Responsibilities

• Establish, develop, and maintain the company's information security policies, standards, frameworks, and related documentation to align with business requirements, global standards (e.g., PCI DSS, ISO 27001, NIST), and regulatory requirements (e.g., BSP Circular No. 982).
• Conduct periodic reviews and updates to information security policies and documents, ensuring they are current, relevant, and consistent with industry standards and best practices.
• Manage the implementation and ongoing improvement of the Information Security Management System (ISMS) and PCI-DSS certification, including other relevant future certifications.
• Lead and support annual audits, certification initiatives, and compliance documentation updates to secure and maintain necessary security certifications.
• Develop processes and procedures to validate and track compliance with chosen security standards and regulatory requirements.

...