About the role
We are seeking a dynamic, hands-on Information Security Manager (or Assistant Manager) to join. You will be responsible for balancing technical security rigor with regional regulatory compliance, ISO and DPO guidelines.
About the job
Security Governance & Risk Management
- Implement and maintain a comprehensive Information Security Management System (ISMS) aligned with ISO 27001, NIST, or similar frameworks.
- Adapt security policies to meet the specific cultural and legal requirements of our various regional markets.
- Conduct security assessments of B2B partners and vendors to ensure the integrity of the entire supply chain.
- Study and establish data privacy standards (e.g., GDPR, CCPA, or local equivalents like PDPA/PIPL) across regional operations, and conduct Data Protection Impact Assessments (DPIAs) for new products or regional market entries.
Incident Response & Threat Management
- Oversee security monitoring tools and lead the response to security incidents or data breaches.
- Manage regular penetration testing and vulnerability scans; work with IT teams to ensure timely remediation.
- Coordinate regional incident response tabletop exercises.
Stakeholder Engagement & Culture
- Act as the technical point of contact for enterprise clients regarding security audits and data processing agreements (DPAs).
- Develop and deliver security and privacy training tailored to different regional teams.
Requirements
- Bachelor's degree in IT, Computer Science, or a related field
- With at least 6 years of progressive experience in Information Security and Data Privacy.
- With both experience in in-house environment and consulting environment is preferred
- Experience managing security/privacy across multiple jurisdictions and understanding regional regulatory nuances.
- Professional certifications preferred (e.g., CISSP, CISM, CIPP/E, CIPT).
- Proficient in Chinese and English
Application
Our specialist consultant Wendy will get in touch with you soon, if we find your profile suitable for this position or any other vacancies we are recruiting for.
