Job Summary

We're looking for a Head of Security Program and Posture Management who will take charge of crafting and sustaining our cybersecurity strategy. In this role, you'll also oversee cybersecurity transformation initiatives and programs, as well as monitor activities to guarantee our cybersecurity is consistently at the level we've agreed upon with stakeholders. Your responsibilities will include ensuring alignment with our planned security architecture and safeguarding against cyber fraud. Additionally, this position carries the responsibility of leading our efforts in Threat Intelligence operations and execution.

Job Description

• Cybersecurity Priorities and Strategy Lead: Take the lead on setting our cybersecurity priorities and strategy, reporting directly to the Head of Technology Security and Cyber Fraud Prevention
• Cybersecurity Posture Management Lead: Lead the management of our cybersecurity posture in collaboration with other Technology Security leaders, ensuring that our security remains robust and up to acceptable standards. This includes coordinating with external auditors, internal auditors, financial crime experts, and our group company to develop cybersecurity programs
• Enhance Cyber Fraud Prevention: Lead the technical development of programs aimed at strengthening our defense against cyber fraud, working to fortify our applications
• Collaborate on Solution Roadmaps: Work closely with Business Coordinators and Technology Security leaders on cybersecurity solutions and platform replacement roadmaps, including managing the entire lifecycle of our assets
• Manage Service Catalogue: Coordinate with Business Coordinators and other Technology Security leaders to create a cybersecurity service catalog for third parties and oversee the end-to-end service charging scheme and tracking
• Incident Response Leadership: Lead Technology Security team leaders and others in responding promptly to cybersecurity incidents that affect our security posture, ensuring timely action, tracking, and effective remediation
• Cybersecurity Threat Intelligence: Take charge of cybersecurity threat intelligence operations and third-party cybersecurity posture monitoring and maintenance. This involves collaborating with Security Team leaders and members, periodically publishing and communicating threat intelligence analysis to designated stakeholders
• Drive R&D and Innovation: Lead research and development efforts on cybersecurity technology and approaches to continually enhance our cybersecurity measures
• Performance Management: Define and review personnel actions and key performance indicators (KPIs) related to cybersecurity projects, transformation initiatives, and activities that proactively and reactively impact our cybersecurity posture and strategy. Prepare ad hoc reports, lead briefings, create presentations, write speeches, and handle responses to various organizational and strategic cybersecurity agenda items and issues
• Dashboard Maintenance: Maintain and update the cybersecurity posture program and measurement dashboard to ensure continuous improvement and keep track of our current posture status

Program Coordination

• Acts as the primary point of contact for cybersecurity programs and transformation projects that are critical to the functional and strategic success of Technology Security.
• Supervise and lead the course of cybersecurity changes and cybersecurity elevating projects
• Provide strategic direction and oversight for cybersecurity projects, people capabilities, process improvement, and cybersecurity posture agendas
• Conducts project status meetings with the Head of Technology Security and the leadership team to support the organization's cybersecurity goals

Qualifications

• Bachelor’s or master’s degree in computer science, computer engineering, information technology, or a related field
• At least 10 years of experience in information security or a related field.
• In-depth knowledge of industry best practices and standards, such as ISO 27001, NIST, and CIS
• Strong communication and problem-solving abilities, as well as the ability to articulate complicated security issues to non-technical stakeholders.
• Effective English for oral and writing communication is required.
• Knowledge of cloud security
• Certifications such as CISSP, CISM, or CISA are advantageous.
• Experience managing Cybersecurity Uplift/Transformation programs, as well as Cybersecurity Leaders, is a plus.

Recruiter

s84404@scb.co.th