Deputy Head of IT Security Operation (1 Position)
Position Summary Expectations - Duties, Responsibilities
This position is report to Head of IT Security Operation Department
- Direct and manage activities and personnel of the Information Security Team.
- Propose security policies, initiatives and standards support regulatory compliance, loss and fraud prevention, and breaches in both security and privacy.
- Implement and maintain the Cyber security roadmap, and develop training guideline and material on cyber security.
- Provide management oversight for security tool deployment and implementation.
- Oversees the development, implementation, and maintenance of global security policy, enterprise security standards, guidelines and procedures, develop emergency procedures and incident response protocols, acts as the control point during significant privacy and security incidents.
- Serves as an expert advisor to executive leadership in the development, implementation, and maintenance of a strong information privacy and security program and infrastructure including network access and monitoring policies.
- Operate and manage the visibility on potential threats, vulnerabilities, and Monitor for actions to ensure the safeguarding of information assets.
- Investigates security breaches, communicates to appropriate executive management and local information privacy and security leadership and pursues associated disciplinary and legal protocols; assists locations as necessary to investigate security breaches.
- Conducts periodic penetration testing and security audits, establishes risk assessment criteria and methodology.
- Take part in planning on capital and operating budget for Information Systems Security, supporting through the budget review and approval processes, and monitor departmental performances.
- Collaborates with organizational legal, compliance, security, and privacy functions to conduct reviews/audits, recommend policies and procedures, monitor status, and report violations to appropriate management.
- Serves on the Compliance Task Force and Enterprise Risk Management Team representing Information Systems as directed by CIO.
- Bachelor degree or master degree of computer science.
- Understanding of network security technology, including strategy, design, and architecture as normally obtained through work experiences.
- Requires background at least 2 of the following domains, Application security, security products and technologies, security engineering, networking protocols and data center, security analysis and investigations, risk assessment and management.
- Experience in planning (i.e., process improvement, desired application functionality, organizational structures and planning, etc.).
- At least 3 years of progressive experiences in implementation, managed IT security standard & compliance.
- Knowlegde in project management skills.
- Good public speaking and presentation skills.
- Ability to work in a multi-task environment and under pressure.
- Attention detail and accuracy.
- High proficiency in writing, speaking, reading and listening English.
