The Information Security and Privacy Analyst shall be responsible in developing, documenting Shopee Philippines risk assessment, privacy impact assessment, business impact analysis, information security and data privacy. This includes educating, coaching, process review and internal auditing.
Roles and Responsibilities
- Evaluate process from information security risks and data privacy breaches to assess the effectiveness of existing internal controls.
- Build and maintain an inventory of the location of the key personal data storage or personal data flows in compliance to the data privacy.
- Develop and maintain an effective information security, data privacy incident and breach management program that meets legal requirements and addresses operational risk.
- Develop and monitor organization practices to identify new processes or material changes to existing processes and ensure implementation of Privacy by design principles.
- Perform other similar and related duties as required or directed
- Graduate of any Engineering Course, Computer Science or any IT related course.
- Must have an experience in assessing and documenting control environments showing key processes, systems and key controls.
- Knowledgeable to FMEA to review risk and establish controls.
- Knowledgeable on the implementing rules and regulation of Data Privacy Act of 2012 as given by National Privacy Commission.
- Must be proficient in MS Office Applications.
- Must have at least 1 to 2 years in assessing Information Security Risk and Privacy Risks anchored on the ISMS Framework (ISO 27001).
- Must have at least 1 to 2 years’ experience in Internal and External Audit.
- Must have an understanding on Continuous Improvement principles.
- Must have a good presentation skills.
- Must be keen on details.
- Must have the ability to work as a team member and independently.
- Can work within the set timelines.