APAC Cyber GRC, AVP
Singapore, Singapore
State Street
State Street provides investment servicing, investment management, investment research and trading services to institutional investors worldwide.Who we are looking for
An Information Security Officer who will be part of a team across APAC; responsible for ensuring the security of the business and functional teams in line with company security policy and risk tolerances.
What you will be responsible for
· Align to the mission of continuously improving the cyber risk posture regionally; and actively contributing to the global cybersecurity program.
· Consistent and effective engagement with Information Technology, Business leadership to embed security into their strategic and tactical plans.
· Addressing cyber security and risk posture within the region.
· Anticipate and address the cyber security requirements from various regional regulators
· Being a Trusted Security Adviser to the Regional Leadership teams.
· Engage with regional regulators and legal entity boards on the subject of cyber security and cyber risk.
· Assist in the development and successful outcomes of Security KPIs that drive control effectiveness.
· Directly support security assessments and drive required improvements in response to assessments.
What we value
· Foster a high performing team environment.
· Collaborate across Global Cyber Security and business lines to ensure alignment addressing security risk in their products and services.
· Create visibility through effective metrics and reporting.
· Build and nurture positive working relationships with clients with the intention to exceed client expectations.
· Positioning security within the business with the ability to communicate in non-technical terminology.
· Partner with your stakeholders to identify, evaluate, and address cyber security risks.
· Ensures and monitors security compliance with industry and government rules and regulations.
· Coordinates with technology and business groups to assess, mitigate, and monitor IT-related security risks.
· An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily-understood, authoritative, and actionable manner
· Report security performance against established security metrics.
· Promote information security awareness program to ensure staff members across the organization understand the trade-off between risk and return.
Desired Outcomes
· Delivery of effective security outcomes that drives improvements of security within the business.
· Continuous improvement of cyber risk posture.
Critical Leadership Capabilities
· Driving results
· Strategic Thinking
· Collaborating & Influencing
· Change Management
· Team Building
· Senior Executive communication
Education & Preferred Qualifications
· Technical understanding and experience developing and implementing innovated techniques and solutions to delivering cost efficient security solutions.
· Hands-on experience or working knowledge in multiple security domains: Network security, Identity and Access, Data Loss / Data Protection, Application Security, Windows/Unix security hardening, security framework, Vulnerability Management, Penetration Test & standards, various protocols (e.g., TCP/IP, UDP, SSL/TLS, SSH, HTTPS, FTP, RDP, LDAP, etc.)
· Knowledge of various Cloud environments, security controls and assurance
· Understanding of key Cyber risk frameworks
· An interest in data analysis, feeding into decision-making processes
· An ability to effectively influence others to modify their opinions, plans, or behaviors
· Ability to react to dynamic changing environments
· Preference not Mandatory : Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC), Certified Information Security Manager (CISM) and/or Offensive Security Certified Professional (OSCP)
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security CISM CISSP Cloud Compliance CRISC KPIs LDAP Network security Offensive security OSCP Security assessment SSH TCP/IP TLS UNIX Vulnerability management Windows
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.