Regional Security Manager - Asia

Overview

Mayer Brown is a leading global law firm with offices in 26 key business centres across the Americas, Asia, Europe and the Middle East. With approximately 200 lawyers in each of the world’s three largest financial centres — New York, London and Hong Kong — we are uniquely positioned to advise leading companies and financial institutions on their most complex legal needs. We have deep experience in high-stakes litigation and complex transactions across industry sectors, including our signature strength, the global financial services industry.

We are a collegial, collaborative and diverse firm where highly motivated individuals with an unwavering commitment to excellence receive the opportunity, support and development they need to grow, thrive and realise their greatest potential. We also encourage all our people to use their skills to support the wider community through our pro bono and community volunteering programmes. At Mayer Brown the principles of mutual respect, dignity and understanding are central to the way we work and help to provide an environment where diversity and inclusion are embraced.

Operating as Mayer Brown PK Wong & Nair in Singapore we have been working in a Joint Legal Venture since 1 January 2023. Singapore is one of our fastest growing offices in the region and it is an exciting time to join the firm as we transform.

Responsibilities

The Regional Security Manager (Asia) will be responsible for providing technical leadership for strategic projects and initiatives on the security roadmap, as well as participating in more general network security and architectural efforts. The person will collaborate with other managers, engineers and departments to apply and support best practices for security, server building, change management, account management, documentation, and user experience management.

Responsibilities:

• Encourage team to provide continuous feedback to one another and upper management of the Global Security team and the Chief Information Security Officer.
• Monitor and maintain the security status of the Firm’s network and the intellectual assets held, in accordance with the Firm’s security policies.
• Help the Global Information Security Manager and Global Director of Information Security/CISO as a liaison to the regional General Counsel and Risk Management.
• Perform e-discovery related matters, executing searches and producing output as required by the Firm.
• Ensure that Mayer Brown has a secure architecture for authorization and authentication internally, as well as business to business.
• Ensure that all security risks are managed, mitigated and communicated clearly and effectively.
• Ensure that objectives are achieved by working closely with all members of the IT organization and byparticipating with the Global Security Team within the security model.
• Ensure that change controls are adhered to and communicated to the partners and staff.
• Assist the Global Information Security Manager and Global Director of Information Security/CISO in leading the team past any internal and external barriers that affect the Firm’s security.
• Keep abreast of all specific security issues and communicate to the Global Manager of Information Security.
• Assist in development and maintenance of all documentation related to Global Security Team operations and functions.
• Classifying Information and Data – setting classification standards and defining security roles.
• Manage security projects and initiatives.
• Control access to the firm’s Information Systems and related security configurations.
• Secure hardware, peripherals and other equipment logically and physically.
• Develop, implement, and maintain in-house software security and hardware.
• Assist HR regarding personnel issues relating to security.
• Assist the Global Information Security Manager and Global Director of Information Security/CISO in mitigation of threats intelligence from external sources such as Government agencies, LS-ISAO community, and local law enforcement.
• Detect and respond to incidents of a security nature within the Mayer Brown environment.
• Address all Asia based tickets sent to security and assist other regions.
• Ensure monitoring and alert notifications are implemented in accordance with the business needs.
• Assist in the preparation, approval, implementation and adherence of the Information Security Policy within the firm.
• Assist in the development and authorization process of all new IT policies introduced, ensuring that the necessary security audits and tests are carried out prior to being introduced into production.
• Assist the Global Information Security Manager with client audits and questionnaires including .
• Ensure that third party providers of Mayer Brown are audited in relation to our security guidelines to protect the Firm’s data and assets.
• Regularly monitor the Firm’s compliance with the security policies and report on concerns.
• Regularly work with members of the global security team to monitor the firm’s client requirements in relation to security processes, policies, and guidelines.
• Identify and communicate to upper management the cause of all security incidents, making recommendations as to how the specific incidents can be mitigated in the future.
• Assist in ensuring that Mayer Brown’s employees appreciate the benefits of security to the organisation, themselves and their working environment.
• Review new builds periodically to verify all security standards are being met and applied.
• Ensure the IT Security site on Global Net stays updated with current material.
• Ensure whenever possible that undesirable use of IT facilities is prevented/minimised at all times.
• Perform digital forensics on technology as requested by Human Resources, Information Technology or General Counsel.
• Willing to travel 25% domestically / internationally as needed.
• Function where feasible in relation to security duties, in a variety of roles including technology expert and vendor coordinator including identifying viable technologies, gathering requirements and providing recommendations on specific solutions and firm policy modernization relating to Mobility.
• Assist the Global Information Security Manager in monitoring and controlling IT security expenses in Asia.
• Manage security vendors in relation to Asia matters.

Qualifications and Experience:

Education

• 4 year degree or relevant work experience.

Certification

• CISSP, CEH, or relevant work experience regarding security and networks.

Computer Skills

• 7 years of experience in an Information Security department.
• Excellent working knowledge of CISSP, CEH and CISM.
• Excellent knowledge of the ISO 27001 security standards.
• Good working knowledge of networking.
• Excellent knowledge of security standards.
• Ability to effectively work with and communicate with the Firm’s clients
• Good documentation experience.
• Excellent knowledge of a Microsoft Exchange email environment.
• Good knowledge of Disaster Recovery.
• Good knowledge of authentication methods.
• Technical knowledge of cloud environments such as Azure and O365.

Performance Traits:

• Ability to speak Cantonese and Putonghua and read simplified and traditional Chinese.
• Must work well with others and contribute to the success of the team, communicating openly with teammates. Willingly asks questions where appropriate and guides others whenever possible.
• Personable and approachable.
• Able to work on own without direct supervision.
• Adaptable and flexible.
• Customer-service focussed.
• Excellent telephone manner.
• Ability to work under pressure and meet strict deadlines.
• Uses own initiative.
• Ability to weigh business needs against security concerns and articulate issues to customers and senior management.
• Willingness to challenge the status quo.
• Ability to be on call and respond as necessary.

The above is a general description of the essential duties associated with this position and does not represent an exhaustive or comprehensive list of all duties.

We are no accepting applications from Recruitment Agencies for this vacancy.