Chief Information Security Officer - Financial Firm (10-12 yrs)

This role will be responsible for coordinating with Group CISO & the Asia Pacific Region (APR) Risk Management team in adapting central directives, controlling its implementation on cybersecurity governance, conducting analysis and organize committees within APR.

In addition, this rle is directly report to the Regional Head of Risk Management, Asia Pacific Region (APR).

Responsibilities :

1. Adapts the provided set of Group documents to improve the cyber resilience locally Organizes quarterly regional ISS Committee Cascades risk mapping to local level

2. Supports the assessment of security of local TP and ensure the follow-up of local remediation actions

3. Advise on local / regional IT and Cyber Projects arbitrations and implementation follow-up

4. Enhance the cyber risk governance facilitating compliance with DORA Regulation Supports Group on Cyber risk monitoring & controls

5. Conduct Cyber Risk assessment at regional level

6. Oversee the local cybersecurity regulations in Asia Pacific and conduct gap analysis and define the action plans to close the gap with the stakeholders

7. Other risk management activities and projects as and when required

Skill Sets :

1. Experience in developing and implementing security strategies and initiatives

2. In-depth knowledge of security principles, standards, and technologies, including but not limited to access control, network security, identity management, cyber incident management and ICT supplier management.

3. Demonstrates a deep understanding of information security principles, practices, and technologies.

4. Knowledge of risk management practices and cybersecurity regulatory requirements such as DORA and cyberescurity regulatory requirements in Asia Pacific

5. Strong communication and interpersonal skills, with the ability to collaborate with stakeholders at all levels of the organization.

Well organized and detail-oriented

Experience:

1. At least 10 years of experience in IT management / cybersecurity governance or related.

2. Previous exposures in financial institution is preferred

Educational Qualification:

1. A bachelor's degree in information technology, computer science, or a related field is required.

2. At least one of the following related certifications:

3. Certified Information Systems Security Professional (CISSP)

4. Certified Information Security Manager (CISM)

5. Certified Information Systems Auditor (CISA)