My client, a global finance services company who provide asset-based financial solutions are currently recruiting for an Information / Cyber Security Officer to support their Asia Pac business. This is a newly created role and will be supported by the Global Information Security Officer who is based in Europe.
You will be responsible for defining and implementing the businesses Information / Cyber Security Program / Framework and support the organization in managing its Information / Cyber Security risks.
Your day to day responsibilities will include:
- Define, implement and improve the security policies, standards and procedures.
- Conduct security risk assessments
- Manage security risks including informing management on the security risk profile and the security compliance profile of relevant business units
- Advise management on necessary improvements and advise on control implementations
- Develop a training program for awareness within the organization and specialist training for targeted groups
- Establish metrics, reporting mechanisms and services, maturity models and a roadmap for continual security program improvements.
- Coordinate and serve as primary point of contact for significant information security incidents
- Keep abreast of information / cyber security trends and threats
- Support management and IT Teams to navigate and interpret local regulations around Cyber security and Data security.
To be successful in this role you will have:
- A strong background in application, network and operational security and have worked with sensitive data in high-risk environments.
- A deep awareness of the ins and outs of Cloud environments
- Know most web application vulnerabilities and attack vectors
- Be comfortable with complexity and will know how to build the right controls to manage and monitor complex systems in a safe a predictable way.
- Love security and be interested in crypto.
Essentials
- Relevant education / certification of Information Security Management (e.g. CISM, CISSP, CISA)
- Proven track record in Information Security, preferable completed with IT Risk Management, IT Audit and Operational Security experience
- Substantial knowledge of Information Security standards and regulations (ISO27001/2, ISF Standards of Good Practice, PCI DSS, FIPS, HIPAA)
- Strong communication, planning and organization skills
- Strong influence, negotiation and persuasion skills
- Quality driven and results oriented
- A strong team player
- Ability to travel is essential
If this sounds like the challenge you are after apply now, quoting reference 203003
