top of page

Senior GRC Analyst (TGSA - 9)

DAY SHIFT | Full time | Makati Office (Hybrid setup) | Iloilo Office (Onsite)

Why Cooee

Because we believe in the power of human connection. Because we are committed to flourishing human potential. Because we dream of a world where each one of us walks along the path to who we are and the best that we can be. This is why we do What we do – ‘To be a part of transformation one person, one community, one business at a time.’ 


We are One Team committed to investing in relationships fueled by trust and anchored on the One Shared Vision ‘to transform through connection’. We believe this is where the strength of Cooee and our partnerships lie – in having clarity and conviction in purpose.


About the Role

As a Senior GRC Analyst on the Security Engineering team, you will be responsible for developing and implementing internal policies, procedures, and controls to manage risks and ensure compliance with industry standards and regulations. You will play a key role in overseeing security audit and governance management, conducting risk assessments, and identifying potential risks. Additionally, you will maintain and evolve the integrated cybersecurity contracts framework and programs.


What you'll be working on

  • Develop and implement internal policies, procedures, and controls to manage risks and ensure compliance with industry standards and regulations.

  • Oversee security audit and governance management: optimize year-round compliance, audit and regulatory efforts.

  • Manage and support annual SOC 2 and global ISO 27001 audits.

  • Support security operations processes, such as ensuring that strong processes are implemented and followed for resolving vulnerabilities and CVEs, and responding to security incidents.

  • Conduct risk assessments and identify potential risks.

  • Facilitate governance and track remediation for vulnerabilities and deficiencies and establish and implement resolutions based on risk impact and criticality.

  • Effectively communicate program execution status, key accomplishments, and risks to senior management both within Security and to our business partners.

  • Support customer inquiries and discussions, creating clarity, transparency, and confidence in our security and compliance posture.

  • Review, negotiate, and redline contracts, including Data Protection Agreements (DPAs), with third-party vendors, partners, and customers to ensure data privacy and protection.

  • Maintain and evolve our integrated cybersecurity controls framework and programs.


What we're looking for

  • The ability to work in a fast-paced and constantly evolving environment.

  • Strong technical background with a good understanding of security concepts and practical usage in Network Engineering, Network Security, Threat and Vulnerability Management, Database, SDLC, and Release Management.

  • Prior experience in a compliance and regulatory environment related to security and privacy including security compliance standards across industries and geographies such as ISO 27001, SOC, HIPAA, HITRUST, and FedRAMP.

  • Proficient in public cloud-based platforms such as AWS, Azure, and GCP as well as monitoring tools such as CSPM, Vulnerability Scanning, Log Ingestion/SIEM.

  • Experience implementing controls in Infrastructure as a Service (IaaS) cloud environments.

  • Excellent communication skills and ability to explain complex technology to diverse audiences across varying technical and business backgrounds in a way that fosters understanding and ownership.


Benefits

✅ HMO on 1st day

✅ Government Benefits

✅ Paid recommendation program

✅ Holistic employee experience

✅ Weekly engagement activities

✅ Quarterly appreciation program


Iloilo Office: 2nd Floor, Iloilo Gateway Hotel National Highway, Mali-ao Pavia, Iloilo 5001

bottom of page