Regional Security Officer - leading supplier for Semi-Conductor
Regional role with strong exposure in Greater China
Excellent salary package and career development opportunity
About Our Client
ASML is an innovation leader and the largest supplier in the world of photolithography systems for the semiconductor industry.
- The RSO will represent the region in all global Security initiatives to help shape a truly global Security Risk process that will work within the region as well as in main office.
- Provides seamless coordination between the region, COMPANY X sectors and COMPANY X Sector Security Risk Managers on security matters:
- Support Pan-COMPANY X security risks addressed by central programs (in IT, R&D, Supplier Mgt, Ops) with local execution.
- RSO executes local programs addressing Country risks, using the centrally set policy. The center may support in terms of means and methods, leveraging expertise into the region.
- Drives the management of Country security risks concerning the Confidentiality, Integrity and Availability to agreed levels
- Ensures compliance with internal security policies and external industry standards, legal obligations, industry regulations and customer requirements ¡V in relation to security
- The RSO shall be accountable for the: In-region people, processes, networks, systems, websites and products are compliant with the COMPANY X processes and Security Polices.
- Compliance to the Informational and Physical Security Policies are enforced across all key sites in the region.
- The Security Strategy is adequately addressed, with status reports and metrics as per the Security Control Dashboard. A pan-COMPANY X security awareness culture is implemented through the Knowledge Protection Champion Network.
- The RSO ensures Country buildings comply with COMPANY X Physical Security Standard and requirements as first line of defense for protecting COMPANY X people, IP and assets.
- Be the lead on Information Security issues across the China region, assessing and mitigating risks thereby ensuring that COMPANY X fulfils its Corporate and Social responsibility to provide a secure environment.
- Execute the COMPANY X Security strategy in the region to meet business needs and corporate requirements providing professional advice on Information Security risk management.
- Ensure that COMPANY X Security policies, procedures and guidelines are applied consistently and in accordance with in-country legislation, mitigating liabilities in close collaboration with local Legal personnel.
- Maintain a security management framework to protect Information assets and information within the region.
- Build excellent working relationships with COMPANY X people and partners championing security risk management across the country/region.
- Perform risk assessments when required and provide COMPANY X Security risk related input to the COMPANY X Country Risk Register
- To ensure Information Security investigations are coordinated and remedial action plans put in place following security breaches and failures, identified through audits/crime reports and other sources within the country/region
The Successful Applicant
- Over 10 years Information Security experience.
- Minimum of 5 years Management experience leading diverse teams
- Able to engage Senior Leadership to translate Information Security Risk into actionable Business concepts
- Ability to build strong, trusting relationships with customers, suppliers, technical and non-technical user base;
- Extensive experience in planning innovative strategic security improvement programs
- Independent Achiever working in remote conditions and time zones
- Able to influence geographic separated peers
- Excellent leadership, influencing and interpersonal skills
- Solid project management experience
- Able to summarize and communicate technical data to a non-technical audience
- Sound understanding of security technologies, techniques and best practices
- Ability to build strong, trusting relationships with customers and suppliers;
- Excellent analytical skills * Excellent verbal and written communication skills
- Highly-motivated, with a strong work ethic and able to work effectively under minimal supervision Certifications and/or Membership
- Master degree in Information Science/Security or equivalent experience
- Valid industry certifications such as the Certified Information Systems Security Professional (CISSP), CISM, CRSK, CCSP, etc.
- Experience multiple frameworks (ISO 27001, NIST, CIS20)
- Some travel will be required
What's on Offer
- Strong exposure and great career opportunity within the group in the region
- Key role who will drive initiatives and development the function
- Excellent employment branding