⇒ Role Summary

The ideal candidate must possess strong organization and stakeholder's management skills, a solid background in IT security, including prior experience leading regional programs, establishing governance, and overseeing operations related to vulnerability management.

⇒ Main Responsibilities

• Co-ordinate with the regional stream of the global vulnerability and compliance management project.
• Assist in the establishment of the project's governance in the region for all departments under IT Operations perimeter (improvement, new Process or Procedures).
• Oversee operations such as scoping, scanning, reporting, coordinating with stakeholders.
• Partner with & manage local stakeholders to ensure organizational and procedural efficiency.
• Oversee & support the Business IT departments' remediation activities governance.
• Assess, report and address the security risks arising from vulnerabilities & compliance deviations.
• Report closely to Programme Lead for IVM and align actions and activities with the overall vision and plans for APAC IVM, provide feedbacks and suggestions collected on the field.
• Report regularly to global, regional & local stakeholders including C-level status of the project.
• Organize and Animate training and awareness sessions with regional and local stakeholders on IVM tools and reports available to them.
• Draft training and awareness materials to strengthen further the stakeholders adoption and engagement with IVM tools, reports and procedures.
• Animate the IVM Project Task Force and extended contributors on behalf of the Programme Lead.
• Develop and maintain relationships with all projects stakeholders, including local, regional and global IT teams, business IT teams, Security Risk Management teams and C-level.
• Improve the efficiency of global procedures for Vulnerability & Compliance management.
• Contribute to the Bank compliance with regulatory requirements and internal policies.
• Provide guidance and support for IT infrastructure projects related to vulnerability management.
• Contribute to the control frameworks in day‐to‐day business activities, such as Control Plans, participation in Audit interview and preparation and delivery of requested evidences.
• Participate in daily stand-up and other Scrum rituals for the IVM tools supporting the activities.
• Provide and consolidate BAU and Project KPI progress for the IVM APAC SteerCo.
• Review and assist in Visualization reports evolutions to support IVM-related remediations effort in APAC.

⇒ Qualifications & Experience

• Bachelor's Degree in Computer Science, Information Systems, or related field.
• More than 5 years of experience in IT security with a focus on vulnerability and compliance management.
• More than 3 years of experience in a leadership or management role.
• Proven experience on Vulnerability Management activities in Financial Institution environment.
• Technical knowledge and hands on experience with vulnerability management products.
• Visualization tools hands on experience is a plus (ClickView, Tableau, PowerBI).
• Professional credentials in Security & Risk Management disciplines is a plus (CISSP, CISM,CRISC, CEH, etc.).

Technical Skills

• Deep understanding of vulnerability assessment and remediation methodologies.
• Thorough knowledge of vulnerability management tools (e.g. Qualys, Nexpose, Tanium Comply).
• Proficient in infrastructure security best practices, technologies and security concepts.
• Program and project management expertise, capacity to lead hybrid project methodologies.
• Advanced skills on MS PowerPoint.
• Familiarity with security compliance frameworks such as PCI-DSS, ISO 27001, etc.

Behavioural Skills

• Excellent interpersonal and communication skills; ability to influence and motivate.
• Strong leadership and project management skills.
• Strong teamwork and collaboration skills.
• Successful people management experience.
• Strong problem-solving and analytical skills.