Job Description

Job Responsibilities:

• Provides leadership and oversight, by setting the direction and implementing the strategy, deliverables, and operating model of the CISO office.
• Partner with the Technology Security Team to ensure highest possible solutions and processes are in place.
• Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program and a comprehensive enterprise information security management framework.
• Responsible for establishing and maintaining a corporate-wide information security management program to ensure that information assets are adequately protected.
• Responsible for the strategy formulation and oversight of the organisation's security framework encompassing standards affecting operations, applications, infrastructure, asset management, policies, and procedures.

Requirements:

• Degree in business administration or a technology-related field required
• Minimum 15 years of experience in IT, with 12 years of experience in a combination of risk management & information security
• Experience in Information Security in Banking and Financial services.
• Deep understanding of the security integration industry in Asia
• Professional security management certification, in one or more of the following -
  • Certified Information Security Manager (CISM)
  • Certified Information Systems Security Professional (CISSP)
  • SANS Global Information Assurance Certifications (GIAC)
  • Certified in Risk & Information Systems Control (CRISC)
  • Certified Information Systems Auditor (CISA)
• Knowledge of common information security management frameworks/models, such as ISO/IEC 27001, NIST, Zero Trust.
• Strong knowledge of cyber security frameworks, information security principles, architecture, and cryptography.
• Ability to articulate gross and residual risk with specific ability to clearly, concisely and accurately communicate complex technology and process risk.
• Strong interpersonal and stakeholder management skills, across various levels in the organisation including senior leadership teams.
• Hand-on experience on technology regulatory compliance, technology audit, data privacy laws and outsourcing management is an added advantage.
• Knowledge on IT infrastructure and APAC regulations.

Morgan McKinley Pte Ltd EA Licence No: 11C5502 Registration No: R1106192