Excellent analytical & problem-solving skills with good conceptual thinking
Comfortable presenting to executives and senior management
Understanding of information security principles, processes, and controls
Knowledge of APAC laws, rules, and regulations impacting information security
Excellent command of the English Language, with strong verbal and written communication skills
Bachelor’s degree in Information Technology or related field
CISSP or CISA Certification preferred
What you can expect
This role will require competency in information security processes and controls and a strong operational mindset.
What you will do
Responsible to solicit, review and deliver responses on information security processes and controls for regulatory exams, external audits and meetings, surveys/questionnaires, attestations, internal audits, and/or compliance engagements, including obtaining senior management approvals for the release of all responses.
Consults on-demand with internal stakeholders on alerts and advisories published by regional regulators.
Responsible to collaborate with internal stakeholders in identifying, onboarding and submitting non-financial regulatory reports (NFRR) change requests related to information security in a timely and accurate manner.
Assists Regulatory & Exam Management team in providing regional governance and support for escalation of potentially regulatory-reportable cyber incidents.
A self-starter, team player with a strong people-influencing skillset
Drive Regulatory & Exam Management team’s initiatives including globally driven ones based on annual strategy.
Ensure team’s processes and playbooks are up-to-date, effective and efficient.
6-9 years of cyber security/risk/regulatory experience
Certification desired but not required: CISSP, CRISC, CISM
Conduct cyber risk assessment in support of technology initiatives to help identify IT related risk and determine appropriate controls to mitigate risks.
Monitor, track, and manage risk mitigations and exceptions and ensure adequate monitoring capability is incorporated into solutions.