29 July 2020
We are looking for a Deputy Chief Information Security Officer (CISO), responsible for overseeing day-to-day IT security operations and to enhance, develop and implement the information security strategies and related policies within the organizations.
- Degree in Computer Science, Information Systems, Engineering;
- At least 8 years of work experience in Information Security operations, policies and procedures;
- Demonstrated working knowledge of technology processes, security policies, standards, controls, and risk measurements;
- Proven record in identification, investigation and resolution of potential IT security risks, controls and process gaps;
- Ability to work with cross-functional, multi-disciplined team to formulate, institute and monitor security policies and procedures;
- Excellent communication skills and emotional intelligence to influence key decisions, mediate conflicts and build consensus;
- Preempt any risks and mitigate any threats or problematic areas proactively;
- Strong personality and yet personable to build and enrich relationships within the organization;
- Excellent communication, presentation, planning and organization skill.
- CISSP, CISM and GSEC Certified.
- Responsible to design information security, protection and management framework, guidelines and best practices for the organization;
- Provide security governance, enforcing cyber security risk assessment and risk acceptance;
- Review, endorse, align and ensure information security compliance with proper risk management and migration plans;
- Involved in cyber security compliance and controls, self-assessment processes and documentation related tasks;
- Responsible to facilitate in the forum discussion to establish the information security goals and to develop appropriate cyber security risk assessment and risk acceptance;
- Work closely with the various cross-functional teams to establish, formulate, institute and monitor the security policies, standards and procedures in line with the organization’s cyber security directions;
- Lead implementation of enterprise security improvement programs;
- Provide advisory and technical consultancy on the appropriate cyber security solutions and technologies to be deployed;
- Engagement with industry and conduct technology scans on the latest information security products and technologies.