Main responsibilities
• Develop and implement IT security and data protection policies that meet international standards (ISO 27001, NIST)
• Responsible for implementing and monitoring security solutions such as Minacast, Zecaler, Microsoft Defender, etc.
• Ensure network, server and cloud environment are securely configured
• Assess and recommend safety tools and technologies, especially the implementation of mobile security systems
• Provide advice to senior management on emerging threats and security trends
• Ensure compliance with data privacy laws (GDPR, PDPO) and industry regulations
• Responsible for ensuring internal corporate data privacy compliance, such as consumer data
• Conduct risk assessment, audit and vulnerability management
• Manage event response plans and coordinate security vulnerability investigations
• Promote safety awareness and training throughout the company
• Prepare a high-level report on security posture and compliance status
• Identify opportunities for improving and automating security operations processes
Job Requirements
• Bachelor's degree in Computer Science, Information Security or related fields
• Holding CISSP, CISM or ISO 27001 Chief Information Security Officer (CISO) professional certifications
• 7-10 years of IT security experience, with at least 2 years in a management position
• Proficient in network security frameworks, encryption technologies, and regulatory compliance
• Familiarity with Minacast, Zesaler, Microsoft Defender, etc. is preferred
• Familiar with consumer data privacy compliance management requirements, especially the regulatory requirements of various countries in the Asia-Pacific region.
• Have excellent problem-solving, stakeholder management, and communication skills
• Proficient in English and Mandarin, familiar with other Asian languages
• Accept occasional business trips to the Asia-Pacific region
