Our Corporate Risk Office of Charoen Pokphand Group Co., Ltd. plays an integral part in helping the group companies within Charoen Pokphand Group to achieve the entities objectives and to manage performance, optimize risk exposure in financial, operation, and minimize non-compliance and business mishap.
We're looking for an outside-the-box thinker who enjoys working as a team to help us shaping our organization's future. We work shoulder-to-shoulder with the group companies to solve real world complex business problems and to fundamentally improve and grow the business in the sustainable manner. Our team comprises of experienced professionals in process improvement, risk management, accounting, intelligence, technology, internal controls, data analytics and deep industry skills.
Responsibilities
The specific responsibilities of this role include:
- Develop and implement cyber risk management strategy as a group level that guides and informs company risk decisions (including how risk is framed, assessed, responded to, and monitored over time
- Follow strategic alignment of cyber risk management decisions with missions and business functions consistent with company goals and objectives
- Prepare cyber risk management program to develop plan that will help to decrease cyber risk factors
- Develop, establish, and implement cyber risk management policies, frameworks, guideline includes risk appetite, risk tolerance, and risk matrix for cyber risk management
- Derive the group's cyber risk management standard and implement it throughout company
- Provide oversight for cyber risk management activities carried out by company to ensure consistent and effective risk-based decisions
- Perform cyber risk evaluation, which entails comparing potential risk with company-defined criteria such as cost, environmental issues, and regulatory requirements, and evaluating the company's previous risk management
- Perform cyber risk assessment results and provide recommendation to business
- Design and create cyber risk assessment report and dashboard
- Being highly knowledgeable about the cyber security threatscape and assists teams and business units, provide consultation to all related cyber risk management
Qualifications and Skills :
- Bachelor degree in Computer Science/Engineering, Information Technology, Information Systems, Accounting Information Systems or other related fields. Master's degree is a plus
- 5 years of relevant experience in Cyber Security, IT/Cyber risk management, with minimum of 3 years in the design and implementation of IT/Cyber risk management program
- Extensive experience with the design, development, and implementation of IT/cyber risk assessment
- Knowledge in Cyber Security best practice and Risk analysis
- Working knowledge and expertise in various cybersecurity technology
- Good written and verbal communication skills with other risk management professionals to properly appreciate the company's key risks and create effective risk management solutions
- Experience working in various industries, including finance and banking. As a result, an IT/Cyber risk manager should have a thorough understanding of computer systems
- Experienced in Cyber risk assessment program is advantage
- Familiar with ISO/IEC 27000 series and frameworks such as COBIT, OSSTMM, ITIL, NIST and OWASP
