Business Information Security Officer
Singapore - FWD
FWD Insurance
Weβre FWD. A different kind of insurer with a vision to change the way people feel about insurance. Discover our story.FWD Group is a pan-Asian life insurance business with more than 11 million customers across 10 markets, including some of the fastest-growing insurance markets in the world. FWD reached its 10-year anniversary in 2023. The company is focused on making the insurance journey simpler, faster and smoother, with innovative propositions and easy-to-understand products, supported by digital technology. Through this customer-led approach, FWD is committed to changing the way people feel about insurance. Visit www.fwd.com
In Singapore, FWD aims to change the way people feel about insurance by leveraging technology to deliver products and services that are relevant, easy to understand and always convenient for our customers. To this end, we have a direct-to-consumer (DTC) platform that allows customers to buy their preferred life and general insurance products directly from our website; as well as a network of preferred Financial Advisory (FA) firms for customers who want to speak with an advisor before committing to an insurance plan. Whatever their preference, we believe insurance should be simple, reliable and convenient.
Similarly, if you are looking for a career where you can create a real impact and celebrate living, we invite you to join us on our exciting journey.
PURPOSE
- Drive IT Security function for the Business Unit, together with IT team members, Group IT Security Shared Services and vendors.
- Define Local Business IT Security Program.
- Ensure FWD policies and standards compliance within the Business Units. Register any exceptions or deviations and manage resolution plans.
- Ensure IT projects and IT software development lifecycle include security by design and go through the required IT Security tollgates.
- Perform security awareness for the Business Units and its IT Teams.
- Support and evaluate local Business or IT needs with the involvement of Group IT Security SMEs, when required.
- Coordinate Group IT Security initiatives rollout in country.
- Support the preparation of IT Security Metrics and Risk Mapping, along with the resolution of deficiencies identified on those Metrics.
- Manage allocated resources to deliver a project or initiative (either internal FWD staff or vendors).
- Collaborate with Group Cyber Incident Response on any potential identified incidents that may involve the Business Units.
- With support from Group, Local Teams, ensure compliance with Singapore regulatory requirements such as MAS TRM & Outsourcing Guidelines, PDPC and other applicable financial services.
KEY ACCOUNTABILITIES
- Lead Business IT Security, with the support of the local IT Team and Group IT Security.
- Define and maintain a Local Business Unit IT Security Program, to perform continuous improvement on the Business Unit security posture.
- Drive local Business Unit IT Security initiatives and projects definition and implementation, selection of solutions and architecture, as well as define operations framework and its continuous improvement.
- Coordinate Group IT Security initiatives rollout in country.
- Support the preparation of IT Security Metrics and Risk Mapping, along with the resolution of deficiencies identified on those Metrics.
- Drive awareness and support to Group IT Security, Group IT and the Business Unit IT, to understand the IT Security Solutions and Processes, as well as their implications across the organization.
- Work closely with the Head of IT and Group CISO, through tracking and reporting function, to ensure regular updates to management on the IT Security Program and risks.
QUALIFICATIONS / EXPERIENCE
- Degree from Information Technology or equivalent discipline.
- Minimum 8 years working experience in IT Security Management role, preferably in Financial Services.
- Business IT Security leadership experience.
- Certification on CISSP / CRISC is preferred.
KNOWLEDGE, SKILLS & ABILITY
- Excellent knowledge of overall IT Security domains.
- Experience on multicultural virtual/distributed team coordination and communication.
- Ability to define, prioritize and execute process in a precise and structured manner.
- Excellent communication, presentation and influencing skills.
- Insurance business general knowledge
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index π°
Tags: CISO CISSP Compliance CRISC Incident response SDLC
Perks/benefits: Career development
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.