|Corporate Title: Flexible||Salary Range: Generous Package|
|Location: Singapore||Date Open: 5/29/2019|
Date added: 29 March 2019
Job Ref No: 32096CFK
Purpose of role:
· To act as the regional lead in all matters relating to Information Security and Data Privacy, working closely with regional and in country teams, as well as head office based colleagues in Security, Privacy & Resilience.
· To ensure that the APAC business proactively manages information security and data privacy risks in line with risk appetite, and operates in a way that complies with the requirements of the relevant regulations and legislation.
Duties and responsibilities:
· To provide guidance, expertise and support to regional businesses and teams in the matters of Information Security and Data Privacy, for activity relating to project, regulatory liaison or assessment, client reporting as well as supporting ongoing business operations.
· To review, assess and interpret in country regulations and legislation in relation to Information / Cyber Security and Data Privacy, as well as wider IT Governance / IT Risk. Work with IT and business teams to identify any potential gaps and recommend actions as appropriate.
· Maintain an overview of the region’s, and in countries’ risk and compliance position in relation to Information Security and Data Privacy, and report regularly on plans, key risks and issues.
· For new initiatives, projects, or material business / IT changes support the preparation of security risk assessments and data privacy impact assessments, working with colleagues to identify actions plans and remediation activity where required.
· Act as a role model and champion for Information Security and Data Privacy, including the delivery of education and awareness for colleagues across all areas of the region.
· To recommend improvements in practices, processes and capabilities to ensure that APAC operates to the required standards and within risk appetite.
· Prepare and present regular reporting to APAC ERMC as well as country boards and/or risk committees. Provide input to wider Security, Resilience & Privacy reporting for SLA ERMC and main Board.
· Liaise with in region Business Continuity and Physical Security personnel and head office SRP team, ensuring alignment and consistency of standards and approach across all aspects of Security, Resilience & Privacy.
Skills & Experience
· Strong understanding of Cyber Security through practical experience in organisations.
· Strong Understanding and capability in operational risk management as applied to security, privacy and/or technology.
· Strong and broad understanding of how technology operates in a large organisation across operational IT, development, projects and change.
· Good understanding of principles of data privacy and foundational understanding of relevant regulations and legislation in APAC region.
· Strong communication skills, verbal and written.
· Ability to influence at all levels and to communicate complex matters clearly to senior stakeholders.
· Fluent in English and Mandarin.
· The role will be based in Singapore and will cover all of APAC region. The job holder will report to the Chief Security & Privacy Officer of the group and will be a member of the Security, Resilience & Privacy function. The role will also have alignment to the COO and CRO in APAC.