Role Summary
The ideal candidate must possess strong organization and stakeholder's management skills, a solid background in IT security, including prior experience leading regional programs, establishing governance, and overseeing operations related to vulnerability management.
Main Responsibilities
- Co-ordinate with the regional stream of the global vulnerability and compliance management project.
- Assist in the establishment of the project's governance in the region for all departments under IT Operations perimeter (improvement, new Process or Procedures).
- Oversee operations such as scoping, scanning, reporting, coordinating with stakeholders.
- Partner with & manage local stakeholders to ensure organizational and procedural efficiency.
- Oversee & support the Business IT departments remediation activities governance.
- Assess, report and address the security risks arising from vulnerabilities & compliance deviations.
- Report closely to Programme Lead for IVM and align actions and activities with the overall vision and plans for APAC IVM, provide feedbacks and suggestions collected on the field.
- Report regularly to global, regional & local stakeholders including C-level status of the project.
- Organize and Animate training and awareness sessions with regional and local stakeholders on IVM tools and reports available to them.
- Draft training and awareness materials to strengthen further the stakeholders adoption and engagement with IVM tools, reports and procedures.
- Animate the IVM Project Task Force and extended contributors on behalf of the Programme Lead.
- Develop and maintain relationships with all projects stakeholders, including local, regional and global IT teams, business IT teams, Security Risk Management teams and C-level.
- Improve the efficiency of global procedures for Vulnerability & Compliance management.
- Contribute to the Bank compliance with regulatory requirements and internal policies.
- Provide guidance and support for IT infrastructure projects related to vulnerability management.
- Contribute to the control frameworks in daytoday business activities, such as Control Plans, participation in Audit interview and preparation and delivery of requested evidences.
- Participate in daily stand-up and other Scrum rituals for the IVM tools supporting the activities.
- Provide and consolidate BAU and Project KPI progress for the IVM APAC SteerCo.
- Review and assist in Visualization reports evolutions to support IVM-related remediations effort in APAC.
Qualifications & Experience
- Bachelor's Degree in Computer Science, Information Systems, or related field.
- More than 5 years of experience in IT security with a focus on vulnerability and compliance management.
- More than 3 years of experience in a leadership or management role.
- Proven experience on Vulnerability Management activities in Financial Institution environment.
- Technical knowledge and hands on experience with vulnerability management products.
- Visualization tools hands on experience is a plus (ClickView, Tableau, PowerBI).
- Professional credentials in Security & Risk Management disciplines is a plus (CISSP, CISM,CRISC, CEH, etc.).
Technical Skills
- Deep understanding of vulnerability assessment and remediation methodologies.
- Thorough knowledge of vulnerability management tools (e.g. Qualys, Nexpose, Tanium Comply).
- Proficient in infrastructure security best practices, technologies and security concepts.
- Program and project management expertise, capacity to lead hybrid project methodologies.
- Advanced skills on MS PowerPoint.
- Familiarity with security compliance frameworks such as PCI-DSS, ISO 27001, etc.
Behavioural Skills
- Excellent interpersonal and communication skills ability to influence and motivate.
- Strong leadership and project management skills.
- Strong teamwork and collaboration skills.
- Successful people management experience.
- Strong problem-solving and analytical skills.
