Regional Business, Cybersecurity Risk and Compliance Manager

Key Responsibilities

• Lead Business Security Governance & Oversight for Asia operations, ensuring alignment with corporate policies and regulatory standards.
• Implement and maintain site security operation processes across personnel, physical, IT, and production environments.
• Ensure ISO27001 compliance and support other certifications (e.g., PCI-CP CC/EMVCo, GSM-SAS).
• Act as Subject Matter Expert (SME) for security-related queries, risk mitigation strategies, certifications and upkeep of ongoing security & regulatory requirements
• Conduct risk assessments, audits, and support accreditation efforts across internal and outsourced activities.
• Develop and maintain the Security Management System (SMS) and ensure KPI compliance.
• Collaborate with business leaders to deploy security frameworks and controls.
• Lead investigations into security incidents and provide actionable reports.
• Monitor and advise on cloud security, including AWS, Azure, GCP, Kubernetes, serverless, and data protection practices.
• Utilize GRC tools and security dashboards (e.g., Splunk, Grafana, Kibana, Power BI) to manage and report on security posture.
• Any other special projects as specified, as and when required.
• Travel within Asia (20–30%) to support regional security operations.