Information Security Manager (APAC)

Get AI-powered advice on this job and more exclusive features.

Direct message the job poster from Eames Consulting

Information Security Manager (APAC)

We are seeking an experienced Information Security professional to lead the governance and enforcement of our Information Security (IS) policies and control frameworks. This role will serve as a key liaison between the security function, business units, and external stakeholders, ensuring alignment with regulatory requirements, industry standards, and internal risk management objectives.

The ideal candidate will have a strong background in information security governance, policy development, controls assurance, and risk assessment, with the ability to drive compliance initiatives across a complex, multi-disciplinary organization.

1. Develop, maintain, and enforce the organization's Information Security policies, standards, and control frameworks.
2. Establish governance processes to ensure consistent implementation of IS policies across business units.
3. Lead periodic reviews and updates of security policies in response to regulatory changes, industry standards (e.g., ISO 27001, NIST, COBIT), and evolving threats.
4. Manage and maintain the information security control framework, ensuring alignment with business objectives and risk appetite.
5. Collaborate with internal audit, risk management, and compliance teams to support audits and regulatory reviews.
6. Monitor compliance with IS policies and controls through assessments, metrics, and control testing.
7. Provide guidance and support for risk assessments and control gap analysis.
8. Oversee third-party security governance and ensure vendors comply with applicable security requirements.
9. Support security awareness and training initiatives related to policy compliance.
10. Prepare reports and metrics for senior leadership on the state of security governance and policy enforcement.
11. Participate in security incident reviews to ensure policy and control improvements are identified and implemented.

1. Bachelor's degree in Information Security, Computer Science, Information Systems, or a related field.
2. 5+ years of experience in Information Security, with a focus on governance, risk, compliance, or audit.
3. Strong understanding of regulatory requirements (e.g., GDPR, HIPAA, SOX) and security frameworks (e.g., ISO 27001, NIST CSF, CIS).
4. Experience in developing and maintaining IS policies, standards, and procedures.

Seniority level: Mid-Senior level

Employment type: Full-time

Job function: Information Technology

Referrals increase your chances of interviewing at Eames Consulting by 2x

Sign in to set job alerts for “Information Security Manager” roles.