Assistant Vice President/Vice President - Regional Information Security

Assistant Vice President/Vice President - Regional Information Security

Responsibilities:

- Support monitoring the effectiveness of the Global Information Security program across assigned area by undertaking RISO governance, oversight, assurance and support activities.

- Establish and leader RISO governance meetings covering assigned remits, ensuring CBSI functional areas understand and support GIS/RISO requirements, risk remediations, and key program activities.

- Support & manage monitoring of key RISO and GIS information security metrics, performance indicators to ensure cyber risk governance and resilience of assigned business units Cyber risk profile and security program.

- Govern and support oversight and management of Third-Party Information Risk Management (TPIRM) assurance and program activities for CBSI.

- Identify, manage, and monitor information security risks arising from projects, regulations, emerging threats and business activities impacting CBSI.

- Support local regulatory related inquiries and requests as the local leader for Cyber & Information Security ensuring regional and global stakeholder engagement and alignment.

- Oversee, monitor, and support appropriate corrective actions by Technology functions to secure identified network and application vulnerabilities relevant to CBSI.

- Review and influence the appropriateness of technology mitigation plans for Security assurance activities including penetration tests and vulnerability assessments and Red Teaming on relevant CBSI information systems and infrastructure.

- Manage and support RISO response to any information security incident in collaboration with key stakeholders for assigned geographic portfolio.

- Support RISO related Information security assessment & assurance activities in relation to assigned portfolio, aligning to Information Security best practice and policies, standards, controls, and procedures.

- Support global, regional and or local BU Program activities that impact CBSI employees, such as Security Training/Awareness and Data Protection.

- Collaborate and partner with country and regional Business, Data Protection & Privacy, Compliance and Legal, as well as the 2nd Line Risk in relation to Information & Cyber Security matters.

- Support RISO Technical Security and Cyber Risk & Assurance teams' identification and governance of security issue management, and policy exceptions.

- Support and coordinate information security related audits, regulatory reviews and requests, and partner interest in relation to the information security program, controls, and processes.

- Maintain current knowledge on Cyber security threats, emerging trends, and industry practice.