A leading global financial services organisation is seeking an Information Security Officer (APAC) to join their Global Cyber Security Team.
The role will support both Business and IT to meet NIST control standards and to implement and support the adoption of security governance. The role will provide support in the implementation of mitigating security measures to decrease vulnerabilities and lower operational risks.
It sits within Line 1, with close contact to line 2.
We're looking to promote a robust and efficient security control environment. The role will perform relevant analysis to ensure current and emerging risks are appropriately identified, documented, assessed, mitigated and monitored.
Supporting the Global Information Security Officer and reporting directly to the CIO, this is a hands-on, business facing role ensuring NIST standards are met and embedded across the organisation.
Although it's a global institution which can sometimes suggest a slow, more corporate setting, this environment is far from it! It's fast-paced, challenging and a far more exciting place to spend your days. Tasks are actioned quickly and progress is fast.
Duties and responsibilities:
Work with the business in developing and embedding the NIST control standards (in a line 1, close to line 2 capacity)
Cybersecurity risk management practices, including third party security risk management
Implement and support both IT security and "business functions" int he adoption of security governance
Identify and perform continuous improvement initiatives including assisting in maturing the policies, standards and procedures owned by the team and helping to embed these across the organisation
Drafting cybersecurity risk memos and papers to senior management on topics such as risk acceptances, emerging risks, incidents and issues
7 + years' experience working within Cybersecurity Governance, Compliance & Risk
Implementation exp. (ISO27001)
Strong understanding of assurance methodologies and testing protocols
Understanding of Cyber Security regulatory standards and frameworks, including (NIST FS, ISO 27 001/2, ISF Standards of Good Practice, PCI DSS, FIPS, HIPAA)
Strong verbal and written communication skills
Relevant tertiary qualifications in commerce, IT etc.
CA, CISP, CCSP, CCSK, CRISC, ISO27001 or CISM or equivalent qualifications highly desirable
If this opportunity sounds of interest, please click 'Apply' or email your resume directly to email@example.com