We are seeking a Head of Cybersecurity Policy and Governance to lead and drive the cybersecurity coverage and defense for the organization.
He/She needs to work with internal teams to obtain an in-depth understanding of cybersecurity requirements in order to put in place the policies, procedures, and plans.
- Degree in Computer Science, Information Systems, Engineering;
- Over 15 years of working experience in designing and implementation of security, policies and procedures, protection and management framework;
- Experience in the development and implementation of solutions for protecting information systems and assets with focus on implementation and continuous monitoring of IT Security controls;
- Knowledge on security control requirements, technology processes, security policies, standards, controls, and risk measurements; and best practices;
- Good communications and emotional intelligence, with the ability to build effective, productive working relationships with both business program and technical managersâ€‹;
- Assertive and yet personable to build and enrich relationships within the organization;
- Excellent communication, presentation, planning and organization skill.
- Security certifications like CISM, CISA, CISSP.
- Responsible to lead and design the cybersecurity protection, management framework, strategies, governance, guidelines and best practices for the organization;
- Work closely with the various cross-functional teams to establish, formulate, and monitor the security policies, standards and procedures in line with the organization\’s cybersecurity directions;
- Responsible to facilitate in the forum discussion to establish the cybersecurity goals and to develop appropriate cybersecurity risk assessment and risk acceptance;
- Analyse to validate established security requirements and to recommend additional security requirements to ensure systems comply with applicable cybersecurity requirements and security controls;
- This includes security risk assessments, control framework and security design of the projects against Information & Communication Technology (ICT) security policies and standards;
- Write, develop, edit and manages Cybersecurity Policy Framework publication schedules for internal releases to various audiences with appropriately written content; ·
- Lead in the implementation of enterprise cybersecurity improvement programs;
- Support the management of security leads in different organizations;
- Review, endorse, align and ensure cybersecurity compliance with proper risk management and migration plans;
- Provide advisory and technical consultancy on the appropriate cybersecurity solutions and technologies to be deployed;
- Engagement with industry and conduct technology scans on the latest information security products and technologies.