Head of Technology & Security Risk
Job Description:About DentsuLed by Dentsu Group Inc. (Tokyo: 4324; ISIN: JP3551520004), a pure holding company established on January 1, 2020, the Dentsu Group encompasses two operational networks: dentsu japan network and dentsu international.Dentsu Security is responsible for the scope and delivery of information security activities that cover all dentsu international offices located across 145 countries globally.
Our Technology & Security Governance, Risk and Compliance team manages an extensive program covering technology & cyber security risk management, policies & controls, internal controls assurance, and third-party security.The Head of Technology & Security Risk will lead the Technology & Security Risk function, reporting directly to the Director for Technology & Security GRC.Key Responsibilities:Operate a technology & cyber security risk management function that ensures risks are identified, assessed, articulated, and acted upon in a proportionate manner – aligned to dentsu's enterprise risk management framework.Develop the global technology & cyber security risk strategy.Lead executive and management reporting for technology & cyber security risk.Act as a custodian for the technology & security policies and control framework, including overseeing regular reviews and driving continuous improvement.Innovate and lead change across Technology & Security Risk ensuring that both existing and future capabilities mature in line with commercial and industry standards.Own the risk and issue management module within the GRC platform.Manage key stakeholder relationships across global support functions and brands, promoting wider engagement with the Security function.Lead the Technology & Security Risk team, taking responsibility for the professional development of direct reports.Provide support to dentsu's security certification program including the Global Operations ISO 27001 management system.Candidate Profile:Experience in leading technology or cyber security risk within a global/large organisation.In-depth technology and cyber security knowledge, with a strong background in technology or cyber risk management.Thorough understanding of information security regulatory compliance.Demonstrable experience of security assessment methodologies and frameworks (ISO 27001, NIST, SOC2, PCI).Excellent stakeholder engagement and ability to drive change in a matrixed organisation.Experience of working with a high degree of autonomy, managing own and others' workload, and delivering to tight timescales.Proven ability to work in a collaborative environment.Experience in using enterprise risk management and assurance tooling.Experience in quantitative risk methodologies (desirable).Experience of ISO 27001 aligned security risk and governance programs (desirable).Security qualifications: CISSP, CISM, CISA, CRISC (desirable).Location:Kuala Lumpur - Wisma GuocolandBrand:Global TechnologyTime Type:Full timeContract Type:Permanent#J-18808-Ljbffr