about the company.
Client is fintech providing solutions that simplifies global trade.
about the job.
- Report into the CTO, work with the Head of Risk to develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program
- Contribute to disaster recovery and business continuity plans
- Review and approve security policies, controls, and cyber incident response planning
- Manage information security and risk management awareness training programs for all approved systems users
- Manage security incidents and events to protect corporate IT assets, including IP, data and company reputation
- Provide regular reporting on the current status of the information security program to senior staff and the board of directors
- Coordinate information security and risk management projects with resources from the IT organization and business units
- Ensure continued compliance of the security programs with all applicable laws and regulations
- Review investigations after breaches or incidents, including impact analysis and recommendations for avoiding similar vulnerabilities
- Conduct periodic security audits
- Responsible for the implementation and maintenance of the most current version of the CIS 20 Critical Controls
- Ensure that all cybersecurity policies and procedures are communicated to all personnel and that compliance is enforced
- Coordination of all employees, contractors, and vendors involved in IT security
- Constantly update the cybersecurity strategy to leverage new technology and threat information
- Coordinate security tool deployment and implementation
- Serve as the expert advisor to the executive team on status and risks, conduct research and provide updates on industry standards
- Operate as the CIS lead on the CIS Risk Committee
- Oversee the overall security architecture, strategy, and necessary budget
- 15+ years’ experience in IT, Cloud, Security as well as large distributed platforms. Background of SaaS / system development (i.e. SAP, Oracle, etc.) would be advantageous.
- Advance degree in Computer Science, IT Security or related field
- Expert in Cloud technologies and cyber security
- Expert in cryptography
- Experience with white hat hacking.
- Expert in intrusion detection
- Technical knowledge of different types of cloud systems, networking, applications micro services frameworks, PUB/sub frameworks, event driven architecture and operating systems
- Regulatory compliance knowledge, including GDPR, HIPAA, SOX, PCI, NIST, FISMA and GLBA
- Understanding of International, Federal, State and Local laws concerning data acquisition, protection and transmission
- Quantitative Risk Assessment experience
- Strong leadership and people management abilities
- Strong attention to detail
- Excellent interpersonal skills and professional demeanor
- Excellent verbal and written communication skills in English
- Excellent customer service and presentation skills
If you're interested in this opportunity, apply now to secure your application. For further information, feel free to reach Eddie Wang at firstname.lastname@example.org or WhatsApp 62907292 for a confidential chat on this role or other opportunities....