary: ₱ - ₱

Employer: Bank of Commerce (Philippines)

Posted: 1 day ago

Job Description

• Oversee employees, consultant, subsidiaries and vendor's compliance with ISPP regarding the security of the Bank's information assets;
• Monitor the adequacy and effectiveness of the systems of internal control to ensure the systems minimize operations risk and identify exposures while the consequences are still avoidable;
• Provide effective assessment of risks to ensure the soundness of information technology; and
• Provide consulting activity to improve the risk management process of the organization.

Job Description (continued):

• Maintain a good working relationship with unit management and meet with Group Heads or senior Bank management to explain information pertaining to adequacy, effectiveness and efficiency of internal control systems to mitigate the risks identified.
• Develop and maintain key relationships with professional associations and/or individuals to exchange information on unusual or emerging technical issues and risk engines.
• Facilitate periodic risk assessments following the ACES and ISRA methodologies of the bank information assets.
• Conduct or review complex or specialized risk assessment of functions, identify and evaluate risk concerns, recommend mitigating controls and report summary information deficiencies of business and operating units.
• Recommend strategies and programs in relation to the Bank's Information Security.
• Provide consulting activities to business and operating units on IT risks and information security issues covering Bank's processes, operating policies and procedures.
• Ensure adequacy and relevance of Information Security Policies and Procedures; oversee users' adherence to security policy and report breaches to the appropriate authority.
• Develop or enhance the risk assessment program on information security and privacy matters; provide continuing education and advisory on information security and privacy for Bank personnel.
• Participate in Business Continuity Planning; assist in facilitating vulnerability assessment and penetration testing exercises conducted by third party consultants and monitor resolution; ensure timely resolution of internal and regulatory findings.
• Keep abreast of latest information security and privacy regulations and vulnerabilities and new and emerging security technologies; prepare, assist and gather information for management or BROC reporting.

Job Qualifications

• At least 5-7 years of professional experience in Information Security, IT Risk Management, or related fields.
• Minimum 2-3 years in a supervisory or leadership role managing risk assessments, audits, or compliance activities.
• Strong knowledge of information security frameworks (NIST CSF, ISO 27001, CIS Controls).
• Proficiency in risk management methodologies such as ISRA, RCSA, and SASRA, including risk registers and heatmaps.

Security Risk Assessment Analyst

Posted today

Job Description

General responsibilities include performing risk assessment for in-flight projects, collaborating with project managers and teams on security requirements and risk mitigation, ensuring timely delivery of security assessment reports, monitoring Service Level Objectives, and tracking risk mitigation.

• Keep abreast of emerging threats and vulnerabilities; provide mentorship and supervision to a pool of Risk Assessment analysts; contribute to continuous process improvement; support assessment tools (e.g., GRC).

Technical competencies include operating systems, networking, cloud basics, IT security domains (NIST, ISO27001, CIS), risk-based assessment approaches, and basic threat modeling (STRIDE).

Qualifications: Bachelor’s degree in Computer Science/Engineering/IT or Accountancy; 4-5 years in Security Risk Management, IT Audit, or IT Security; strong communication and leadership skills; professional certifications (CISA/CISM/CRISC/ISO27000) preferred.

IT Security Risk Assessment Officer

Posted 1 day ago

Location: Metrobank Center, Taguig City

Role overview: Develop and maintain third‑party information security risk management framework aligned with enterprise risk framework; perform third-party security and information asset risk assessments; assess complex processes and networks to identify risks and mitigation strategies.

• Coordinate security risk assessments across business units; maintain risk registers; track remediation; prepare risk assessment reports for stakeholders.
• Ensure security policies are up-to-date and that controls are adequate to mitigate information security risk.

Financial Risk Management Manager

Location: Mandaluyong, National Capital Region

Salary: ₱90,000 - ₱120,000

Employer: Remitly

Posted: 1 day ago

Job Description

Lead FRM engagements covering credit, market and liquidity risk; develop/validate models; perform data/risk analytics; collaborate with the team to improve methodologies; support risk decisions.

Qualifications:

• Intermediate background in mathematics, statistics, or economics; analytical and project management skills; ability to work in cross-functional teams.
• Minimum 5 years of relevant experience.

Desired skills:

• Critical thinking, task prioritization, strong communication, ability to drive change, proficiency in MS Office; experience with PM methodologies and R/SAS is a plus.

Financial Risk Management Associate

Posted today

Job Description

Support FRM engagements; assist other service lines; perform administrative tasks and desk research; strong background in mathematics/statistics/data analytics.

Qualifications:

• Bachelor’s or Master’s in Mathematics, Statistics, Data Analytics, Finance, or related field.
• Proficiency in statistical tools (R, Python, Tableau, SQL); 2+ years in data analytics or risk management preferred; CFA is a plus; fresh graduates welcome.

Financial Risk Management Senior Associate

Posted today

Job Description

Similar FRM responsibilities as above with emphasis on data analytics and risk modeling; qualifications mirror senior-level experience (3-5 years).

Qualifications:

• 3-5 years of relevant FRM or risk analytics experience; strong technical and communication skills.

Financial Risk Management Assistant Manager

Posted today

Job Description

FRM engagements across credit, market, and liquidity risk; develop/implement risk models; data analytics.

Qualifications:

• 4-5 years of experience; bachelor’s in finance/accounting/statistics; MBA or Master’s preferred; strong leadership and communication skills.

Financial Risk Management Senior/Assistant Manager - Additional Details

Location: Mandaluyong / Taguig

Salary ranges provided in postings above; multiple postings consolidated for clarity.

Remitly Enterprise Risk Management - Senior Associate

Location: Mandaluyong, National Capital Region

Posted: Today

Job Description

Enterprise Risk Analyst responsible for development, implementation, and execution of risk management programs; support ERM framework across jurisdictions; perform risk assessments; assist in risk decision making; maintain risk policies and monitoring programs; ensure regulatory compliance and risk controls across organization.

You will:

• Contribute to ERM framework and risk identification/measures;
• Perform risk assessments and analyze current risks; identify controls;
• Coordinate with stakeholders; maintain risk universe; report to leadership;
• Maintain policies, monitoring programs, risk maps, remediation tracking, and risk reports.

Requirements:

• Bachelor’s in Finance/Economics/Business Admin or related field.
• 3-5 years in risk management within financial services; strong regulatory knowledge.
• Analytical skills; effective communication; data-driven decision making.

#J-18808-Ljbffr

---