To stay informed about new openings:
    Join our talent community

    Regulatory Engagements Tech. and Cyber / Deputy ICS Practice Lead Manila

    Taguig, Metro Manila, Philippines

    Regulatory Engagements Tech. and Cyber / Deputy ICS Practice Lead Manila

    • 202404524
    • Taguig, Metro Manila, Philippines
    • Full time
    • Closing on: Dec 31 2024

    Description

    This role will have two focus area. Primarily, the person in this role will manage technology and cyber regulatory and external audit engagements in region as well as internationally as prioritized by the function’s lead. This role will also act as deputy to ICS (Information and Cyber Security) practice lead in location (Philippines/Manilla) when required.

    You will work closely with ICS subject matter experts, the ICS group as a whole, executive business management, Internal Audit, Compliance and risk functions, Privacy, Information Technology and other internal key stakeholders. In location you will also partner with location/ country management team as well as HR in order to support ICS team based in Manilla. 

    The Role

    Responsibilities 

    This role will be based in Manilla, being primarily responsible for management of regulatory engagements and external audits/certification as prioritized. Additionally, the role, if required, will also support the delivery of Global Information and Cybersecurity (ICS) operations in the capacity of deputy to ICS Practice lead. 

    Responsibilities of this role will include:

    Regulatory Engagement (Primary role)

    • Deputize, where required, for ICS Regulatory Engagements Lead
    • Collaborate in the developing and shaping Regulatory engagement operating model and standard processes.
    • Devise and upkeep templates and tools to assist in implementing various ICS Regulatory Engagement programs and reporting.
    • Take lead in the implementation, alignment to, maintenance and monitoring of controls following Information Security standard and framework such as NIST, ISF, ISO 27001, PCI-DSS, SOC 1/2, Cyber Essentials, etc.
    • Provide input and assist in shaping and improving Regulatory Engagement operating framework and processes.
    • Collaborate with other functions – global as well as in country – to support both areas of responsibilities for the role. This includes Compliance, Privacy, technology partners, HR, in location/country business management.
    • Work with technology functions to ensure appropriate controls are effectively implemented.
    • Facilitate interfacing, attesting and demonstrating adherence to regulatory requirements with relevant authorities, regulators and external auditors.
    • Proactively maintain visibility and track relevant state and industry laws, regulations and standards in APAC as well as other regions.
    • Support the function in ascertain controls requirement changes based on regulations changes.
    • Collaborate with the process/application/control owners to facilitate and/or devise appropriate action/remediation plans for identified gaps. Monitor and manage the delivery or closure of each identified gaps.
    • Support ICS leadership in hiring processes relevant to the location

    Deputize for ICS practice lead (Additional role - as and when required)

    • Assist with day-to-day operations of ICS team members based in Manilla supporting the ICS Practice lead as required. 
    • Represent ICS in location management meetings and local initiatives.
    • Provide guidance, as deputy to ICS Practice Lead, and help identify right channel for information and cyber security concerns and requirements when required.
    • Lead and mentor a team of ICS professionals in location - providing guidance, performance feedback, and support for their career development. 
    • Collaborate with other functions – global as well as in country – to support both areas of responsibilities for the role. This includes Compliance, Privacy, technology partners, HR, in location/country business management.
    • Ensure implementation and adherence of Information and Cyber security policy and standards.
    • Support ICS leadership in hiring processes relevant to the location if required.

    Qualifications

    The Requirements

    Skills and experience required:

    • Possesses a combination of business, behavioral, and technical leadership skills – ability to navigate in a dynamic and complex organization, translate business requirements and manage stakeholder expectations. 
    • Experience in working in a collaborative environment.
    • Critically, you must be an effective implementer of common controls across multi regulated environment, abreast of relevant laws and regulations as it applies to Information and Cyber Security and IT related requirements, and familiar with different industry standards and best practices for Information and Cyber Security. 
    • Demonstrable experience in analyzing and applying regulatory requirements to security practices.
    • Sound knowledge and experience in managing compliance to technology, cybersecurity and privacy related regulations in APAC such as China Cyber Security Law, Multi-Level Protection Scheme (MLPS 2.0), Monetary Authority of Singapore (MAS) regulations, Insurance Regulatory and Development Authority of India (IRDA) regulations, Australia CPS 234, Bank of Negara’s relevant regulations, OJK of Indonesia relevant regulations, and other  cross-border or data localization related regulations in Asia Pacific.
    • Familiarity with other technology, cybersecurity and privacy regulations such as but not limited to ISO 27001, GDPR, FCA, HIPAA, NYDFS, CCPA, SOX, SOC 1/2 etc.
    • Familiarity with changes and trends in the regulatory landscape.
    • Demonstrable ability to lead and execute across a range of business and functions with differing issues and interests.
    • Sound knowledge in the implementation and compliance to other Information Security industry best practices and standards including but not limited to NIST, ISF, CE+, TISAX, Cobit, PCI-DSS, SOC1/2/3, etc.
    • Sound knowledge on cloud environment, cybersecurity controls and best practices.
    • Strong Project Management skills and experience.
    • Excellent writing, presentation, and communication skills
    • Experience with IT audit functions and IT controls are preferable.
    • Proven ability to work in global collaborative group environment.
    • Experience of working with a high degree of autonomy, managing own workload and delivering to tight timescales
    • Proven excellence in PPT presentations for reporting process metrics and delivering KPI’s.
    • Excellent analytical problem-solving skills
    • Experience of working in a regulated environment, not necessarily insurance or financial services are preferable.

    Behaviors:

    • Management skills including management of performance evaluations
    • You must also be an excellent communicator, a supportive team player, resourceful, independent and adaptive to change.
    • Ability to work under pressure and to resolve issues effectively
    • Strong desire to continue to learn.
    • Resourcefulness and organisational agility.
    • Global team player with good interpersonal and influencing skills.
    • Customer Focus/ Relationship Management.
    • Personal learning.
    • Organized and methodical.
    • Integrity and Trust.

    Qualifications:

    • Qualified to degree level, in IT or security related subject.
    • At least 10+ years’ work experience in Information Security.
    • Information security certifications (e.g. CISSP, CCSP, CISA, CRISC, CISM, ISO 27001 LA) are preferable.
    • Fluent in English language, both verbal and writing, is required.
    • Ability to speak other Asian Non-English language is preferred.

    WTW is an Equal Opportunity Employer

    Apply Now

    Not You?

    Thank you

    Unsolicited Contact

    Any unsolicited resumes/candidate profiles submitted through our web site or to personal e-mail accounts of employees of Willis Towers Watson are considered property of Willis Towers Watson and are not subject to payment of agency fees. In order to be an authorized Recruitment Agency/Search Firm for Willis Towers Watson, any such agency must have an existing formal written agreement signed by an authorized Willis Towers Watson recruiter and an active working relationship with the organization. Resumes must be submitted according to our candidate submission process, which includes being actively engaged on the particular search. Likewise, for our authorized Recruitment Agencies/Search Firms, if the candidate submission process is not followed, no agency fees will be paid by Willis Towers Watson. Willis Towers Watson is an equal opportunity employer. If you would like to have your contact information saved for future consideration, please email: Agency.inquiries@willistowerswatson.com.

    Our Offices

    Our colleagues serve more than 140 countries and markets around the world. This gives a global dimension to everything we do and creates lots of exciting opportunities for you to collaborate and grow. Explore the map below to see where you career could take you.

    Meet our people