Job Description

Preferred Working Location: within Asia Pacific

Scope of Role

• Derive, plan and communicate the Regional information security strategy based on the DHL Global Forwarding/Freight (DGFF) Divisional Information Security strategy, and have it implemented by the Regional and local Information Security Team.
• Implement the DPDHL policies, processes, standards and compliance models required to meet legal and regulatory requirements, protect the DGFF customer data and protect the brand and reputation of DGFF and DHL.
• Lead a team that applies standards and policies relevant to the current threat landscape.
• Provide strong leadership to develop and support the local Information Security and Service Management Teams in the implementation of the Information Security Strategy.
• Apply effective information security solutions by finding the right balance between risk protections and providing benefits for the company.
• Apply information risk processes to further strengthen the risk management in DGFF, implement IT Risk guidelines and tools to support DGFF BU-IT. Understand and explain security architectures for solution providers to implement.
• Apply IT Service Continuity Management framework to support the operations of IT in accord with the requirements and needs from Business.
• Preparation, execution and follow-up of internal and external audits conducted in DGF Asia Pacific with accountable product and topic owners
• Manage Information Security related incidents in DGF Asia Pacific.
• Provide awareness and consultancy on Information Security related topics to the DGF Asia Pacific.
• Monitoring and report compliance to DPDHL Information Security related Standards and Information Security related legislations in DGF Asia Pacific.

• Creation and communication of the regional Information Security vision and strategic direction based on the the divisional Information Security Strategy.
• Provide active leadership through subject matter expertise and consultancy on Information Security across the Region.
• Be an ambassador of Information Security for the Region to external parties, suppliers, customers and across the industry as a whole.
• Provide a framework and roadmap to execute the strategy and drive a secure culture across the regional IT organisation
• Lead and coordinate the development of regional IT security strategy with the process, data, application and technology leads in the relevant business and IT communities.
• Develop a roadmap, in conjunction with the relevant IT systems owners, for bringing existing IT systems in line with the IT security standards.
• Apply and integrate IT security governance processes and procedures within the other relevant IT functions.
• Educate both regional business and IT communities on the importance of IT security.
• Coordinate regional IT security communications to regional management and staff ensuring appropriate visibility to existing and new risks and appropriate mitigation actions and plans.
• Provide thought leadership to IT security personnel within the various IT functional groups ensuring appropriate consistency and focus is being applied.
• Where requested, work with business and customer facing IT teams to present regional Division IT Security strategy to existing and / or new major customer accounts.
• Apply processes for the effective management of IT risk within the Division.
• Apply an effective and up-to-date framework for IT Service Continuity Management.
• Support DGFF Data Protection Officer and country Data Protection Official in DGF Asia Pacific with assessment and Implementation of Information Security related Data Protection controls.

• Project management skills
• Strong written and communications skills
• Sound Interpersonal communications
• Sound analytic and reasoning skills
• Broad IT service / technical understanding
• Understanding the concepts of continuity management
• Cultural Awareness
• Strong diplomacy and negotiating skills
• Deep knowledge of all aspects of information security
• Ability to communicate and influence stakeholders and region/countries to deliver the strategy
• Sufficient SM knowledge and capability to support the execution of the vision/strategy
• Capability to undertake deployment (including budget)
• Abstract and strategic thinking
• Aligning information Security procedures and links to other process areas outside direct control

• Bachelor Degree or equivalent experience/qualification
• Formal Information Security accreditation
• 5 years working experience in an IT role (Project Manager, Application development, IT security, Service Management)
• 2 years minimum in Information Security or related role
• 1 year minimum working within multi-national/multi-cultural organization.