Reporting directly to Chief Information Security Officer of North Asia and SAPMENA, this position will be responsible for all aspects of cybersecurity and technology risk management across LOréal ASEAN & ANZ (Australia, Indonesia, Malaysia, New Zealand, Philippines, Singapore, Thailand, and Vietnam). The role will be acting as the BRM (business relationship manager) for South Asia countries and coordinate the roll-out of LOréal group cybersecurity program with the in-scope perimeters.
This is a leadership role that requires an individual with a strong communication skill, as well as the ability to work across the IT organization, divisions, and the business teams to align information security priorities and controls with key business objectives.
Work closely with the business team including the senior leadership to ensure the properly roll-out of global security program
Maintain the good relationship with business teams, deal with the business demanding and leverage the existing cybersecurity line of services to deal with the business request
Lead the development and implementation of the global cybersecurity program, support the cybersecurity regional team and central PMO on global cybersecurity projects prioritization
Development, implementation, and enforcement of information security governance including policies, standards, and procedures in collaboration with business and support functions teams, e.g., legal
Development and execution of IT security education plans in partnership with internal communication to raise awareness around IT security risks and best practices
Ensure excellence in Information security operations and appropriate service level agreement in response to IT security issues
Management of regulatory and compliance requirements ranging from leading IT efforts in litigations and investigations to LOréal Group policies
Act as the IT liaison to lead communications with internal and external auditors and ensure compliance
Selection and management of external security management vendors and service providers to support security planning and implementation as organizational needs and resource levels required
Ensure appropriate information security Incident Management and escalation
Support major, and complex information security operations and technology projects that have tactical, operational, and strategic impact to all business segments
Ensure a healthy balance between real-world risks and the business need for speed, agility, flexibility, and performance
Ensure information security collaboration and compliance at the zone and group level
Requirments:
Bachelor's or masters degree in Computer Science, Information Security or a related field or discipline is ideal. A minimum of 10+ years of combined experience with in-depth technical knowledge and experience in information security, security operations, security project management etc. Professional industry certifications are preferred, e.g., CISSP, CRISC, CISM, CISA, CRISC, PMP, etc.
Proven and effective leadership skills, as well as demonstrated proficiency in providing requisite oversight for information security operations
Excellent interpersonal skills, as well as an ability to interface effectively with senior leadership of the corporation, employees, and external partners etc.
The ideal candidate will meet the experience requirements identified above and will also reflect a background that includes:
Previous experience in support of IT digital and/or cybersecurity transformation
A commitment to the crucial concept of promoting security as an enabler and not an inhibitor of business
Dedication to compliance as reflected in comprehensive policy, standard, and procedure development and implementation
Solid experience in security related processes such as risk management, vulnerability management etc.
Demonstrated project management skills and experience for better coordinating the global cybersecurity program
You can apply to up to three jobs within a rolling 30-day window.
You cannot withdraw your application once you applied, so please make sure to choose a job that matches your dreams.
Please visit Your Application Space to see the jobs you have already applied to.
Please dont create another account with a different email. If you do so, your account might be merged and your application record will be deleted.
