Share this Job
Create Alert

Regional Lead of Information Security

Date: 05-Jul-2019

Location: Singapore, Singapore

Company: Panalpina

Req ID: 157344
Job Function: IT
Full-Time/Part-Time: Full-time
Contract Type: Permanent
Job Level: Management
Purpose of the position

* Accountable for leading Regional and Country Information, IT Security and Risk Management capabilities. These include implementing, overseeing and reporting on security controls, processes, services and technologies; managing security risks. Emphasis will be on enforcing Panalpina IT security, quality and adherence to corporate security policies.

* Single point of contact for all security related incidents and matters for the Region and respective countries.

* Interacts on Regional, Area, Country and Business Unit levels.

* The role reports into the CISO.

Key Responsibilities

* Management / leadership of the Regional and Country Information, IT Security and Risk Management capabilities.

* Implement Panalpina security policies, standards and processes within the region.

* Ensure security technologies and services are properly implemented and managed with the region.

* Support coordination and regional roll-out of global security-related programs and initiatives.

* Regular assessment and reporting on security risks and overall security controls’ maturity within the region. Implementing required mitigation actions.

* Implementing information security awareness and education programs within the region.

* Establish strong relationships with all stakeholders and functional leadership in region and at corporate level.

* Manage involved providers and 3rd parties.

* Act as focal point of contact for all regional security matters. Provide security advice in projects, operations, Mergers & Acquisitions. Support security reviews, audits and third party assessments. Respond to Customer, Regulatory and/or Supplier security demands (e.g. RfPs, RfIs and RfQs).

* Manage all security incidents, breaches, threats for the region and respective countries.

* Ensure that key aspects of the security strategy and key information are communicated and distributed within the region.

* Be aware of relevant national security programs, legislation and regulatory compliance that apply to Panalpina information assets which could affect the business operation. Establish contacts with local law enforcement agencies and other relevant bodies, as and when required.

* Ensure regular reporting and communication to CISO on security matters and risks.

* Perform assigned tasks to support Panalpina meets its objectives and targets regarding quality, health, safety and environment as documented in IMS and follow all requirements as set out in the QHSE policy.

* It is the responsibility of all staff to ensure that their day to day activities embrace sustainability/Health and safety therefore reducing the impact upon the environment, supporting the communities we work in and reducing incidents in the workplace.

Decision Making Authority

* Decision maker and escalation point for all security matters in the region and respective countries.

Function / Market & Industry Knowledge / Business Acumen / Process working

* Knowledge of Information Security best practices, such as ISO27001/2, NIST

* Good understanding of relevant compliance regulations, such as data privacy

* Experience in implementing security policies and controls

* Experience with information security incident response

* Exposure and experience with the range of security technologies in a complex environment

* Understanding the balance between the management of risk and the capability for the Business to continue to operate

* Interest in promoting and enhancing security awareness

* Project management skills

* Willingness to travel globally

Skills & Competencies

* Ability to manage efforts/resources within and across boundaries to deliver goals

* Solid Planning & Organization skills (ability to prioritize, plan, assign & control)

* Ready to take personal accountability for achieving individual and shared goals

* Good communication and stakeholder management skills through all hierarchies

* Strong background in Information Security and Risk Management

* Willingness to learn and self-develop on the topics of Information Security

Educational background / Work experience

* A Degree in fields such as Computer Science, Information Systems, and Engineering or equivalent work experience

* A professional information security certification, such as CISM, CISSP, CISA, CRISC or other – is preferred

* Professional experience in implementing security policies, controls, technologies and managing risks

* Solid experience in enterprise information security in large corporate environments

* Experience in project management

Language Skills

* English: fluent written and spoken

* Other languages are beneficial