Security and Risk Officer

As a world leader in gases, technologies and services for Industry and Health, Air Liquide is present in 60 countries with approximately 66,500 employees and serves more than 4 million customers and patients. Oxygen, nitrogen and hydrogen have been at the core of the company’s activities since its creation in 1902. Air Liquide’s ambition is to be the leader in its industry, delivering long-term performance and acting responsibly.

1. Ensure compliance with Group Information Protection Policies and coordinate the Digital Security/Information Protection Program within APAC. This includes addressing digital risks, managing incident readiness and reporting, and providing proper awareness and training for management and employees.
2. Set out and implement security measures and procedures across all relevant sections. This role involves ensuring the proper application of these measures and maintaining constant dialogue with local management and staying informed about the geopolitical situation to propose necessary accompanying measures.
3. Drive the Risk Management Process in the APAC region in close cooperation with Clusters, including the responsibility to update the yearly APAC risk mapping for management review and approval.

• Guarantee adherence to Group Information Protection Policies, and coordinate action plans to address any identified non-compliance.
• Engage and assist business owners in identifying digital assets and sensitive data, defining their protection requirements, and continuously monitoring for serious incidents affecting them.
• Ensure a formal Risk Assessment is performed for all new IT projects or major IT changes using the Group's established methodology.
• Address digital security incidents with business owners, elevate issues to senior management based on impact levels, and systematically report, monitor, and capitalize on the treatment of serious information protection incidents.
• Raise digital risk awareness through regular campaigns for both managers and end-users.
• Ensure the distribution and presentation of the Air Liquide Group's 'User's code of practice for information protection' and the 'Specific rules for IT administrator' to relevant employees and external suppliers.
• Develop an annual action plan based on a thorough risk analysis of all entities and sites, aligning with priorities set by the Security Division, and communicate this plan to all entities under purview.
• Participate in the management of major crises within the geographical or activity area, focusing on collecting feedback, implementing necessary updates, and taking corrective action.
• Design strategies, programs, and training tools for risk analysis and continuous updates to entity security managers regarding security policy, based on local needs and conditions.
• Drive the Risk Management Process within the APAC region by ensuring entities deliver their Risk Mapping, assessment letter, and risk action plan, and update the overall APAC risk mapping for approval by Hub Management.

• Comprehensive knowledge of the Air Liquide's structure and its operational processes.
• A good working knowledge of the various businesses and overall organization is a definite advantage.
• A strong general IT culture and a deep understanding of the stakes associated with Information Systems.
• A keen interest in and appreciation for complex Geopolitical and Security issues.
• An established risk management culture, including proficiency in relevant tools and methodologies.

We thank you for your interest in Air Liquide. Interested applicants are encouraged to send in a detailed resume, including reasons for leaving for past employment. Please be informed that only shortlisted candidates would be notified.