Manager, Information Security

Manager, Information Security page is loaded

Apply locations ASIA > MYS > Kuala Lumpur > KL Office time type Full time posted on Posted 30+ Days Ago job requisition id R-20250221-0002

The Cyber Security Manager will support VF’s Global Cyber Security Team by ensuring that information security risks associated with complex business operations are within acceptable tolerances.

You will perform information security risk assessments, provide direction and guidance to stakeholders concerning the handling of security risks associated with assessment findings, assist with the design of appropriate risk mitigation strategies, and serve as an audit quality assurance gate for internal and external auditors while driving compliance and audit work related to data privacy.

How You Will Make a Difference

You will achieve this by:

• Collaborating with information technology and other business units to identify cybersecurity risks associated with current and planned projects.
• Performing assessments of external party information security controls to ensure they meet or exceed VF’s information security risk management requirements for the services to be provided.
• Determining information security risk profiles for various vendor and business partner services using questionnaires, relevant industry best practices and standards, and knowledge of VF policies.
• Recommending solutions to eliminate, reduce, or mitigate cybersecurity risk, and communicate said solutions to external parties and/or internal business stakeholders as appropriate.
• Providing direction and guidance as needed to internal project stakeholders concerning statutory, regulatory, and VF policy requirements.
• Reporting status of engagements to Global Cyber Security management, project managers, and other business stakeholders as appropriate.
• Assisting in enforcing information security policies, standards, and procedures. Review requests for exceptions to security policies and provide recommendations to management.
• Serving as a focal point for MLPS and provide advisory around MLPS and other APAC data privacy laws related controls and processes.
• Acting as focal point for Regional PCI-DSS assessments, vulnerability assessments and other security operations.
• Researching and advocate new technologies, architectures, and products that will support security requirements for the enterprise and its customers, business partners, and vendors.
• Performing other information security risk management tasks as assigned.

Skills for Success

Aformal education and subsequent University Bachelor or Master’s degree in information systems, computer science, or related field are preferred, but we are mostinterested in your total experience and professional achievements. That’s why:

• You rely on 5+ years of information security risk management, IT audit, and/or IT controls design and implementation experience.
• You possess a Certified Information Systems Security Professional (CISSP) certification, Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC) or similar credentials.
• You are familiar with industry best practises related to security and data privacy in Cloud environments.
• You have functional understanding of industry frameworks, regulations, legislation, and audit methodologies, including SOC 1, SOC 2, ISO 27001, SIG, NIST Cybersecurity Framework, Sarbanes-Oxley (SOX), PCI-DSS, MLPS and various other privacy laws.
• You are apt to broker complex discussions to achieve the proper balance between business needs and cybersecurity best practices.
• You possess the ability to influence others through persuasion to arrive at desired outcomes.
• You communicate effectively with a broad range of people and roles, including vendors, information technology professionals, and other business personnel.
• You desire to seize the initiative, operate proactively, and work in a highly independent manner.
• You are fluent in English and Mandarin, any other Asian languages are a plus.

R-20250221-0002

VF Corporation outfits consumers around the world with its diverse portfolio of iconic lifestyle brands, including Vans, The North Face, Timberland, and Dickies. Founded in 1899, VF is one of the world's largest apparel, footwear and accessories companies with socially and environmentally responsible operations spanning numerous geographies, product categories and distribution channels. VF is committed to delivering innovative products to consumers and creating long-term value for its customers and shareholders.

VF Vision Statement
VF is committed to creating an inclusive environment that welcomes and values the differences among all of our associates, customers, suppliers and the communities in which we live and conduct business. The continued success and growth of VF is enhanced through initiatives that promote inclusion throughout VF around the world.VF is an equal opportunity employer. VF provides equal employment and advancement opportunities to all qualified individuals. VF bases employment decisions on skills, qualifications, and abilities. To learn more, read our Equal Opportunity Employment Policy here .

VF is committed to meeting the diverse needs of people with disabilities in a timely manner that is consistent with the principles of independence, dignity, integration and equality of opportunity, and will do so by striving to identify, prevent and remove barriers to accessibility wherever possible as well as by meeting the accessibility requirements under the ADA, AODA, and other applicable state, local or provincial regulations.

VF is committed to digital accessibility, and to conforming to the Web Content Accessibility Guidelines (WCAG) 2.1, Level AA and complying with the ADA and AODA Standards for Accessible Design, and other applicable regulations.

If you need an accommodation or have any questions regarding this statement, please send your request to PeopleServices@vfc.com .