The IT Security Manager is responsible for analyzing an enterprise's information security environment and recommending security measures to safeguard its valuable information assets in APAC. It also means understanding the business requirements for security and how best to meet those requirements. The IT Security manager will work with GIS APAC director to develop the overall strategies in APAC. This position must possess a detailed knowledge of the business, as well as information security expertise, to develop and implement security plans appropriate to the level of risk the enterprise faces.
One of the fortune 500 company
The IT Security Manager is responsible for analyzing an enterprise's information security environment and recommending security measures to safeguard its valuable information assets in APAC. It also means understanding the business requirements for security and how best to meet those requirements. The IT Security manager will work with GIS APAC director to develop the overall strategies in APAC. This position must possess a detailed knowledge of the business, as well as information security expertise, to develop and implement security plans appropriate to the level of risk the enterprise faces. The IT Security Manager acts as an advisor to the enterprise's business units, as well as to other risk management functions, such as the enterprise risk management, audit, legal, business continuity management and compliance organizations. For this reason, an up-to-date understanding of the latest security threats, trends and technologies is a crucial component of the position.
- Works with business units in APAC region, and with other risk and security functions to identify security requirements, using methods that may include risk and business impact assessments
- Works with the Global Information Security team to define strategies and plans to achieve security requirements and address identified risks
- Work closely and take responsibility in supporting information security risk management process in APAC region
- Work with BU¡¯s IT and business personnel to ensure smooth deployment and seamless adoption of Data Classification and Data Leakage Protection (DLP) technologies within the organization.
- Work with BU China IT team to support China JV information security activities and compliance with the company¡¯s IT Security policies
- Lead deployment of M&A handbook to support any M&A activities in APAC region
- Take the responsibility in supporting of current deployed DLP and lead the future DLP enhancement project and new deployments for other AE China JVs.
- Performs control and vulnerability assessments to identify control weaknesses and assess the effectiveness of existing controls, and recommends remedial action
- Reports to Global IT Security management concerning residual risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance
- Plays an advisory role in application development or acquisition projects, to assess security requirements and controls and ensure that security controls are implemented as planned
- Collaborates on critical IT projects to ensure that security issues are addressed throughout the project life cycle
- Assists in the development of security architecture and security policies, principles and standards
- Works with other IT department and members of the information security team to identify, select and implement technical controls
- Develops security processes and procedures and supporting service-level agreements (SLAs) to ensure that security controls are managed and maintained
- Defines security configuration and operations standards for security systems and applications, including policy assessment and compliance tools, network security appliances, and host-based security systems
- Develops and validates baseline security configurations for operating systems, applications, networking and telecommunications equipment
- Assists with the resolution of negative audit findings reported by internal or external auditors
- Assists security operations team and associated BU IT staff in the resolution of reported security incidents
- Advises security administrators on normal and exception-based processing of security authorization requests
- Participates in security investigations and compliance reviews as requested by internal or external auditors
- Researches, evaluates, designs, tests, recommends and plans the implementation of new or updated information security technologies
- Researches and assesses new threats and security alerts and recommends remedial action
- Has ultimate accountability and responsibility from IT security side of DLP enterprise wide project, coordinating with business unit functional teams, IT teams, internal audit, and infrastructure leaders to understand and drive the implementation of appropriate data protection controls, especially for the solution expansion to new BU/site/function.
Please send your English resume in Word Format by clicking on the apply button. Please note that only short-listed candidates will be contacted.