Job Search

Head of IT Security, Asia

Apply now Job no: 508520
Brand: FCM
Work type: Full time
Location: Singapore
Categories: Information & Technology

Head of IT Security, Asia

Flight Centre Travel Group is looking for a forward looking and dynamic leader to provide direction for the security technologies and capabilities within the Asia businesses within the organisation and drive the regional security practice. Reporting to the IT Director, Asia, the Head of IT Security will have a strong understanding of security and privacy principles, and a sound understanding of the regulatory environment affecting the business.

The Head of IT Security will need to have a solid understanding of the business drivers affecting security within the company as well as providing up to date security expertise across the region. Leading a team of 4 direct reports, the Head of IT Security will lead the design, implementation, operation, and maintenance of the information security management system within the company.

Key Responsibilities

  • Security Risk Management
    • Work with IT Director, CISO and Risk to identify risk exposure and manage the security risk to the organisation within the risk appetite
    • Review and evaluate new security technologies and practices for introduction into the organisation to reduce risk
    • Implement a systematic and structured process for the identification and management of security risks
    • In conjunction with Data Protection and Compliance, identify information management and protection laws and regulations and implement actions to ensure compliance
  • Security Governance
    • Review, maintain, and disseminate security policies in line with FCTG’s risk appetite, security strategy, relevant laws and security standards, and best practice
    • Implement, monitor and review security controls in accordance with the organisation’s security policy and business drivers
    • Lead the implementation and management of an internal and external audit and security testing program to validate compliance with security policy
    • Monitor new threats as they evolve and adjust risk management plans and security controls as necessary
    • Assess the security of 3rd parties with whom FCTG has a requirement to share information or business processes
  • Security Management
    • Lead the design, implementation, operation, and maintenance of the information security management system for the businesses
    • Work with architecture and delivery teams to ensure projects and applications are designed and implemented in line with security policy and best practice
    • Custodian of the Information security awareness initiative and provision of training (policies, procedures, communication) to all staffs on a periodic basis
    • Liaise with business and project stakeholders as required to provide security guidance and input
  • Incident Response
    • Lead, manage and resolve IT security incidents and escalations in a timely manner
    • Ensure security learnings are recorded, and improvement strategies are tracked and delivered
    • Assist in the Technical Asia Security Operations requirements

Role Requirements

Essential Requirements

  • 5+ years of experience in information security or technical operations role
  • 2+ years managerial experience in an information security leadership role
  • BSc in Computer Science, Software Engineering or IT related degree
  • Highly developed leadership and influencing skills
  • Self-awareness and exceptional ‘EQ’ and soft skills
  • Demonstrated highly developed oral and written English communication skills, with the ability to communicate comfortably with large groups and executives, and to articulate technology visions and solutions to non-technical stakeholders
  • Ability to take the initiative, make informed and measured decisions and deliver outcomes from those decisions
  • Ability to analyse and simplify complex problems, evaluate them systematically, identify causal relationships and construct frameworks for problem solving
  • Ability to think ahead and establish an appropriate course of action taking into account the constraints imposed
  • In-depth experience with solutioning and implementation of security tools such as Log management, IPS/IDS, Anti-DDoS, SIEM, Data Leakage Prevention, Proxy, Automation & Orchestration, AV, CASB and FW.
  • Experience in design and implementation of a secure infrastructure on major Cloud platform providers and have knowledge of cloud security best practices and industry security requirements

Desirable

  • In-depth knowledge of Risk Frameworks such as ISO 31000
  • In-depth knowledge of Security frameworks such as ISO27002, PCI DSS
  • Relevant security certifications such as CISSP/CISM, CEH
  • Mandarin language proficiency preferred

This role will also require to be available for incident and emergency handling outside standard office hours.

Is this the career opportunity you have been waiting for? Apply today!

Applications close: Singapore Standard Time

Back to search results Apply now

Share this:

| More
4-layers
Already an applicant and want to update your preferences?
Change your details below.
Keen to skip the queue?
Sign up for alerts so you can be first to know when a new opportunity is posted.