Senior IT Security Manager (Group)

We are helping our client to look for an experienced Senior Security Manager. The Senior Security Manager serves as the process owner of all assurance activities related to the availability, integrity and confidentiality of customer, business partner, employee and business information in compliance with the organization's information security policies. A key element of the role is working with executive management to determine acceptable levels of risk, establishing and maintaining a corporate-wide information security management program to ensure that information assets are adequately protected.

Responsibilities

• Lead in the overall leadership on cybersecurity strategy, risk management and incident response;
• Provide leadership to the enterprise's information security organization;
• Partner with business stakeholders across the company to raise awareness of risk management concerns;
• Assist with the overall business technology planning, providing a current knowledge and future vision of technology and systems;
• Provide regular communication at executive/company level on the global cybersecurity scene.

• Establish and formalize Risk Management for Business and IT through risks assessment;
• Propose investments against risks exposure vs risks acceptance level vs impact to business and operations;
• Work directly with the business units to facilitate risk assessment and risk management processes;
• Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems and services;
• Ensure compliance to local and global regulatory on IT/Cyber Security for both shore and vessels;
• Owner to develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program that covers on-prem, cloud and vessels globally across the group of subsidiaries;
• Develop and enhance an information security management framework for the organization;
• Oversee the monitoring of SIEM/SOAR;
• Overall owner responsible for Incident Response on any cyber related attacks;
• Work with external vendor(s) and internal IT management for cyber related IT BCP.

• Member of the Technology Architecture Board to design and develop Security-first Software (API, Micro-services, Database/Stream) and Infrastructure (Cloud/On-Prem) architecture.
• Project Management
  To manage IT security related projects and work with respective stakeholders so as to enhance the company IT security.
• To manage timeline, budget and scope of work for IT security projects
• To manage stakeholders expectations and analyse the risk and impact of the company's operations when implementing new technologies
• Travel is required for this role.

Requirements

• Degree or Masters Degree in a technology and/or cybersecurity related field required;
• Professional security management certification (CRISC, CISSP, CISM, & CISA, Qualified Information Security Professional, Certified Ethical Hacker, etc);
• Excellent written and verbal communication skills and high level of personal integrity;
• Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams;
• Experience with contract and vendor negotiations and management including managed services;
• Specific experience in Agile (scaled) software development or other best in class development practices;
• Experience with security standards / processes in a Cloud computing/Elastic computing environment, especially Azure or AWS
• Minimum of eight to 12 years of experience in a combination of risk management, information security and IT jobs;
• Min. 5 years or more experience managing security for On-Prem Infrastructure;
• Min. 5 years or more experience designing and implementing security for Cloud operations (Azure IaaS, PaaS, SaaS, DevOps);
• Experienced cybersecurity framework (e.g. NIST, ISO 27001/27002, SOC2, GDPR, OWASP, etc);
• Experienced with BIMCO is a plus!
• Proficient with implementing and managing advanced security solutions (e.g. IDS/IPS ,EDR/XDR, SIEM, SOAR, SASE, SWG,..);
• Experienced with implementing various cybersecurity architecture, e.g. OSI, Zero Trust Architecture, etc across Cloud and onprem environments, including Azure / AWS;
• Min. 5 years or more in building and leading a high-performance team;
• Familiar and experienced with latest cloud-based infrastructure and cybersecurity technology solution;
• Experienced in dealing with senior business stakeholders;
• Experienced with leading teams and vendors from offices globally.

Others

• MNC and good corporate culture
• 5-day work week

We regret that only shortlisted candidates will be notified. Thank you for your understanding.