Close

[POSITION CLOSED] Regional Security Assurance Specialist (coverage: Asia Pacific)

About Our Client:

A large European multinational IT company, which is based in Cyberjaya, Malaysia. 

 

 

About the Role:

This is a unique opportunity within the Risk, Governance, and Security Assurance function covering Asia Pacific (APAC); for a governance, security risk and compliance management program, collectively called Security Assurance. The person while operating with high degree of autonomy and visibility, will ensure compliance/implementation of risk and assurance programs which would address key security risks and enable EITS APAC to address security, regulatory and compliance needs.


Ideal candidates for the position are innovative security compliance professionals with strong technical, business and program management experience, having led similar programs for other global companies. Candidates should be able to have strong knowledge, understanding and experience in security risk management, regulatory and compliance requirements as well as having excellent communication skills to be engaging and liaising with executive leadership, internal/external audit and key internal stakeholders.

 


Duties & Responsibilities

·     Ensure full compliance for Security Assurance to address APAC security governance, risk management and compliance needs, in partnership with peers from Information Security and Product Security

·      Have strong knowledge, understanding and experience in the information and product security governance structure, to ensure adequate knowledge of and support for information and product security programs

·      Implement a right-sized security risk management process that assesses risks and oversees mitigation through the appropriate application of risk-based controls

·    Develop strategy to meet various internal IT security compliance requirements and oversee related control design, implementation, evaluation/audit and remediation efforts, in partnership with relevant stakeholders (control and system owners, IT and security leadership, internal audit, external audit, etc.)

·       Design and implement relevant program metrics, and provide Security Assurance updates to stakeholders

·       Participate in Enterprise Risk Management process to advise on our security-related risks and related mitigation

·       Engage in Security Assurance knowledge-sharing within the organization

·       Develop the Security Assurance team to grow to its next level of maturity and scalability

 

 

Required Experiences:

·   At least 8 years of relevant experience in security governance, risk management and compliance programs in large scale, internet facing environments

·       Executive management experience, engaging with and reporting status to senior management teams

·       Experience with customer interactions, to explain security program status and performance

·       Experience enforcing and implementing IT and security control and compliance frameworks requirements relevant to cloud or technology companies

·       Experience leveraging risk management frameworks to assess and manage security risks at a variety of levels – enterprise, function, process, etc

·       Team leadership experience and a proven record of attracting, inspiring, growing and retaining top talent and driving high performance

·       Experience evaluating and implementing the tools necessary to support efficient and effective Security Assurance practices

·     Superior stakeholder management skills, and communication skills that can range from high-level discussions with executives and internal stakeholders to more in-depth discussions with internal control, system and process owners

·       Strong business acumen Bachelor’s degree in an information technology discipline. MS or MBA preferred.