Security Risk and Compliance Officer (Hybrid)

Cebu, Cebu
Posted 2 days ago
Company:
KMC Solutions
Company Description:
Work with Us. Grow with Us. KMC Solutions offers a variety of career opportunities in Metro Manila, Cebu and Clark & Iloilo. We are always looking for talented and enthusiastic individuals who are ready to make their next big career move. Our Culture At KMC, we foster an inclusive and positive workplace for all. We push our members to succeed in everything they do through our collaborative work environment. We encourage our community to work hard and reach their full potential while delivering results that matter for our members and you as professionals. We host amazing and quality events and implement people-centric policies to work flexibly. We ensure that everyone in our expansive network is engaged, from our internal employees and those who work on behalf our offshore partners. Life within KMC: Work Hard Party Harder At KMC, we work hard and we are committed to putting our best foot forward in everything we do. Everyone is encouraged to be an individual while also working for the collective good of the KMC Community. We believe mistakes are opportunities and that you should not present a solution without a problem. We also know when hard work deserves to be recognized so we reward our employees with monthly parties, free trips and much much more!
Contract Type:
Full Time
Experience Required:
5 to 10 years
Education Level:
Bachelor’s Degree
Number of vacancies:
1

Job Description

Make your next big career move by applying as KMC Solutions' next SECURITY RISK AND COMPLIANCE OFFICER!

The Information Security and Data Privacy O:icer (ISDPO) is responsible for ensuring the confidentiality, integrity, and availability of sensitive information and data within the organization. The ISDPO will develop, implement, and maintain information security and data privacy policies, procedures, and controls to ensure compliance with relevant regulations, standards, and industry best practices. The ISDPO will also serve as a subject matter expert on HIPAA, SOC II, GDPR, and other compliance requirements.



On top of your salary, here are the exciting benefits you can look forward to:
• Health Insurance/HMO
• Enjoy unlimited MadMax Coffee
• Diverse learning & growth opportunities
• Accessible Cloud HR platform (Sprout)
• Above standard leaves
• Miscellaneous allowance
• Loans


The main responsibilities of a SECURITY RISK AND COMPLIANCE OFFICER include:
• Compliance and Risk Management:
○ Develop and maintain a comprehensive information security and data privacy program that ensures compliance with HIPAA, SOC II,
GDPR, and other relevant regulations and standards.
○ Identify and assess information security and data privacy risks, and develop strategies to mitigate or remediate those risks.
○ Conduct regular risk assessments and vulnerability assessments to identify potential security threats and weaknesses.

• Policy and Procedure Development:
○ Develop, implement, and maintain information security and data privacy policies, procedures, and standards that align with industry best practices and regulatory requirements.
○ Ensure that all policies and procedures are reviewed, updated, and approved on a regular basis.

• Incident Response and Management:
○ Develop and maintain an incident response plan that outlines procedures for responding to security breaches, data breaches, and
other security incidents.
○ Coordinate incident response activities, including containment, eradication, recovery, and post-incident activities.
○ Conduct incident response training and awareness programs for employees.

• Security Awareness and Training:
○ Develop and implement security awareness and training programs for employees, including phishing simulations, security training,
and data privacy training.
○ Ensure that all employees understand their roles and responsibilities in maintaining information security and data privacy.

• Audit and Compliance:
○ Conduct regular audits and assessments to ensure compliance with information security and data privacy policies, procedures, and
regulations.
○ Identify and report any non-compliance issues to management and recommend corrective actions.

• Vendor Management:
○ Develop and maintain vendor management policies and procedures that ensure vendors meet information security and
○ Conduct vendor risk assessments and due diligence to ensure vendors are compliant with relevant regulations and standards.

• Data Privacy:
○ Develop and maintain data privacy policies and procedures that ensure compliance with GDPR, HIPAA, and other relevant
regulations.
○ Conduct data privacy impact assessments and risk assessments to identify potential data privacy risks.

• Communication and Collaboration:
○ Serve as a liaison between the IT department, business units, and other stakeholders to ensure e:ective communication and
collaboration on information security and data privacy matters.
○ Provide guidance and support to employees on information security and data privacy best practices.

• Staying Current with Industry Developments:
○ Stay up-to-date with the latest industry developments, trends, and best practices in information security and data privacy.
○ Participate in industry conferences, webinars, and training programs to stay current with emerging threats and technologies


To apply, you must be an expert on the following requirements:
• A Bachelor’s degree in Computer Science, Information Assurance, or a related field.
• At least 5 years of experience in information security, data privacy, or a related field.
• Strong expertise in HIPAA, SOC II, GDPR, and other key regulations and industry standards.
• Hands-on experience with security and privacy frameworks such as NIST, ISO 27001, and COBIT.
• Analytical mindset with excellent problem-solving skills.
• Great communicator with strong interpersonal skills—able to explain complex security concepts to both technical and non-technical •
audiences.
• Ability to thrive in a fast-paced environment, managing multiple tasks and projects effectively.
• Certifications such as CISSP, CISM, or CIPP are a plus!
• Bonus points if you have experience in the BPO industry and have helped set up compliance frameworks.


Work setup: Hybrid | Night shift
Location: Cebu IT Park
Salary:
₱100,000.00 Monthly
Apply Now
Report this Job Ad

Similar Jobs to Security Risk and Compliance Officer (Hybrid)

Line Compliance Officer (Insurance)
Cebu City, Cebu
Quess Philippines Corp.
GY: 8pm-5am if no audit exp - college graduate - at least 1-2 yrs BPO...
Lead Assistant Manager - Compliance (Insurance)
Cebu City, Cebu
Quess Philippines Corp.
GY: 8pm-5am with audit expr - completed 2 yr college 3 yrs experience preferably incompliance,...
Training Manager
Cebu, Cebu
Gratitude
Job title: Training Manager Work location: Cebu Work set up and schedule: Onsite (possibility of...
Branch Recruitment and Services Specialist
Cebu, Cebu
TASQ Staffing Solutions
Work Arrangement: Onsite Work Set-up Main Responsibility: To provide overall marketing, sales, technical and administrative...
Quality Assistant Manager
Cebu, Cebu
Gratitude
Job title: Quality Assistant Manager-Insurance-EBU Work location: Cebu Work set up and schedule: Onsite and...
Corporate Governance Officer / Digital Bank
Taguig, National Capital Region
MKIT (HONG KONG) HOLDINGS LIMITED
Brief Description: The Corporate Governance Officer is responsible for assisting the Chief Compliance Officer in...

Related Searches

Jobs in National Capital Region
Security Jobs
Data Jobs
Compliance Jobs
Information Security Jobs
Training Jobs
Management Jobs
Hybrid Jobs