Job Description

Responsibilities

Interface with business stakeholders to understand and advocate for business needs with the broader security organization and promote and deliver services in the security and privacy services catalog. Solicit, surface, track, and resolve business feedback on security and privacy services and capabilities to enable continuous improvement Promote and facilitate security and privacy projects and initiatives with business departments. Conduct security risk assessments of business processes, projects, business units, systems, and data. Prepare risk assessment reports to inform risk treatment decisions. Track and monitor remediation and risk management activities. Support security and privacy awareness & training initiatives in Asia Pacific region Implement and champion risk management processes and concepts. Maintain a current and comprehensive understanding of relevant industry standards to incorporate into the risk management strategy, framework, and program. Support integration and maturation of policy, compliance, and risk frameworks.

Qualifications and Experience

A minimum of 5 years of experience in information security risk management, stakeholder and project management Bachelor's degree or higher in the field of information security, engineering or related technology field of study Strong knowledge of security and data privacy standards and regulations, such as ISO 27k, PDPA, NIST 800-171, PCI DSS, GDPR, LGPD Exceptional written and verbal communication skills, with the ability to articulate complex and technical issues to all levels of personnel Customer-first, detail oriented, results driven, and highly organized, with the ability to thrive in a fast-paced environment and prioritize accordingly Experience engaging stakeholders and managing projects, preferably with international experience in an e-commerce or technology related industry Strong analytical and problem-solving skills Certifications, such as CISSP, CISM, CISA, ISO 27001 Lead Auditor, PMP are desirable * High level of personal integrity, with the ability to professionally handle confidential matters and exudes the appropriate level of judgment and maturit