Information Security Manager
Detail posisi
UNIQLO (Thailand) Co., Ltd. is seeking an Information Security Manager to play a key role in Corporate Security, focusing on governance, compliance, risk assessment, and awareness in local ISO, while also supporting regional ISO efforts across several countries.
Kewajiban
• Handling Information Security Management, address the information security threats and incidents and drive remediation.
• In conjunction with the Legal team Identify information management and protection laws and regulations and implement actions to ensure compliance with relevant information management and protection laws.
• Identify, track and oversee internal and external compliance and regulatory requirements (PCI, Data Privacy, etc.) for the organization including compliance with established policies, procedures, standards, baselines and controls.
• Maintain an information management and protection framework for an effective company-wide governance programme.
• Manage information security awareness programs and provide training to all staff on a basis.
• Manage day-to-day security activities, including conducting vendor security assessment, privacy security assessment, implementing company policies, and communication related to the information security programme.
• Manage and Support the Information Security requirements across different BUs.
• Support other local ISO members in different regions as a regional ISO team member.
Kualifikasi
• Bachelor's Degree and above in Information Technology, Security, Computer Science, or equivalent major.
• Business level communication in Thai and English (IELTS 6.5+, TOEIC 800 or Equivalent Certification is Preferred).
• Having minimum 8 - 12 years of experience in Information security governance, Risk and Compliance.
• Strong knowledge and Experience in information risk assessment and compliance needs.
• Strong knowledge and Experience in information security frameworks.
• Strong knowledge and Experience in applicable laws, regulations, and standards relating to security and data privacy.
• Good understanding of information security governance frameworks such as ISO27001 (and ISO27701 framework, etc.).
• Understanding and ability of risk analysis for cyber threats. (Preferred).
• Other technical and/or security certifications preferred. (e.g. CISA, CISM, CISSP, SANS, GIAC, etc.) (Preferred).
• Highly motivated and strong sense of responsibility and ownership.
• Ability to multitask, prioritize work effectively and manage tasks/projects to completion.
• Ability to work independently and within a team environment.
• Ability to make Business Process Analysis.
• Preference for candidates with multinational work experience.
• Regional travel is required.