外资消费品公司
Regional Cyber Security Lead APAC
快速消费品
网络安全
上海
10年以上
本科
面议
公司介绍
外资消费品
职位描述
Regional Cybersecurity Leadership
- Drive the APAC cybersecurity strategy in alignment with overall business and technology objectives, establishing and operating a risk‑based security program across the region.
- Serve as the primary cybersecurity liaison for APAC IT, digital, and business stakeholders.
- Lead regional response efforts for major cybersecurity incidents, coordinating with global security teams, SOC, IT, Legal, Privacy, and Communications, ensuring timely executive escalation and adherence to regulatory obligations.
- Deliver regular executive‑level reporting on cyber risk posture, incident trends, and control maturity.
Governance, Risk, Compliance
- Develop and maintain regional cybersecurity governance frameworks.
- Lead cyber risk assessments and drive remediation initiatives.
- Maintain and enforce security policies and standards, supporting regional SOX ITGC compliance activities.
- Conduct regional cyber risk reviews and ensure closure of identified control gaps.
- Promote security best practices and regulatory compliance across APAC.
Security Architecture & Operations Oversight
- Partner with global and regional cybersecurity teams to oversee security across network, cloud, application, endpoint, data, and identity domains.
- Review IT systems, applications, and infrastructure—directly or with SMEs—to identify risks and recommend remediation actions.
- Oversee vulnerability management, including identification, prioritization, remediation tracking, and escalation of significant exposures.
- Provide governance over security operations, SOC engagement, and major incident response processes.
Third‑Party & Supply Chain Security
- Lead third‑party security assessments and ongoing vendor risk management across APAC.
- Support contract negotiations by advising on security requirements and risk‑based decisions.
People & Stakeholder Management
- Mentor and develop regional cybersecurity team members.
- Act as a trusted advisor to IT, Legal, Compliance, Privacy, and business leadership teams.
职位要求
- 10+ years of experience in cybersecurity, information security, or IT risk management.
- At least 3 years in a senior or regional cybersecurity leadership role.
- Experience with IT audit; hands‑on exposure to SOX IT General Controls in a large or publicly listed organization is preferred.
- Demonstrated ability to operate effectively across multiple APAC countries and cultures.
- Language: English (required, business and technical fluency); Japanese and Korean (preferred).
- Preferred Certifications: CISSP, CISM, CRISC, CCSP, CISA, OSCP, CISP, CKS, CCSK, ISO/IEC 27001 Lead Implementer/Auditor, and cloud security certifications (AWS, Azure, GCP).
咨询顾问
Shawn Cong
团队经理-IT & Cyber Security
分享