Chief Information Security Officer - BFSI

Job Description

Description:

Role:

- This role will be responsible for coordinating with Group CISO & the Asia Pacific Region (APR) Risk Management team in adapting central directives, controlling its implementation on cybersecurity governance, conducting analysis and organize committees within APR.

- In addition, this rle is directly report to the Regional Head of Risk Management, Asia Pacific Region (APR).

Responsibilities:

- Adapts the provided set of Group documents to improve the cyber resilience locally

- Organizes quarterly regional ISS Committee

- Cascades risk mapping to local level

- Supports the assessment of security of local TP and ensure the follow-up of local remediation actions

- Advise on local / regional IT and Cyber Projects arbitrations and implementation follow-up

- Enhance the cyber risk governance facilitating compliance with DORA Regulation

- Supports Group on Cyber risk monitoring & controls

- Conduct Cyber Risk assessment at regional level

- Oversee the local cybersecurity regulations in Asia Pacific and conduct gap analysis and define the action plans to close the gap with the stakeholders

- Other risk management activities and projects as and when required

Skill Sets:

- Experience in developing and implementing security strategies and initiatives

- In-depth knowledge of security principles, standards, and technologies, including but not limited to access control, network security, identity management, cyber incident management and ICT supplier management.

- Demonstrates a deep understanding of information security principles, practices, and technologies.

- Knowledge of risk management practices and cybersecurity regulatory requirements such as DORA and cyberescurity regulatory requirements in Asia Pacific

- Strong communication and interpersonal skills, with the ability to collaborate with stakeholders at all levels of the organization.

- Well organized and detail-oriented

- Good team player, able to establish and maintain effective working relationships with internal stakeholders

- Able to work independently and demonstrating strong self-motivation

Experience:

- Previous exposure to Europe Market is preferred

- At least 10 years of experience in IT management / cybersecurity governance or related.

- Previous exposures in financial institution is preferred

Educational Qualification:

- A bachelor's degree in information technology, computer science, or a related field is required.

- At least one of the following related certifications:

- Certified Information Systems Security Professional (CISSP)

- Certified Information Security Manager (CISM)

- Certified Information Systems Auditor (CISA)