• Digital Banking
  • Our App
  • Promotions
  • Our DNA
  • Financial Literacy Articles
  • Help & Support
Our Products
Our Partners
Latest Promotions
Careers Page
Financial Essentials
Digital Banking with CIMB
Security Tips

Job Description

  • Design and implement security strategies
  • Design and implement security objectives aligned with business objectives of the organization
  • Implement the information security / technology / cybersecurity framework of the Bank relevant to the function of Technology department
  • Oversee the execution of periodic vulnerability assessment and penetration testing activity, both internal and in coordination with third party.
  • Lead the security awareness activities in the Technology Department as stated in the information security awareness program
  • Oversee the assesssment of applicability of information security threat advisories coming from various sources (e.g., BAPCID, Security Operations Center, Threat Intelligence organizations), determine existing mitigating controls and suggest action plans, as needed
  • Lead the conduct of various risk assessments for Technology Department (e.g., RCSA, Information Security Risk Assessment, IT Risk Assessment)
  • Oversee the performance of periodic control effectiveness testing / compliance testing of the Technology department on information security controls (e.g., patch management, user access review)
  • Collaborate with other Technology Department (e.g., IT Operations, IT Service Delivery) ensuring that industry accepted security practices are implemented
  • Maintain effective relationships with key stakeholders within and outside the organisation with respect to information security and other standards
  • To provide on time and appropriate reports to senior management team including management review meets
  • Forms a ‘Centre of Excellence’ on Information security to offer internal consulting services.


  • Knowledge of Bangko Sentral ng Pilipinas (BSP) Circular 982, Data Protection Act 2012, Payment Card Industry Data Security Standards and Law of Secrecy of Bank Deposits
  • Bachelor of Science in Information Technology or equivalent from reputed International Institute (preferably specialisation in IT/Operations/TQM)
  • 10-15 years of experience out of which 8-10 years in Information Security and other frameworks like ISO 27001, NIST, PCI DSS, SOX, SSAE…
  • Currently working in the capacity of Information Security Manager or higher
  • PMP certified / Prince 2 or strong project management skills (Preferred)
  • Knowledge of Information Security Risk Management and risk mitigation is a must
  • Certified Auditor for International standards and frameworks desirable
  • Experience in minimum of 2 project implementations on ISO standards (ISO 9001, ISO 20000, ISO 27001)
  • Information security management qualifications such as CISSP or CISM 
  • Cloud security or cyber security certifications preferred
  • Able to interact with C-level professionals and translate their requirements into deliverables
  • Strong presentation and excellent communication skills required
  • Should have experience working with global and diverse teams/client

Go Beyond Banking with CIMB Bank

Download the all-new CIMB Bank PH app and enjoy an enhanced digital banking experience that's fast, easy, and more convenient than ever!