Sr Manager, Information Security and Compliance | Manila

Tarro

1w ago 1 views 0 applications
Manila Onsite
Competitive
Full-time

Job Description

Sr. Manager, Information Security & Compliance - Protect the Recipe for Success!

At Tarro, we're not just building software; we're empowering local restaurants to thrive! We're passionate about providing a seamless connection between these businesses and their customers, freeing them to focus on what they do best: creating amazing experiences and delicious food. Join us in securing the future of mom-and-pop restaurants!

Think you have what it takes to defend our growing ecosystem? We are seeking a highly motivated and experienced Sr. Manager of Information Security and Compliance to lead our organization's information security strategy and operations. You'll be a critical player in ensuring our platform remains secure and compliant, protecting both our restaurant partners and their customers.

What You'll Be Doing:
Architect & Execute: Develop and implement a comprehensive information security strategy aligned with business objectives, regulatory requirements, and risk profiles.
Compliance Champion: Ensure ongoing compliance with critical data privacy regulations, including PCI DSS, Philippines/Malaysia’s DPAs, CCPA, and emerging standards.
Fortify the Fortress: Lead the design, implementation, and maintenance of secure cloud-based and on-premise infrastructure spanning our product and corporate environments.
Collaborate & Influence: Partner with internal stakeholders across various departments to promote security awareness and alignment.
Build & Mentor: Grow and manage a talented team of information security professionals, fostering a culture of security excellence.
Incident Response Hero: Participate in production support and data breach incidents and drills, ensuring rapid and effective response.
Threat Intelligence Pro: Stay ahead of the curve by monitoring emerging security threats, vulnerabilities, and technologies, proactively adapting security measures.

Your Mission in Year One:
PCI DSS Level I Ready: Achieve readiness for our PCI DSS Level I audit.
Global Privacy Compliance: Ensure full compliance with CCPA and the Data Privacy Acts of the Philippines and Malaysia.
Granular Access Control: Implement robust role-based access control across our systems.
Secure Workstation Management: Deploy a scalable solution for workstation management and BYOD.

What You'll Bring to the Table:
Experience: 8-10 years of IT experience with 5+ years in a leadership role.
Expertise: Proven experience implementing and managing:
Information security management frameworks (PCI DSS, ISO 27001, SOC 2, etc.)
Data privacy frameworks (GDPR, CCPA, etc.)
Identity management systems and role-based access control
Workstation and BYOD management applications
Security best practices for hybrid (cloud + on-premise) product and corporate infrastructure

Leadership Style: A passion for being a hands-on contributor, influencer, and leader.
Organizational Skills: Strong prioritization and project management skills.
Problem-Solving: Resourcefulness and comfort working independently in ambiguous situations.
Availability: Willing to work in-office 5 days a week, starting at 3am PHT Tuesday-Saturday to align with US hours.

Bonus Points:
Experience with green-field security framework implementations at startups or small-to-midsize companies.
Proficiency with scripting and APIs.
A practical, business-oriented approach to security practices.
A willingness to take on additional responsibilities as we grow.

Even if you don't meet 100% of the qualifications, we encourage you to apply! We value diverse backgrounds and experiences.

Tarro is an equal opportunity employer committed to building a diverse and inclusive workforce. We welcome talent from all backgrounds, including but not limited to race, sexual orientation, gender identity, age, nationality, religion, veteran status, political affiliation, and disability.