Information Security Executive Officer - DataX - February 11, 2022
Responsibilities
Establish and maintain DATAx’s cyber and data security vision, strategy, and information security program to ensure assets are adequately protected and in line with the overall data security requirements of SCBX
Define and maintain cyber security standards and policies for DATAx
Act as an ambassador for cyber and data security, on behalf of DATAx, in relevant forums with external stakeholders and SCBX’s subsidiaries
Understand and influence security legislation that affects DATAx’s data business through regular interactions with the relevant regulators e.g. BOT
Engage in regular dialog with business stakeholders in DATAx to understand their needs, issues, and pipeline of planned new product/service development and provide guidance to comply with DATAx’s security strategy
Balance information security needs with strategic business plans, identify risk factors , and determine solutions
Understand emerging information security threats, assess the potential degree of impacts and prioritize strategic focus areas to address these threats
Support the building of customer trust through transparent data practices and digital ethics
Devise measures/controls for DATAx to ensure compliance with security legislation
Serve the Board and garner confidence that DataX is making appropriate security decisions
Responsible for driving the strategic direction & rollout for security awareness/training programs to ensure secure behaviors
Define and approve KPIs for enterprise security governance
Ensure Security Operations function is appropriately servicing the enterprise
Collaborate with Internal Audit, Corporate Compliance, Information Technology, and Enterprise Risk to develop procedures for handling security breaches identified as enterprise-wide
Identify required skills for the organization, assess resource or skill gaps, and train or acquire talent to remediate knowledge gaps
Oversee the execution of initiatives to resolve cyber security incidents, providing regular updates to board, C-suite and others as required
Provide oversight of progress and effectiveness of Continuous Improvement plans
Qualifications
Bachelor's or Master degree in information technology, computer science, management information systems, or related field
Relevant Professional certification essential: CISSP, CISA, CISM or CRISC
Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity
Experience in setting up and managing information security team
Experience working in a fast-paced, technology-centric, and/or FinTech industry is an advantage
Proven experience in planning, organizing, and developing cyber and information security programs in large organizations
Experience serving as cyber and information security leadership in complex organizations
Core Competencies
Business Acumen – demonstrate executive level business acumen
Security Acumen – have an in-depth knowledge of applicable laws and regulations as they relate to cyber and information security
Executive Communications – develop and clearly articulate a compelling cyber and information security vision that inspires and influences stakeholders and exhibit a strong executive presence with excellent written and oral communication and presentation skills
Analysis – demonstrate strong analytical and critical thinking skills,
Leadership – develop talent and assemble a highly effective team
Relationship Management – build strong internal and external networks