Information Security Management

• Manage and maintain Information Security Management System as per global standard and aligned with industrial/ISO standard
• Conduct regular internal audit according to the global/industrial/ISO standard to identify potential non-conformance and ensure the corrective and preventive measures in place and ready for external assessment
• Support internal stakeholders to develop and deploy corresponding controls and processes for fulfilling the information security policy
• Support business unit for external certification assessment on ISO27001, SOCs or information security related
• Manage information security incident with support from incident owner and report the incident to country ISM and global, follow-up with incident owner for remedial action and mitigation plan

Business and Operation Risk Management

• Manage and maintain Risk Management System as per global standard and algined with industrial/ISO standard
• Manage company-wise risk registry log and keep tracking the status of control and mitigation plan, update to senior management for all critical risks

Business Continuity Management

• Manage and maintain a company-wise business continuity plan as as per global standard and aligned with industrial/ISO standard
• Manage BCP activation and restoration from decision of Crisis Management team including consolidating all the issues identified

Customer Audit/Compliance-check Management

• Coordinate with relevant internal parties to prepare the supporting document, interview meeting for customer compliance-check/audit

• Degree holder in Computer Science/ IT/ Engineering or related discipline
• Minimum 8 years of experience in compliance and risk management with Auditor of ISO 27001
• Experience in Networking/IT/Engineering/Critical Facility industries preferred
• Professional in ISO27001, SOCs and other information security standards; Professional in risk management and business continuity management; Knowledge of industrial operation standard/best practice for DC facilities, Network & IT infrastructure
• Team Player, Highly self-motivated and ownership taker
• Able to work under pressure and independently without supervision
• Able to managing multiple priorities and with ""Can-do"" mindset