Information Technology Security Manager

Role Purpose:
This Information Technology Security Manager is for Group Information Technology Security, support IT Security Governance.

A typical day in this Role:

• Assist in the development of AS Watson Group Information Security policies, standards, and procedures.
•  Support the on-going maintenance and review of the policies and procedures according to the industry best practices and standards (e.g. ISF, ISO 27001, PCI-DSS etc.), technologies, relevant regulatory and group requirements
•  Evaluate and manage capabilities that enable the organization to reliably achieve objectives, address uncertainty and act with integrity, as a whole more responsive and efficient in a consistent manner
• Act as the main responsible party to drive and align the policy compliance across AS Watson group and the regional business units
•  Perform and manage regular Information Security and Control assessment to ensure that business units are comply with the Group Information Security Policies and Standards
•  Manage audit findings remediation to mitigate the risks
• Identify and address cyber risks and requirements in order to protect the organization from adversity, surprise and weakness
• Monitor Information Security and Risk control, and test to determine the control performance and effectiveness
• Support the Cyber Security project implementation and daily activities with respect to Information Security best practices and risk assessments
• Responsible to support Regional Information Security and Risk Governance for the Asia countries to ensure the Security posture of business units are properly measured, monitored and managed
  

This job is a good fit for You if:

• You are a COMMUNICATOR.  You have an ability to pick up on people’s underlying motivations and these insights makes you persuasive and inspiring.
  
• You are a MEDIATOR.  You will try to bring people with divergent views closer together, to reach consensus and get everyone on the same page in order to maximize the teams' results.  
• You are a STABILISER.  You’re methodical, careful and disciplined. You believe it’s important to follow a structured process  and like structure in your work. . 
  
• You are a DETAILER.  You deliberate fully before making decisions and will need to see all the facts before reaching a conclusion. You follow up rigorously.

What we look for:

• At least 7 years hands-on experience in IT Security, Governance and Risk Management, with 2 years in managerial and team leading position
•  Extensive knowledge and understanding of Information Security framework, such as ISF, ISO27001
• Sound knowledge of Information System, IT Operation and IT Audit
• Good stakeholder engagement and management skills
• Great sense of ownership and servicing mindset
• Strong liaison skill, teamwork, passion and commitment mentality
• Strong self-motivation, with good leadership, interpersonal and analytical skills, lead through influence, communicate effectively to stakeholders on risk management and cyber security governance
• Strong problem solving and project execution skills; able to handle changing priorities and drive difficult decisions; highly dependable team player with ongoing commitment to excellence
• Relevant professional certification, such as CISA, CISM, CRISC or CGEIT is desired
• Candidate with less experience can be considered in position as Lead

We are an equal opportunity employer and welcome applications from all qualified candidates. The information provided will be treated in strict confidence and be used only for consideration of your application for relevant/ similar posts within the A.S. Watson Group.