Senior Manager, Security Lead

Job Responsibilites

IT Security Strategy

• Execute comprehensive information security program to ensure appropriate levels of confidentiality, integrity, availability, safety, privacy and recovery of information assets owned, controlled or/and processed by the organization.
• Assist with the identification of non-IT managed IT services in use (“OT”/”Shadow IT”) and apply standard controls and rigor to these services
• Support establishing Management and Governance Framework of Information Security, applying it for all the group companies and review continuously
• Provide regular reporting on the status of the information security program to IT stakeholders as Security Liaison.
• Work with Risk Management Department to promote non-technical Information Security countermeasures (such as employee education, physical security, upgrading policy documents.etc.)
• Manage and contain information security incidents and events
• Manage security projects and provide expert guidance on security matters for other IT projects.
• Manage the day-to-day activities of threat and vulnerability management, identify risk tolerances, recommend treatment plans and communicate information about residual risk.
• Work with global & BU to develop budget projections based on short- and long-term goals and objectives.

Project Planning and Execution:

• Develop comprehensive project plans, including scope, objectives, deliverables, and timelines.
• Coordinate with stakeholders to ensure alignment with business goals.
• Monitor project progress, identify risks, and implement mitigation strategies.
• Oversee the execution of IT security projects

Key Projects:

• Operation Technology Security
• IT Security Governance & Compliance
• Annual IT security assessment

Budget and Cost Control:

• Create and manage project budgets, tracking expenses and cost variances.
• Optimize resource utilization to minimize costs.

Communication and Reporting:

• Facilitate communication among team members, stakeholders, and executives.
• Provide regular status updates, progress reports, and performance metrics.
• Address any issues promptly and transparently.

Technical Knowledge:

• Significant experience of managing external collaborations and achieving results.
• Knowledge of business management and a working knowledge of information security risk management and cybersecurity technologies
• Up-to-date knowledge of methodologies and IT security trends such as Firewall, Data Loss Protection, Operation Technology etc
• Experience in developing information security policies and procedures.

Job Requirements

• Bachelor’s degree in computer & information technology related field.
• More than 10 years’ experience in regional IT Infrastructure with 5 years’ experience as Information Security and Risk Management
• Solid understanding of industry best practices and IT trends shaping business communications
• Excellent IT skills and solid understanding of various IT platforms, applications, tools, and networks
• Project management skills
• Ability to work effectively and collaboratively in a group environment
• Excellent analytical/assessment, and leadership skills
• Excellent problem-solving and management skills
• Good reasoning abilities and decision-maker
• High degree of interpersonal skills, customer-oriented and strong negotiation skills