Responsible for leading global cybersecurity compliance programs (e.g. cross border transfer, SOX) in China and other major GLP sites (e.g. US, UK/EU, SG) including identifying compliance requirements, design compliance implementation programs, and conduct necessary assessments.
Responsible for driving compliance requirement implementations across all in-scope GLP businesses.
Responsible for managing and maintenance of compliance required documentations.
Support IT governance team on required audit and due diligence queries.
Responsible for cybersecurity risk assessments including internal cybersecurity assessment for GLP businesses, 3rd party cyber risk assessment for GLP’s suppliers, and on-demand special assessments.
Responsible for leading end-to-end assessment programs including planning, engagement, fieldwork, and reporting.
Overall responsibility of leading cybersecurity awareness including planning and delivery of regular and ad hoc awareness activities, delivery approach and contents
Responsible for raising and continuously improving cybersecurity awareness effectiveness across all in-scope GLP businesses
Responsible for cybersecurity related communications such as newsletter and security alerts
Responsible for managing awareness related tools
GLP Global Cybersecurity Community
Establish and operate GLP Global Cyber Security Community (CSC) to ensure each major business platform or country has a cybersecurity champion.
Regular meet CSC members on cybersecurity task assignment, tracking implementation status and feedbacks on local cybersecurity needs as well as risks
Support the cybersecurity team on vendor management and necessary commercial processes
Others tasks assigned by CISO
High confidence and comfort to work with a global financial institute, take global responsibilities and use English as primary work language.
In-depth understanding on major cybersecurity compliance requirements from China, Singapore, Europe and US
In-depth understanding and long-term practice on cybersecurity risk assessment and 3rd party assessment
Creativity on cybersecurity awareness ideas and delivery approaches
Professional consultancy skills for communications and presentation
Ability to work independently with or without direction and/or supervision;
Ability to be flexible on job prioritisation and manage multitask in a complex environment;
Ability to influence and communicate effectively with both technical and non-technical audiences, including senior business executives and managers;
Education Background Bachelor Degree of Information Security, Computer Science or Other Related Majors
Professional Skill IT or cybersecurity compliance and risk knowledge
Cybersecurity risk and compliance assessment
Training in front of large group of people
Reporting for senior management members