Head of Technology & Security Risk

Job Description:

About Dentsu 

Led by Dentsu Group Inc. (Tokyo: 4324; ISIN: JP3551520004), a pure holding company established on January 1, 2020, the Dentsu Group encompasses two operational networks: dentsu japan network, which oversees Dentsu’s agency operations in Japan, and dentsu international, its international business headquarters in London, which oversees Dentsu’s agency operations outside of Japan. 
 

With a strong presence in approximately 145 countries and regions across five continents and with 65,000 dedicated professionals, the Dentsu Group provides a comprehensive range of client-centric integrated communications, media and digital services through its five leadership brands—Carat, dentsu X, iProspect, Dentsu Creative, and Merkle—as well as through Dentsu Japan Network companies, including Dentsu Inc., the world’s largest single brand agency with a history of innovation. The Group is also active in the production and marketing of sports and entertainment content on a global scale. 

www.dentsu.com 

Dentsu Security are responsible for the scope and delivery of information security activities that cover all dentsu international offices located across 145 countries globally. Our Technology & Security Governance, Risk and Compliance team are responsible for an extensive programme covering technology & cyber security risk management, policies & controls, internal controls assurance and third-party security.

The Head of Technology & Security Risk will lead the Technology & Security Risk function, reporting directly to the Director for Technology & Security GRC.

Key Responsibilities:

• Operate a technology & cyber security risk management function that ensures risks are identified, assessed, articulated and acted upon in a proportionate manner – aligned to dentsu’s enterprise risk management framework

• Develop the global technology & cyber security risk strategy

• Lead executive and management reporting for technology & cyber security risk

• Act as a custodian for the technology & security policies and control framework, including overseeing regular reviews and driving continuous improvement

• Innovate and lead change across Technology & Security Risk ensuring that both existing and future capabilities mature in line with commercial and industry standards

• Own the risk and issue management module within the GRC platform

• Manage key stakeholder relationships (inc. risk sponsors) across global support functions and brands, promoting wider engagement with the Security function

• Lead the Technology & Security Risk team, taking responsibility for the professional development of direct reports

• Provide support to dentsu’s security certification program including the Global Operations ISO 27001 management system

Candidate Profile:

• Experience in leading technology or cyber security risk within a global/large organisation

• In-depth technology and cyber security knowledge, with a strong background in technology or cyber risk management

• Thorough understanding of information security regulatory compliance

• Demonstrable experience of security assessment methodologies and frameworks (ISO 27001, NIST, SOC2, PCI)

• Excellent stakeholder engagement and ability to drive change in a matrixed organisation

• Experience of working with a high degree of autonomy, managing own and others’ workload, and delivering to tight timescales

• Proven ability to work in collaborative environment

• Experience in using enterprise risk management and assurance tooling

• Experience in quantitative risk methodologies (desirable)

• Experience of ISO 27001 aligned security risk and governance programs (desirable)

• Security qualifications: CISSP, CISM, CISA, CRISC (desirable)

#LI-EY1

#LI-HYBRID

Location:

Kuala Lumpur - Wisma Guocoland

Brand:

Global Technology

Time Type:

Full time

Contract Type:

Permanent