Concentrix

Manager,Governance,RiskandCompliance

Cebu City, Philippines FULL TIME

The Brief

“Manager, Governance, Risk and Compliance at Concentrix. Skills: Governance, Risk and Compliance (GRC), information security risk management, client assurance, audits, assessments, remediation programmes, risk management, governance, executive reporting, client security audits, client assessments, client due diligence, remediation tracking, audit readiness, control failures, emerging risks, compliance gaps, security incidents, root cause analysis, people leadership, stakeholder engagement. Lead i”

Industry & Context.

Problems you'll solve

root cause analysis

What They're Looking For.

Must Have

8–10 years of experience in information security, governance, risk, compliance, audit, or client assurance., Demonstrated experience leading audits, security assessments, and remediation programmes., knowledge of common security and compliance frameworks (e. g. , ISO/IEC 27001, NIST, SOC 2, PCI DSS)., Proven ability to communicate complex risk topics to executive and non‑technical audiences., Experience managing competing priorities across multiple clients, regions, or regulatory environments., Prior people‑management or team‑leadership experience.

Nice to Have

Bachelor’s degree in Information Security, Risk Management, Business, or a related field (or equivalent experience)., Professional certifications such as CISSP, CISM, CISA, CRISC, HCISPP, or IAPP credentials., Experience with GRC tools, audit platforms, or evidence management systems.

What You'll Do.

Lead information security risk management and client assurance activities across multiple client accounts and regions.

and remediation programmes.

Manage and develop a team of GRC Specialists.

Serve as a trusted advisor to internal leaders and client stakeholders.

and client security requirements are met through governance

proactive risk management

and clear executive reporting.

Provide leadership oversight of information security and compliance risk assessments across client programmes and internal functions.

Govern core GRC artefacts

including risk registers

and risk acceptances.

and client security requirements into scalable

auditable control expectations.

Advise senior stakeholders on risk prioritization

and risk‑business trade‑offs.

Complete all assigned

mandatory training within the timeframe provided.

Conduct and/or participate in regularly scheduled 1: 1 meetings with direct manager and/or direct reports.

Act as the senior escalation point for client security audits

and due diligence activities.

Oversee end‑to‑end delivery of client assurance engagements

and on‑time completion.

Review and approve complex or high‑risk client assurance responses and evidence submissions.

Ensure effective governance of client‑driven findings through remediation tracking and executive escalation.

Lead responses to internal and external audits

maintaining audit readiness and consistent narratives.

Establish and oversee proactive monitoring to identify control failures

Provide leadership oversight for security incidents and investigations

ensuring effective root cause analysis and remediation.

Drive systemic improvements to controls

and governance models to prevent recurring issues.

and develop a team of GRC Specialists through performance management

and capability building.

executive‑level risk reporting on posture

and remediation status.

Partner with Client Security leadership

and other stakeholders to ensure aligned priorities and timely execution.

How You'll Work.

Team & Collaboration

Partner with Client Security leadership, IT, Operations, Privacy, Legal, and other stakeholders to ensure aligned priorities and timely execution.

Communication Scope

Proven ability to communicate complex risk topics to executive and non‑technical audiences.; Produce clear, executive‑level risk reporting on posture, trends, and remediation status.

Process & Methodology

remediation programmes, client assurance engagements, remediation tracking

Free ATS check

Applying for this Manager, Governance, Risk and Compliance role?

Most applicants get filtered before a human reads their resume. See if yours makes the cut.

Should you apply? AI reads your resume vs this job — match score, gaps to address, ATS keywords.

Skill Signal 49 detected

Core

client assurance ×6

remediation programmes ×6

risk management ×6

governance ×6

client security audits ×6

client assessments ×6

client due diligence ×6

security incidents ×6

root cause analysis ×6

information security ×4

Required

Governance, Risk and Compliance (GRC) ×2

information security risk management ×2

audits ×2

assessments ×2

executive reporting ×2

remediation tracking ×2

audit readiness ×2

control failures ×2

emerging risks ×2

compliance gaps ×2

Nice to have

ISO/IEC 27001

NIST

SOC 2

PCI DSS

GRC tools

audit platforms

evidence management systems

Behavioural

coaching

mentoring

communication

Role Details

Seniority

manager

Type

FULL TIME

Experience

8–10 yrs

AI-Extracted Insights

Domain Areas

information-security

governance

risk

compliance

client-assurance

security-frameworks-iso-iec-27001

nist

soc-2

Certifications

CISSP

CISM

CISA

CRISC

HCISPP

IAPP credentials

How to Apply on Workday

Workday has a multi-step form — save your progress after every section.
"Apply With LinkedIn" can fail or lose data; manual entry is more reliable.
Watch for the "Submit for Review" final step — hitting "Save" alone does not submit.
Job requisition numbers are useful when following up with HR by email.

ANONYMOUS · UNFILTERED

What do employees actually say about Concentrix?

Real rants from real employees. Read before you apply.

Read Company Rants →