x
Get our mobile app
Fast & easy access to Jobstore
Use App
Congratulations!
You just received a job recommendation!
check it out now
Browse Jobs
Companies
Campus Hiring
Download App
Jobs in Singapore   »   Jobs in Singapore   »   Legal / Public / Security Job   »   Regional Information Security Officer
 banner picture 1  banner picture 2  banner picture 3

Regional Information Security Officer

Lockton Companies (singapore) Private Limited

Lockton Companies (singapore) Private Limited company logo

Job Description

  • Defining and implementing a Cybersecurity Strategic Plan at Lockton entities in-scope, aligned with the Global Cybersecurity Strategic Plan, business objectives, local and regional regulatory and compliance requirements
  • Determining methods to implement, enforce and advise the Lockton entities in-scope on cybersecurity related issues. This includes educating business and functional leaders on security awareness, operationalization of policies, standards and baselines
  • Mitigating Lockton’s risk exposure at entities in-scope, ensuring that appropriate risk treatment plans are developed to comply with defined risk appetite. This includes risk identification, risk acceptance, solution development and risk mitigation implementation support
  • Leading Lockton’s cybersecurity transformation journey to put in place at entities in-scope, an organization based on key disciplines: Information Security, Cyber Incident Response, Operational Resilience, Data Protection. This includes collaborating on key security tasks, such as incident management, access control, threat modeling, vulnerability management, third party assessments, etc.
  • Ensuring well-informed security decisions are taken, escalating risk, when required to the executive management
  • Ensuring the provisioning of adequate resources (financial, human, technological, etc.) to implement the Lockton Global Cybersecurity Strategic Plan
  • Securing and monitoring the necessary budget and investments to deliver the mission
  • Support information security awareness and training initiatives to educate workforce about information risks and mitigation
  • Ensuring that sound and consistent information security architectures that have been defined and documented are leveraged and effectively communicated to local business lines and technology support groups
  • Ensuring effective governance is in place within the local operation and business environments supporting the global CISO directives and policies
  • Leading the design and operation of related compliance monitoring and improvement activities to ensure compliance both with internal security policies and applicable laws and regulations
  • Leading or commissioning information security risk assessments and controls selection activities
  • Providing information security interface to the business continuity plan/program for the company's data, information, and assets.
  • Acting as liaison with auditors and regulators regarding their role in information security policies and procedures and is responsible for the closure of audit issues relating to information security locally
  • Liaising with and offering strategic direction to related governance functions (such as physical security/ facilities, risk management, technology, HR, legal and compliance) and senior and middle managers throughout the organization as necessary, on information security matters such as routine security activities plus emerging security risks and control technologies
  • Participates on appropriate committees/task forces
  • Provides second, third line information and cybersecurity support, triaging incidents in accordance with the incident response plan
  • Provides cybersecurity support and guidance on privacy, regulatory, compliance events


Qualifications

  • Minimum 10 years of information security experience with at least 2 years as senior security leader responsible for overall security function
  • Team Management & Leadership
  1. Ability to engage with Business Leaders of his/her perimeter as well as with CIO/COO/CISO hierarchy
  2. Organized, self-sufficient with ability to manage teams globally and drive change
  • Ability to prioritize and execute tasks in a high-pressure environment
  • Excellent written, oral, and interpersonal communication skills (English)
  • Demonstrated experience understanding security risks, identifying gaps, and creating risk-mitigating and remediation plans, drawing up IT Security roadmap
  • Demonstrated experience understanding of technical aspects of information and IT technology and core security components such as network, firewall, proxy, VPN, anti-malware, email protection and filtering, system security controls, vulnerability assessment, penetration testing
  • In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
  • Good grasp of PCI-DSS, ISO 27001, NIST, UK Cyber Essentials, GDPR, POPIA, and other security norms, regulations, standards & frameworks
  • One or more of the following or similar certifications is a plus: CISM, CISSP, CCISO, CRISC
  • Analysis and synthesis skills


Personal Attributes

  • Executive presence, and the ability to foster relationship management, negotiate and influence
  • Effective communications skills, including both written and verbal communication skills, and the ability to translate security principles into business terms
  • Foundational technical expertise, including both business acumen and strategic thinking, as well as the ability to identify issues and provide innovative problem solving
  • Passionate about driving and sustaining change through committed leadership
  • Creative and results-oriented, who is good at balancing multiple priorities and issues
  • Team player up and down the organizational structure, across countries and IT/ Security departments
  • Ability to form open, effective, and trusting relationships with country CxO members
  • Provides a high level of professional service to customers (both internal and external) consistent with Lockton standards and procedures
  • Good skills in Microsoft Office Suite, especially, PowerPoint


✱   This job post has expired   ✱

Sharing is Caring

Know others who would be interested in this job?