IT Security Leader, Asia

Flight Centre Travel Group
Industry : Travel Agent or Tour Operator
Sector : Travel Agent (Retail/Leisure)
Function : Information & Technology
Type : Full time

Job Description

Flight Centre Travel Group is looking for a forward looking and dynamic leader to provide direction for the security technologies and capabilities within the Asia businesses within the organisation and drive the regional security practice. Reporting to the CTO, Asia, the IT Security Leader, Asia,  will have a strong understanding of security and privacy principles, and a sound understanding of the regulatory environment affecting the business.
The IT Security Leader, Asia will need to have a solid understanding of the business drivers affecting security within the company as well as providing up to date security expertise across the region. The IT Security Leader will lead the design, implementation, operation, and maintenance of the information security management system within the company.

Key Responsibilities
Security Risk Management
Work with IT Director, CTO, CISO and Risk to identify risk exposure and manage the security risk to the organisation within the risk appetite
Review and evaluate new security technologies and practices for introduction into the organisation to reduce risk
Implement a systematic and structured process for the identification and management of security risks

Security Governance
Review, maintain, and disseminate security policies in line with FCTG’s risk appetite, security strategy, relevant laws and security standards, and best practice
Implement, monitor and review security controls in accordance with the organisation’s security policy and business drivers
Lead the implementation and management of an internal and external audit and security testing program to validate compliance with security policy
Monitor new threats as they evolve and adjust risk management plans and security controls as necessary
Assess the security of 3rd parties with whom FCTG has a requirement to share information or business processes

Security Management
Lead the design, implementation, operation, and maintenance of the information security management system for the businesses
Work with architecture and delivery teams to ensure projects and applications are designed and implemented in line with security policy and best practice
Custodian of the Information security awareness initiative and provision of training (policies, procedures, communication) to all staffs on a periodic basis
Liaise with business and project stakeholders as required to provide security guidance and input

Incident Response
Lead, manage and resolve IT security incidents and escalations in a timely manner
Ensure security learnings are recorded, and improvement strategies are tracked and delivered
Assist in the Technical Asia Security Operations requirements

Role Requirements
Essential Requirements
4+ years of experience in information security or technical operations role
2+ years in an information security leadership role
Self-awareness and exceptional ‘EQ’ and soft skills
Demonstrated highly developed oral and written English communication skills, with the ability to communicate comfortably with large groups and executives, and to articulate technology visions and solutions to non-technical stakeholders
Ability to take the initiative, make informed and measured decisions and deliver outcomes from those decisions
Ability to analyse and simplify complex problems, evaluate them systematically, identify causal relationships and construct frameworks for problem solving
Ability to think ahead and establish an appropriate course of action taking into account the constraints imposed
In-depth experience in incident investigation and forensics
Experience with solutioning and implementation of security tools such as Log management, IPS/IDS, Anti-DDoS, SIEM, Data Leakage Prevention, Proxy, Automation & Orchestration, AV, CASB and FW.
Experience in design and implementation of a secure infrastructure on major Cloud platform providers and have knowledge of cloud security best practices and industry security requirements
In-depth knowledge of Security frameworks such as ISO27002, PCI DSS
Relevant security certifications such as CISSP/CISM, CEH
This role will also require to be available for incident and emergency handling outside standard office hours.
Is this the career opportunity you have been waiting for? Apply today!

Read Full Job Description
Subscribe to our newsletter
Sign up here to get the latest news, updates and special offers delivered directly to your inbox.
You can unsubscribe at any time