A global asset manager with Asia at its core, offering innovative investment solutions to meet the financial needs of clients is hiring TISO
JOB ROLE: ASSISTANT DIRECTOR - Technical Information Security Officer
Conduct security design review and security risk analysis of new projects, technologies, and applications. Provide security requirement and advisory during design and implementation phase and validate the implementation of such requirement before go production.
Be the subject matter experts to provide security consultancy for various stakeholders in Eastspring APAC across broad spectrum of information security domains, including Cloud platform security, DevSecOPS, SaaS/PaaS security, data security, application security, and infrastructure security.
Act as a SME with strong technical security expertise, working with numerous teams in Eastspring APAC on digital transformation projects, cloud onboarding projects and various group Cyber Hygiene and security control enhancement initiatives.
Work together with Group Information Security team to ensure alignment of local country security controls with Eastspring regional and group security policy/standard/guideline.
Work closely with stakeholders from different Eastspring local country business units including business team, IT, 2nd line enterprise/operation risk, and group/external 3rd line auditor to ensure effective security controls are in place, meeting both internal policy requirement and regulatory requirement on TRM and Cyber Security.
EXPERIENCE / QUALIFICATIONS
At least 10 years of work experience in information security, preferably within financial institution, or from a consulting firm.
Knowledge and experience within the following domains: Cloud security, DevSecOPS, application security within SDLC, data leakage prevention, access control/IAM/OAUTH, API security, vulnerability management, perimeter defence mechanisms such as WAF and DDOS, understanding of emerging threats as well as familiarity with reading and interpretating application penetration test results. A plus to have knowledge in agile development.
Demonstrated experience of working with teams spanning across multiple geographic regions Strong security risk management mindset and security analytical skills.
Knowledge and understanding of regulatory requirement on TRM and Cyber Security.
Strong stakeholder engagement skills and able to work independently with accountability over deliverables.
Act as an individual contributor, as well as a good team player.
Can effectively navigate through a complex environment undergoing change and possess the willingness to get things done.
Ability to deliver work within tight timescales, to budget and to a high quality.
Holder of CISSP and either one or more of below IT security certificates CISA, CISM, CCSP
If you are interested to apply, feel free to write to Pam at email@example.com
Referrals are also welcome
Only shortlisted candidates will be responded to, therefore if you do not receive a response within 14 days please accept this as a notiﬁcation that you have not been shortlisted.
Morgan McKinley Pte Ltd
Lim Sook Fern
EA Licence No: 11C5502
Registration No: R1106192