Information Security Manager

Sodali & Co Manila, National Capital Region, Philippines

Sodali & Co is a leading provider of shareholder engagement advisory and governance consulting services to corporate clients around the world. The firm provides corporate boards and executives with strategic advice and services relating to a broad range of activities, including mergers and acquisitions, annual and special meetings, shareholder activism initiatives, multinational cross‑border transactions, sustainability issues and debt restructuring. From headquarters in New York, London, and Sydney with offices in the world’s major capital markets, Sodali & Co serves more than 2,000 corporate clients in over 80 countries.

The Opportunity

The Information Security Officer will develop, implement, and maintain the information security program, protecting enterprise communications, IT systems, and company and customer assets from internal and external threats.

Key Responsibilities

• Lead the information security function across the company to ensure consistent and high-quality information security management in support of the business goals.
• Develop, implement, and monitor a comprehensive enterprise information security program that aligns with the strategic plan and best‑in‑class compliance and industry requirements.
• Maintain ISO 27001, SOC 2 Type¢2, GDPR, and UK Cyber Essentials certification and related activities.
• Manage annual internal and external penetration testing and remediation.
• Monitor the external threat environment for emerging threats and advise stakeholders on appropriate actions.
• Manage security incidents and events to protect corporate IT assets, including intellectual property, regulated data, and the company’s reputation.
• Coordinate the development and implementation of incident‑response plans and procedures to ensure business‑critical services are recovered during a security event.
• Develop, implement, and enhance an up‑to‑date information‑security management framework.
• Create, implement, and manage confidentiality, data safeguarding, and data‑retention policies and procedures.
• Develop, maintain, and roll out training and activities for information‑security awareness within the organization.
• Evaluate security trends, evolving threats, risks, and vulnerabilities and apply tools to mitigate risk as necessary.
• Provide regular reporting on the security program’s status to stakeholders and facilitate a metrics and reporting framework to measure program efficiency and effectiveness.

Role Requirements

Education & Qualifications

An Equal Employment Opportunity (EEO) Employer

We are an equal‑opportunity employer and are committed to building a diverse and inclusive workplace. We consider all qualified candidates regardless of race, color, religion, creed, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, marital status, familial status, caregiver status, pregnancy, reproductive health decisions, veteran status, unemployment status, arrest or conviction record, or any other status protected under federal, state, or local law.

Seniority Level

Employment Type

Job Function

Industries

#J-18808-Ljbffr