Information Security Manager, North Asia
职位信息
职位名称
Information Security Manager, North Asia
任职要求
• Experience of security compliance initiatives within an enterprise technology environment such as ISO 27001, NIST CSF, CSA, PCI DSS, Cyber Essentials • Experience operating in a matrixed organisation to meet requirements of diverse stakeholders. • Experience of acting as internal security consultant for project teams and business partners. • Track record of supporting information security in a diverse, fast-paced enterprise environment. • Knowledge of all domains within security covering people, process and technology • Understanding of security risk analysis techniques • Understanding of network architecture, protocols and principles (desirable) • Ability to explain technical complex concepts to non-technical audiences combined with excellent communication and organisational skills • Excellent written and verbal communication skills and able to be understood by both technical and non-technical personnel • Stakeholder management and interpersonal skills at both a technical and non-technical level • Diligent and thorough approach to problem solving • Comfortable with managing uncertainty, ambiguity, and change in order to make decisions and recommendations
岗位职责
• The purpose of this role is to manage information security for North Asia. • This role will be responsible for delivering information security initiatives across North Asia, ensuring controls and culture are maintained and for supporting business security requirements, leveraging global and regional capabilities. • You will be responsible for building positive stakeholder relationships in the across North Asia, including partnering with tech, business and global functions teams to deliver security initiatives. • You will communicate and support adherence of the Information Security policy and standards framework. You will work with global centre of excellence teams to ensure policy, standards and projects have local context • The ISM will manage information security projects and coordinate resources with regional Technology and business stakeholder staff and external groups. Performs periodic security risk assessments of region markets and brands. • Successfully utilises support processes and structures sufficient to ensure the business’ information security risk profile meets corporate goals and is maintained/improved over time • Ensures teams are successfully assessing the scope and impact of incidents and responding with a sense of urgency that matches the incident, following appropriate policies and procedures. Perform "root cause” analysis for major incidents to identify and remediate information security issues. • Manages and supports requests relating to client security, e.g. RFPs, client audits etc • Assists stakeholders with BCP/DR test planning, execution, training and maintenance projects • Supports Internal Audit to manage regional audits to include remediation of findings. • Supports supplier security processes where onsite supplier reviews are needed
福利待遇
带薪年假、加班补助、年终奖、定期体检、补充医疗保险、五险一金、带薪年假、加班补助、年终奖、定期体检、补充医疗保险、五险一金