Position title
IT Risk Specialist / Officer

Overall Purpose: Responsible for providing assistance or participating in the identification, measurement, monitoring and controlling of Information Technology Risks/Technology Risks covering IT and OT environments at the level of FPH Group specially cyber security per business function/service on a periodic basis.

IT Risk Management aims to identify current and prospective technology risk exposures arising from the organization’s IT and OT environments by determining which IT and OT resources may cause loss of information confidentiality, integrity and availability to ensure that these are properly managed.


1. Participates in implementing Technology/IT Risk Management Framework and Plan across the FPH Group covering IT and OT environment.
2. Participates in developing and implementing the technology/IT risk policies and procedures of the various FPH Group.
3. Participates in performing independent Technology/IT Risk Assessments and Risk Management Process.
4. Collects and validates data that measure key risk indicators (KRIs) to monitor and communicate their status to relevant stakeholders for their decision-making process.
5. Participates in preparing Technology/IT Risk Management and/or DPA Reports and Materials for FHP Group to ManCom, ExeCom and BOD on relevant internal Technology/IT risks, related activities and new government\regulatory regulations on Technology/IT Risk.
6. Participates in evaluating the effectiveness of the existing Technology/IT Risk Management processes, in identifying improvement needs and in recommending improvement measures.
7. Participates in developing, reviewing, implementing, monitoring and overseeing the Information Security Management System (ISMS) including Cybersecurity standards, policies and procedures of FPH and FirstGen.
8. Participates in managing the conduct of Technology Risk, Information Security and DPA awareness/orientation program.
9. Acts as the DPO of FirstGen for further compliance to Data Privacy Act (DPA) and applicable laws and issuances of National Privacy Commission (NPC).
10. Coordinates and reports the Group DPO and FPH DPO in ensuring FirstGen compliance to Data Privacy Act (DPA) of 2012 and data privacy implementing rules and regulations.
11. Assists the Group DPO in managing the DPO Council in meeting its objectives.


Minimum education requirement: Bachelor’s Degree in Management, Engineering, Information Technology, Information Systems or equivalent or related course.

Ideal education requirement: Bachelor’s Degree in Information Technology, Information Systems Management, Computer Engineering, Computer Science Engineering or Electronics and communication engineering

Minimum experience: One (1) year minimum experience in any of this field – Technology\System Risk Management, Information Security or Information Technology Audit or Information Technology.

On-the-job-training: Six (6) months

Others: Report writing and presentation skills are required. Must be able to manage and communicate technical data to a non-technical audience.

Employment Type
Beginning of employment
As soon as possible
Duration of employment
Long-term employment
Power Producer
Job Location
Ortigas, National Capital Region, Philippines
Date posted
June 2, 2020
Valid through
June 30, 2020
PDF Export
Close modal window

Position: IT Risk Specialist / Officer

Thank you for submitting your application. We will contact you shortly!