Responsibilities

• Establish and maintain DATAx’s cyber and data security vision, strategy, and information security program to ensure assets are adequately protected and in line with the overall data security requirements of SCBX
• Define and maintain cyber security standards and policies for DATAx
• Act as an ambassador for cyber and data security, on behalf of DATAx, in relevant forums with external stakeholders and SCBX’s subsidiaries
• Understand and influence security legislation that affects DATAx’s data business through regular interactions with the relevant regulators e.g. BOT
• Engage in regular dialog with business stakeholders in DATAx to understand their needs, issues, and pipeline of planned new product/service development and provide guidance to comply with DATAx’s security strategy
• Balance information security needs with strategic business plans, identify risk factors , and determine solutions
• Understand emerging information security threats, assess the potential degree of impacts and prioritize strategic focus areas to address these threats
• Support the building of customer trust through transparent data practices and digital ethics
• Devise measures/controls for DATAx to ensure compliance with security legislation
• Serve the Board and garner confidence that DataX is making appropriate security decisions
• Responsible for driving the strategic direction & rollout for security awareness/training programs to ensure secure behaviors
• Define and approve KPIs for enterprise security governance
• Ensure Security Operations function is appropriately servicing the enterprise
• Collaborate with Internal Audit, Corporate Compliance, Information Technology, and Enterprise Risk to develop procedures for handling security breaches identified as enterprise-wide
• Identify required skills for the organization, assess resource or skill gaps, and train or acquire talent to remediate knowledge gaps
• Oversee the execution of initiatives to resolve cyber security incidents, providing regular updates to board, C-suite and others as required
• Provide oversight of progress and effectiveness of Continuous Improvement plans

Qualifications

• Bachelor's or Master degree in information technology, computer science, management information systems, or related field
• Relevant Professional certification essential: CISSP, CISA, CISM or CRISC
• Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity
• Experience in setting up and managing information security team
• Experience working in a fast-paced, technology-centric, and/or FinTech industry is an advantage
• Proven experience in planning, organizing, and developing cyber and information security programs in large organizations
• Experience serving as cyber and information security leadership in complex organizations

Core Competencies

• Business Acumen – demonstrate executive level business acumen
• Security Acumen – have an in-depth knowledge of applicable laws and regulations as they relate to cyber and information security
• Executive Communications – develop and clearly articulate a compelling cyber and information security vision that inspires and influences stakeholders and exhibit a strong executive presence with excellent written and oral communication and presentation skills
• Analysis – demonstrate strong analytical and critical thinking skills,
• Leadership – develop talent and assemble a highly effective team
• Relationship Management – build strong internal and external networks

Recruiter

Poranee