Talent.com
你所在的国家不提供此工作机会。
Senior Manager, Group Information Security

Senior Manager, Group Information Security

FWD Life Insurance CorporationTaikoo Shing, Hong Kong
23 天前
职位描述

About FWD Group

FWD Group is a pan-Asian life and health insurance business that serves approximately 30 million customers across 10 markets, including BRI Life in Indonesia. FWD’s customer-led and digitally enabled approach aims to deliver innovative propositions, easy-to-understand products and a simpler insurance experience. Established in 2013, the company operates in some of the fastest-growing insurance markets in the world with a vision of changing the way people feel about insurance.

For more information, please visit

PURPOSE

  • Lead and Drive FWD Data Protection Program (“DPP”) for FWD Group and all Business Units (10 Business Units).
  • Define and partner with stakeholders in a multi-disciplined team structure, designing and implementing DPP security solutions to provide coverage across a variety of projects
  • Lead stakeholders’ and vendors engagements and providing subject matter expertise to all Business Units across all Markets of FWD.
  • Drive change and define enhancement to the DPP Target Operating Model, heavily affecting the influence on vendor to improve the solutions.
  • Constantly kept abreast of key regulatory requirements and data protection laws, including emerging threats internally and externally.

KEY ACCOUNTABILITIES

  • Define and execute Data Protection Roadmap, including use of Artificial Intelligence (AI).
  • Support the Head of Group Information Security Engineering and Group CISO in defining and maintaining the DLP Engineering framework for FWD Group.
  • Drive awareness and support to Group Information Security, Group IT and Business Units IT, to understand the DLP Security Solutions and Processes, as well as their implications across the organization.
  • Drive DLP Security Engineering Initiatives and Projects definition and implementation, selection of solutions and architecture, as well as define operations framework and its continuous improvement.
  • Develop deep working relationships with senior executives across engagement teams.
  • Responsible for executing large-scale project deliveries
  • Manage teams and mentor junior resources.
  • Act as a subject matter expert in DPP and provide Level 4 support, reducing dependencies from external vendor support.
  • Oversee infrastructure and microservices security architecture (inclusive of : container security architecture, data security architecture, network security architecture and operational security architecture).
  • Review the infrastructure & microservices design against different security regulatory, industry and internal standards such as PCI DSS and CSA Containers' security guidelines and identifying the necessary security architecture requirements for the same.
  • Review the infrastructure & microservices network and data architecture and identifying the necessary security architecture requirements for the same.
  • Ensure that final design addresses identified threats and countermeasures during threat modelling
  • Build knowledge capital through research and development and leveraging industry insights to deliver best of breed expertise to stakeholders.
  • Lead the growth of cloud security practice across business units, project team and other stakeholders
  • Drive DLP Information Security Engineering Initiatives and Projects definition and implementation, selection of solutions and architecture, as well as define operations framework and its continuous improvement.
  • Continuously improve the Data Protection Program to adapt the changing threat landscape.

    • QUALIFICATIONS / EXPERIENCE

  • Minimum of 12 years’ experience in project management, data privacy and protection, and security risk management.
  • Extensive knowledge of technical Data Protection solutions and mechanisms (data discovery, data leakage controls, data tagging, data rights management, encryption, tokenization, masking, hashing, etc.)
  • Experience in the insurance industry is an advantage.
  • Ability to act as a data protection role model within the organization.
  • Ability to summarize complex and technical.

    • KNOWLEDGE & TECHNICAL SKILLS

  • Certification in CISSP, CDPSE or equivalent
  • Good communication and presentation skills
  • Express issues succinctly to senior stakeholders and to be flexible and pragmatic with advice
  • Self-driven, autonomous, and result-oriented
  • Exceptional interpersonal, analytical and presentation skills
  • A team player and ability to lead managers, consultants and security analysts in your team.
    • 为此搜索创建职位提醒

    Senior Manager • Taikoo Shing, Hong Kong