CLIENT SECURITY LEAD

THE JOB:

The Client Security Lead (CSL) role is a great way to make a difference. You will be responsible for understanding client requirements, balancing security implementation with business priorities, and advocating for the security of our client’s assets and data. You will do this by reviewing security documents/questionnaires and ensuring our organization is meeting, or exceeding, their security requirements. If you are detail oriented, someone who enjoys working with clients and understands the balance between implementing a secure solution while ensuring operational efficiency and effectiveness, then you have found the role for you! You will have an Information Security and Compliance Team supporting you to help implement and adhere to the client’s security needs.

Shift: 9:30PM-7AM Mon-Fri; Hybrid setup with at least 2 days onsite weekly

Main Duties and Responsibilities:

• Client Security Advocacy
  • Act as the primary point of contact for clients regarding their security needs, ensuring a thorough understanding of their security concerns and requirements.
  • Review client contracts and ensures the organization’s compliance to those documents
  • Answer security questionnaires from existing and potential clients.
• Security Solutions Implementation
  • Work with internal teams to design and implement secure solutions that align with both client needs and organizational capabilities while ensuring operational efficiency.
  • Document the security workflow, system changes and protocols
  • Designs and plans out internal audits
  • Provide training and education programs on information security and data privacy best practices.
• Risk Management
  • Assess, identify, and mitigate security risks for clients, providing proactive solutions to minimize vulnerabilities.
  • Communicates risks, analyzes gaps, and reports any violations to both internal policies or guidelines, and relevant laws and regulations
  • Conduct risk and impact assessments to evaluate potential security risks that could affect operations, from external threats (e.g., cyber-attacks, data breaches) to internal vulnerabilities (e.g., weak access controls, poor configuration management)
  • Manage data breaches and lead incident response plans.
• Compliance Management
  • Facilitates external attestations and certifications
  • Oversee compliance with the Philippine Data Privacy Act, EU GDPR, HIPAA/HITECH regulations, and other regulatory requirements applicable to the business and services.
  • Maintain database of accredited vendors/suppliers based on compliance protocols
  • Review and update privacy policies and terms of service to ensure compliance with internal and external requirements, and operational processes

Qualifications (Skills and Experience):

• Excellent communication and interpersonal skills, with the ability to explain complex security concepts to clients in a clear and concise manner.
• Experience in client-facing roles with a strong understanding of security best practices and operational efficiency.
• Strong knowledge of cybersecurity principles, risk management, and security/compliance frameworks (e.g., GDPR, HIPAA, ISO 27001, PCI-DSS).
• Experience with security tools and technologies (e.g., firewalls, encryption, threat detection systems).
• Project management experience is a plus, as this role requires working across multiple teams and managing client expectations
• Familiarity with reviewing contracts and security-related agreements, with the ability to identify key security provisions, compliance requirements, and potential risks related to client data and services.

Find out more about Civicom Pacific at www.civi.com and our Feathers Project at www.feathersproject.org.

Apply Now!