The purpose of this role is to manage information security for the business area. This role will be responsible for delivering information security initiatives through the business area, for ensuring controls and culture are maintained and for supporting business security requirements, leveraging global and regional capabilities.

Job Description:

Key responsibilities:

Builds positive stakeholder relationships in the business area

Communicates and supports adherence of the business’ Information Security policy and standard. Works with global centre of excellence teams to ensure policy, standards and projects have local context

Manages information security projects and coordinates resources with regional Technology and business stakeholder staff and external groups

Performs periodic security risk assessments of region markets and brands

Successfully utilises support processes and structures sufficient to ensure the business’ information security risk profile meets corporate goals and is maintained/improved over time

Ensures teams are successfully assessing the scope and impact of incidents and responding with a sense of urgency that matches the incident, following appropriate policies and procedures. Perform "root cause” analysis for major incidents to identify and remediate information security issues

Manages and supports requests relating to client security, e.g. RFPs, client audits etc

Assists stakeholders with BCP/DR test planning, execution, training and maintenance projects

Supports Internal Audit to manage regional audits to include remediation of findings

Supports supplier security processes where onsite supplier reviews are needed

Location:

Shanghai

Brand:

Global Functions

Time Type:

Full time

Contract Type:

Permanent