Your new company
A Well-known SupplyChain & Logistic giant.
Your new role
• This role will suit a cybersecurity professional already supporting the Asia Pacific region or someone who can assume more responsibilities and exposure beyond greater China.
• The key focus of this role will be on governance, risk management, and compliance • To support ISO27001 ISMS, MLPS 2.0, and SOC2 accreditation and maintenance.
• Develop, improve, and maintain internal repository, IT security policies, standards, guidelines, processes, and frameworks. • Support the information security risk management and governance alignment. • Ensure compliance with information security regulatory and contractual requirements
• Provide policy liaison support, including communication and interpretation of policy requirements and organizational implementation. • Conduct internal reviews and support external audits and data protection reviews.
• Support various countries’ Cybersecurity, Data Protection, and Privacy matters, including LOB DPOs and cooperating with authorities.
• To support security steering committee meetings and management reporting.
• Where required, provide second-level global RFP support and customer presentations
• Track and monitor applicable regulatory advisories and circulars
• Provide training and awareness education
• Provide security advisory to varied global teams and projects • Evaluate technology and solution vendors for internal IT projects.
• To complete additional security assignments as required by senior management.
What you'll need to succeed
•A good bachelor’s degree with professional certification such as CISA, CISSP, CISP, or equivalent.
• A relevant master’s degree is an advantage.
• A minimum of 10 years of work experience, over five years in information security.
• Knowledge of various jurisdiction regulations such as PDPA, GDPR, China Cybersecurity law, Data Security law, PIPL, etc., and industry best practices such as ISO27001, NIST, and CIS Controls.
• Experience with risk assessments, internal quality control activities, and monitoring follow-up actions, including post-security findings and audits.
• Experience handling IT security incidents and conducting investigation and necessary follow-up actions, including containment, recovery, and preventive actions
• Experience supporting large commercial organizations with numerous global sites and technology setups would be an advantage.
• Experience with staff awareness training of security and data protection.
• Self-driven and well-organized, able to lead by example. • The nature of the role requires communication skills in English and Chinese
What you need to do now
Sounds like you? Drop us your CV to Max.sun@Hays.cn or 021-23229667 #1232255
Supply Chain & Logistics
Talk to a consultant
Talk to Max Sun, the specialist consultant managing this position, located in Shanghai
Unit 1205-1212, HKRI Centre One, HKRI Taikoo Hui, 288 Shimen Road (No.1)