Vice President

**Job Function**:
Information Technology (IT)

**Job Summary**:
The Vice President - Cyber-Security & Compliance develops and drives the vision for the information security function. He/She acts as the authority for the development and enforcement of enterprise security strategy, standards and policies, and has ultimate responsibility for ensuring the protection of corporate information.

He/She is an inspirational and influential leader, who displays sound judgement and decisiveness in ensuring that corporate information is well protected and secured. He/She is strategic in his approach toward resource management and capability development among his/her teams.

**Job Responsibilities/Key Tasks(External)**:
**Manage Cyber-Security Incidents**
- Advise on responses to regulatory inquiries, inspections or audits
- Lead the development of plans to address system vulnerabilities
- Drive resolution of large scale security incidents system vulnerabilities
- Present evidence for legal action arising from cyber security incidents

**Formulate Information Security Strategy**
- Provide strategic, budgetary and administrative advice for implementation of information security strategy
- Drive security awareness and education on information security throughout the organisation
- Establish the organisational cyber security vision, strategy and underlying cyber security initiatives or programmes
- Advise senior management and key stakeholders on information security matters
- Align information security and information risk management strategy with business strategy

**Handle Cyber Security Risks**
- Ensure adherence to international and national laws and regulations on information security and privacy
- Represent the organisation in dealing with external entities on cyber security risk issues
- Supervise the creation of cyber security risk evaluation frameworks
- Supervise the creation and testing of plans for disaster recovery and business continuity
- Inform business stakeholders about the various kinds of cyber risks and incidents and the standards for cyber security compliance

**Establish Security Architecture**
- Ensure the compliance of appropriate plans with regulatory, industry and regional standards
- Define Key Performance Indicators (KPIs to evaluate the security architecture performance Conduct information security and risk management training programmes
- Oversee the design of cyber security architecture and the overall Cyber Risk Maturity Model Assist in developing a framework to measure the effectiveness of security programmes
- Review security architecture to make sure that it addresses technology changes and threats Oversee the formulation of policies for information security and risk management, disaster recovery and business continuity plans
- Analyze current information security practices to ensure consistency with IT standards and industry best practices
- Set and implement rules and guidelines for cyber security legal risk according to industry best practices and standards**Job Requirements**:

- Extensive experience in information security and/or IT risk management with a focus on security, performance, and reliability.
- Solid understanding of security protocols, cryptography, authentication, authorization, and security.
- Good working knowledge of current IT risks, emerging technologies and experience implementing security solutions.
- Experience in enforcing policies and procedures for the protection of IT assets and data.
- Demonstrated ability to build consensus among many stakeholders.
- Ability to interact with a broad cross-section of personnel to explain and enforce security measures.

**Professional Qualifications & Relevant Experience**:

- Bachelor / Master degree in Information Technology, Computer Science, Cybersecurity, or a related field.
- A minimum of 10 years of experience in a combination of risk management, information security, and IT jobs. At least 5 years of experience in a senior leadership role
- Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Chief Information Security Officer (CCISO), or other similar credentials.
- Knowledge of common information security management frameworks, such as ISO/IEC 27001, and NIST.
- Experience with Cloud platforms (e.g., AWS, Azure) and protecting data stored within such environments.
- Understanding of advanced persistent threats, phishing, social engineering, network access controllers, gateway anti-malware, and enhanced authentication.