Information Security will partner with Axons IT team to manage and support all-level stakeholders, ensure policies, processes, practices, and technologies are successfully implemented and maintain. Oversight performance measurement, and course correction of all information security activities. This role includes awareness activities, analytics and support internal investigation function. Overall team should ensure information security compliance align between external and internal requirements, mitigating risk commensurate with the organization's risk tolerance.
Responsibilities:
- Plan, execute, and maintain information security risk program
- Allocate adequately trained/skilled resources to implement the information security risk program and plan
- Measure and monitor cost, schedule, and performance of the program
- Establish and execute information security risk management process
- Implement, and enforce information security policies
- Ensure that controls are adequate to meet legal, regulatory, policy, standards, and security requirements through controls review exercises
- Manage relationship and interface with external parties, e.g., regulator, HR, legal, compliance, risk management, suppliers.
- Plan, develop and conduct information security awareness activities, including an enterprise-wide role-based information security awareness and training program
- Manage the employment lifecycle, including performance, knowledge, skills, capabilities, and availability of the information security risk team.
- Perform analytics in the support for enterprise risk management activities
- Perform forensic analytics in the support for hazardous risk response, including internal investigation
Qualifications:
- Minimum 6 years of experience in fields relating to of risk management, IT audit, analytics, information security and technology, and/or information technology management with large enterprise or consulting firm
- Background in IT Audit/ IT Assurance and/or developer will be advantage
- Experience with project/program management for large and multi-national enterprise
- Experience with policy development and implementation is a plus.
- Experience with awareness training and/or people coaching is a plus.
- Experience with data analytics is a plus.
Skills & Knowledge:
- Knowledge of common information security management frameworks, such as ISO/IEC 27001, ISO/IEC 20000, CIS, and NIST.
- Knowledge of regulation and standards compliance for information security domain
- Knowledge of analytics technology
- Excellent written and verbal communication skills and high level of personal integrity
- Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams plus financial and planning skills
- Project management or Relevant professional certification is a plus.
Benefits:
- Work From Anywhere
- Fixed Bonus
- Healthcare Allowance for employee and family member
- Flexible Working Hours
- Work From Anywhere Allowance
- Special Interest rate for home loan
