Job Description :
Are you looking for unlimited opportunities to develop and succeed? With work that challenges and makes a difference, within a flexible and supportive environment, we can help our customers achieve their dreams and aspirations.
Job Overview :
This position can be at the grade of senior manager, associate Director or Director. But it is not a senior Director position.
The incumbent will be responsible for securiity architecture for projects / solutions implemented / managed by GIS Asia.
Job Description :
Drive the design and architecture, and / or the implementation of Global IRM projects affecting GIS in Asia.
Work closely with technical teams under Global Infrastructure Services and outsourcing vendors as well as Global IRM to ensure Asia implementation alignment with Global design and compliance with IRM policy and standard
Partnership with other IRM team in Asia to factor in the requirements and smooth the communications to all stakeholders in the rollout of security solutions.
Propose, review or validate security designs associated with all infrastructure projects.
Propose, review and validate Disaster Recovery design for infrastructure projects.
Define or review security hardening standards for various infrastructure technologies
Produce design solution for security components in infrastructure projects when needed.
Working with the project risk assessor and the project team, proactively identify security risks in infrastructure design and implementation.
Participate or lead hands-on security operation works such as security hardening standard implementation and compliance check, privilege ID management, reduced / single sign-
on solution implementation, firewall rule review, security incident handling and so on.
Required Skills / Competencies :
Undergraduate degree in computer science or engineering.
Information security (CISSP, CISM, SANS) and auditing (CISA) designations.
A minimum of 10 years of experience in progressively responsible IT security roles.
Broad knowledge of security architecture and controls in various infrastructure platforms and VM environment.
Knowledge of privilege management system, SIEM / big data solution for security monitoring, NAC, vulnerability management solution and operating model, PKI / Encryption technology, APT solutions (fireeye / Mcafee ATD), Firewall / IPS, WAF etc.
Knowledge of the security components in cloud based infrastructure, and mobile device platform.
Excellent skills required for interacting with cross functional teams in different locations. Demonstrated ability to work effectively in diverse environments and cultures, across a number of office locations.
Well-developed impact and influence skills.
Track record of building strong relationships across business functions.
Ability to act with integrity and independence is at the core of information risk management.
Excellent customer focus and commitment to quality.
Ability to effectively communicate ideas and recommendations orally and in writing, at Division and Corporate levels, and to listen and consider ideas of others.
Able to communicate in non-technical terms in a clear and concise manner.
Ability to quickly understand technical processes and their risk implications, analyze complex situations, reach appropriate conclusions, make value-
added and practical recommendations and influence management to take appropriate actions on recommendations. Ability to understand the business impact of information risk management issues.
Demonstrated ability to deal effectively with staff at all levels from managers to AVPs.
Ability to manage multiple tasks for multiple stakeholders which will need to be prioritized. Results oriented; ability to balance multiple priorities and projects.
Ability to work with teams in Eastern Time zone, i.e. evening meetings.
Ability to challenge the status quo, assess business risk and make appropriate decisions. Ability to deal with a constantly changing environment and the diverse and complex issues associated with it.
Prioritization and time management in a multi-tasking environment; meeting commitments while maintaining flexibility to meet changing priorities.
Demonstrate professionalism and a positive attitude in difficult situations, and ability to work effectively with any organizational politics.
Collaborating with management to obtain a consensus on establishing the problem, risks exposure, and corresponding recommendation to resolve the risk exposure.