Analyst, Vendor Risk Management

17 hours ago


Metro Manila Philippines Buscojobs Full time

Analyst Vendor Risk Management

Location: Taguig / Mandaluyong, National Capital Region

Salary: ₱ - ₱

Employer: Bank of Commerce (Philippines)

Posted: 1 day ago

Job Description
  • Oversee employees, consultant, subsidiaries and vendor's compliance with ISPP regarding the security of the Bank's information assets;
  • Monitor the adequacy and effectiveness of the systems of internal control to ensure the systems minimize operations risk and identify exposures while the consequences are still avoidable;
  • Provide effective assessment of risks to ensure the soundness of information technology; and
  • Provide consulting activity to improve the risk management process of the organization.

Job Description (continued):

  • Maintain a good working relationship with unit management and meet with Group Heads or senior Bank management to explain information pertaining to adequacy, effectiveness and efficiency of internal control systems to mitigate the risks identified.
  • Develop and maintain key relationships with professional associations and/or individuals to exchange information on unusual or emerging technical issues and risk engines.
  • Facilitate periodic risk assessments following the ACES and ISRA methodologies of the bank information assets.
  • Conduct or review complex or specialized risk assessment of functions, identify and evaluate risk concerns, recommend mitigating controls and report summary information deficiencies of business and operating units.
  • Recommend strategies and programs in relation to the Bank's Information Security.
  • Provide consulting activities to business and operating units on IT risks and information security issues covering Bank's processes, operating policies and procedures.
  • Ensure adequacy and relevance of Information Security Policies and Procedures; oversee users' adherence to security policy and report breaches to the appropriate authority.
  • Develop or enhance the risk assessment program on information security and privacy matters; provide continuing education and advisory on information security and privacy for Bank personnel.
  • Participate in Business Continuity Planning; assist in facilitating vulnerability assessment and penetration testing exercises conducted by third party consultants and monitor resolution; ensure timely resolution of internal and regulatory findings.
  • Keep abreast of latest information security and privacy regulations and vulnerabilities and new and emerging security technologies; prepare, assist and gather information for management or BROC reporting.

Job Qualifications

  • At least 5-7 years of professional experience in Information Security, IT Risk Management, or related fields.
  • Minimum 2-3 years in a supervisory or leadership role managing risk assessments, audits, or compliance activities.
  • Strong knowledge of information security frameworks (NIST CSF, ISO 27001, CIS Controls).
  • Proficiency in risk management methodologies such as ISRA, RCSA, and SASRA, including risk registers and heatmaps.
Security Risk Assessment Analyst

Posted today

Job Description

General responsibilities include performing risk assessment for in-flight projects, collaborating with project managers and teams on security requirements and risk mitigation, ensuring timely delivery of security assessment reports, monitoring Service Level Objectives, and tracking risk mitigation.

  • Keep abreast of emerging threats and vulnerabilities; provide mentorship and supervision to a pool of Risk Assessment analysts; contribute to continuous process improvement; support assessment tools (e.g., GRC).

Technical competencies include operating systems, networking, cloud basics, IT security domains (NIST, ISO27001, CIS), risk-based assessment approaches, and basic threat modeling (STRIDE).

Qualifications: Bachelor’s degree in Computer Science/Engineering/IT or Accountancy; 4-5 years in Security Risk Management, IT Audit, or IT Security; strong communication and leadership skills; professional certifications (CISA/CISM/CRISC/ISO27000) preferred.

IT Security Risk Assessment Officer

Posted 1 day ago

Location: Metrobank Center, Taguig City

Role overview: Develop and maintain third‑party information security risk management framework aligned with enterprise risk framework; perform third-party security and information asset risk assessments; assess complex processes and networks to identify risks and mitigation strategies.

  • Coordinate security risk assessments across business units; maintain risk registers; track remediation; prepare risk assessment reports for stakeholders.
  • Ensure security policies are up-to-date and that controls are adequate to mitigate information security risk.
Financial Risk Management Manager

Location: Mandaluyong, National Capital Region

Salary: ₱90,000 - ₱120,000

Employer: Remitly

Posted: 1 day ago

Job Description

Lead FRM engagements covering credit, market and liquidity risk; develop/validate models; perform data/risk analytics; collaborate with the team to improve methodologies; support risk decisions.

Qualifications:

  • Intermediate background in mathematics, statistics, or economics; analytical and project management skills; ability to work in cross-functional teams.
  • Minimum 5 years of relevant experience.

Desired skills:

  • Critical thinking, task prioritization, strong communication, ability to drive change, proficiency in MS Office; experience with PM methodologies and R/SAS is a plus.
Financial Risk Management Associate

Posted today

Job Description

Support FRM engagements; assist other service lines; perform administrative tasks and desk research; strong background in mathematics/statistics/data analytics.

Qualifications:

  • Bachelor’s or Master’s in Mathematics, Statistics, Data Analytics, Finance, or related field.
  • Proficiency in statistical tools (R, Python, Tableau, SQL); 2+ years in data analytics or risk management preferred; CFA is a plus; fresh graduates welcome.
Financial Risk Management Senior Associate

Posted today

Job Description

Similar FRM responsibilities as above with emphasis on data analytics and risk modeling; qualifications mirror senior-level experience (3-5 years).

Qualifications:

  • 3-5 years of relevant FRM or risk analytics experience; strong technical and communication skills.
Financial Risk Management Assistant Manager

Posted today

Job Description

FRM engagements across credit, market, and liquidity risk; develop/implement risk models; data analytics.

Qualifications:

  • 4-5 years of experience; bachelor’s in finance/accounting/statistics; MBA or Master’s preferred; strong leadership and communication skills.
Financial Risk Management Senior/Assistant Manager - Additional Details

Location: Mandaluyong / Taguig

Salary ranges provided in postings above; multiple postings consolidated for clarity.

Remitly Enterprise Risk Management - Senior Associate

Location: Mandaluyong, National Capital Region

Posted: Today

Job Description

Enterprise Risk Analyst responsible for development, implementation, and execution of risk management programs; support ERM framework across jurisdictions; perform risk assessments; assist in risk decision making; maintain risk policies and monitoring programs; ensure regulatory compliance and risk controls across organization.

You will:

  • Contribute to ERM framework and risk identification/measures;
  • Perform risk assessments and analyze current risks; identify controls;
  • Coordinate with stakeholders; maintain risk universe; report to leadership;
  • Maintain policies, monitoring programs, risk maps, remediation tracking, and risk reports.

Requirements:

  • Bachelor’s in Finance/Economics/Business Admin or related field.
  • 3-5 years in risk management within financial services; strong regulatory knowledge.
  • Analytical skills; effective communication; data-driven decision making.
#J-18808-Ljbffr

  • Southern Manila District, Philippines BlueVoyant Full time

    Overview Analyst, Vendor Risk Management . Location: Remote. United States Citizenship Required. The Analyst, Vendor Risk Management will work with clients to identify client supply chain risk and cybersecurity challenges, advise on best practices in vendor risk management, and ensure successful delivery of BlueVoyant solutions to solve customer problems....


  • , Ilocos Sur, Philippines Buscojobs Full time

    Data Analyst - Product Management (Taguig, Aspiree Inc.) Posted today Job Description OVERALL RESPONSIBILITY The Product Management Analysts are critical players in the Product Management team. The Product Management team is responsible for the in-depth analysis of the performance of products, services, channels, and processes, and then stimulating...


  • , Metro Manila, Philippines Bill Gosling Outsourcing Full time

    Overview Vendor Management Analyst at Bill Gosling Outsourcing. The role involves onboarding and offboarding vendors, managing procurement processes, overseeing vendor performance, and ensuring compliance with contractual obligations and data privacy requirements. This position offers the opportunity to work in a global, fast-paced environment,...

  • Risk Analyst

    2 weeks ago


    , Metro Manila, Philippines MicroSourcing Full time

    Join to apply for the Risk Analyst role at MicroSourcing Shift: Onsite | Dayshift Overview Discover your 100% YOU with MicroSourcing! This role involves risk and data analysis to support budgeting, pricing, and decision-making related to vehicle fleets and associated costs. Responsibilities Research new vehicle models and create maintenance and tyre...


  • , Metro Manila, Philippines GCash Full time

    Join to apply for the Portfolio Risk Analyst role at GCash Join to apply for the Portfolio Risk Analyst role at GCash Do you want to take the first step in making Filipinos’ lives better everyday? Here in GCash we want to stay at the forefront of the FinTech industry by creating innovative, meaningful, and convenient financial solutions for the nation!...


  • , Metro Manila, Philippines Buscojobs Full time

    Job Overview Multiple postings for roles in Risk Management, Information Security, and Compliance across organizations in the Philippines. Roles include Security Risk Assessment Analyst, IT Security Risk Assessment Officer, Risk Management Officer, Head of Enterprise Risk, and related positions. Typical responsibilities include risk assessments, policy...


  • , Metro Manila, Philippines Buscojobs Full time

    Risk And Compliance Analyst Location: Taguig Posted today Job Description Qualifications: Bachelor's Degree is an advantage - (Computer Science, Information Technology or other relevant fields) Risk management and Information Security Management System auditing experience Knowledge and experience with standards such as ISO 27001, ISO 22301, PCI-DSS and data...


  • Manila, National Capital Region, Philippines Bill Gosling Outsourcing Full time

    OverviewVendor Management Analyst at Bill Gosling Outsourcing. The role involves onboarding and offboarding vendors, managing procurement processes, overseeing vendor performance, and ensuring compliance with contractual obligations and data privacy requirements. This position offers the opportunity to work in a global, fast-paced environment, collaborating...


  • Manila, National Capital Region, Philippines Bill Gosling Outsourcing Full time

    Overview Vendor Management Analyst at Bill Gosling Outsourcing. The role involves onboarding and offboarding vendors, managing procurement processes, overseeing vendor performance, and ensuring compliance with contractual obligations and data privacy requirements. This position offers the opportunity to work in a global, fast-paced environment,...


  • Manila, Philippines Bill Gosling Outsourcing Full time

    Overview We are seeking a highly motivated and detail-oriented Vendor Management Analyst to join our dynamic team. The ideal candidate will play a crucial role in onboarding and offboarding vendors, managing procurement processes, overseeing vendor performance, and ensuring compliance with contractual obligations and data privacy requirements. This position...