• Collaborate with business stakeholders to conduct comprehensive audits related to IT general controls, application controls, information security, and business functions.
• Address client and internal inquiries regarding compliance, privacy, and security matters, providing expert guidance and solutions.
• Maintain and enhance MRI's risk register by creating, updating, and assessing entries to ensure accurate documentation of potential risks and mitigation strategies.
• Ensure timely completion of corrective actions by diligently following up with internal and external parties.
• Manage the lifecycle of policies and security documentation, including drafting, updating, archiving, and circulating to relevant stakeholders.
• Prepare detailed minutes, collect and analyze data, and maintain action lists to support meetings, audits, and incident response efforts.
• Align MRI's overall security strategy with internal teams, industry best practices, and global legislation, including but not limited to SOC 1, SOC 2, ISO 27001, NIST, and other standards.
• Develop and oversee mitigation plans related to information security risks, audits, and policy findings, collaborating with relevant teams to ensure effective implementation.
• Conduct vendor security risk assessments and provide risk-based recommendations to help evaluate and improve the company's risk posture.
• Contribute to the development and delivery of engaging and informative enterprise-wide security awareness initiatives to foster a culture of security.
• Forge strong, collaborative partnerships with security, infrastructure, legal, audit, and IT teams to ensure a cohesive approach to compliance and risk management.
• Stay abreast of emerging trends, threats, and best practices in cybersecurity and compliance, proactively identifying opportunities for improvement and implementing necessary changes.
• Qualifications:
• Professional experience and familiarity with specifically ISO 27001, while ISO 9001, SOC 1, SOC 2, and other auditing standards are also plusses.
• Professional experience and familiarity with one or more: NIST, CIS, SANS, ISO, CES, FedRAMP, and other cybersecurity frameworks.
• Working knowledge of major international, national, and state level security and privacy regulations, practices, and standards.
• Solid technical background with an applied understanding of common types of security risks and mitigation strategies.
• Experience with vendor risk management and performing security risk reviews.
• Ability to work effectively with geographically distributed teams across different time zones.
• Excellent communication and interpersonal skills, with the ability to translate complex technical concepts to non-technical stakeholders.
• Strong analytical and problem-solving skills, with a keen attention to detail and the ability to think critically.
• Proactive and self-motivated, with the ability to work independently and manage multiple priorities in a fast-paced environment.
• Relevant certifications such as CISA or CRISC are highly desirable.

Benefits

• Career growth opportunities in a diverse and supportive work environment.
• Competitive Salary Package
• Prime office location in Ortigas (Easy access to MRT stations, restaurants, and banks)
• Hybrid Working Arrangement (2 days WFH)
• HMO coverage with free dependent upon hire.
• Free 24/7 access to our office gyms (Ortigas and Makati)
• Total of 20 annual leaves to be used on your own discretion (including 5 credits convertible to cash)
• Plus, additional benefits

About Us

From the day we opened our doors, MRI Software has built flexible, game-changing real estate software that powers thriving communities and helps make the world a better place to live, work and play. Fulfilling that mission is only possible because of one thing: exceptional people. People like you!

Our people-first approach to PropTech is defining a new industry standard for client experiences that, quite frankly, can’t be duplicated. Experiences that deliver real value every day. And we know those experiences begin with our people.

We believe MRI is more than just a workplace; it’s a connected community of people who truly feel they belong. Whether we’re investing in employee resource groups or providing tailored resources for each person to reach their full potential, we’re passionate about creating a work environment that makes you excited to show up every single day.

At MRI, one of our core values is to strive to amaze. From the intelligent solutions we create to the culture we cultivate, that’s our goal every day. Because that’s what industry leaders do. Whether you’re joining as a new Pride member or rejoining us after a short time away, your talent is vital to us, our partners and our clients.

Amazing growth requires amazing employees. Are you up to the challenge?

We know confidence gap and imposter syndrome can get in the way of meeting remarkable candidates, so please don’t hesitate to apply. We’d love to hear from you!

MRI is proud to be an inclusive employer. We welcome and celebrate diversity across all backgrounds, including ethnicity, religion, sexual orientation, gender identity, disability, age, military, veteran status and more.

We believe that Belonging is a direct result of Diversity, Equity, and Inclusion. Those values are woven into the fabric of who we are and are foundational to our continued success. Come and see for yourself!