Regional Manager, CDI Business and Product Security GRC

Singapore - Singapore

Monthly Salary: Not Disclosed

Posted on: 30+ days ago

Vacancies: 1 Vacancy

Job Summary

Location: Singapore Singapore

Thales is a global technology leader trusted by governments institutions and enterprises to tackle their most demanding challenges. From quantum applications and artificial intelligence to cybersecurity and 6G innovation our solutions empower critical decisions rooted in human intelligence. Operating at the forefront of aerospace and space cybersecurity and digital identity were driven by a mission to build a future we can all trust.

In Singapore Thales has been a trusted partner since 1973 originally focused on aerospace activities in the Asia-Pacific region. With 2000 employees across three local sites we deliver cutting-edge solutions across aerospace (including air traffic management) defence and security and digital identity and cybersecurity sectors. Together were shaping the future by enabling customers to make pivotal decisions that safeguard communities and power progress.

Summary

The role of the Thales CDI Business and Product Security GRC Manager is responsible & accountable for Security Governance and Oversight for all Thales CDI Business Security including Operations Product and Outsourced activities (Manufacturing Personalization Software Development etc.) in APAC. This includes Physical / Logical Security Operations & Certifications compliance to ensure the deployment implementation and enforcement of security policies and practices are in accordance to Thales CDI and Regulatory Security Requirements.

Responsibilities

Reporting to the CDI Regional Security Director the role is responsible and accountable for Security Governance and Oversight of CDI Asia Business Security including Operations Product and Outsourced activities.
Act as the Tactical Process Manager bridging security personnel and organizational leaders to facilitate achievement of strategic security objectives.
Oversee business and operational security management related to but not limited to personnel physical production and IT security across various Secure Product manufacturing and personalization sites within the region (Module Card Document & ID).
Ensure information security oversight at Asia regional sites complies with organizational security requirements certifications and applicable regulations.
Provide expert advisory and guidance to sites for achieving and maintaining required accreditations and ongoing compliance with security regulations in accordance with regulatory requirements and applicable standards such as GSMA-SAS ISO 14298 ISO 27001 PCI-CP etc. (with accountability for outcomes)
Act as Regional (PoC) for Industry 4.0 initiatives for Manufacturing and Banking activities.
Conduct risk assessments and regular audits for internal and external stakeholders
Ensure that security risks and issues are appropriately identified managed and mitigated in a measurable manner following corporate policies and customer requirements.
Experience and familiarity with Cloud Security to ensure GRC and assurance for business cloud security including AWS Azure GCP Kubernetes serverless and data protection practices.
Act as domain expert and trusted advisor to provide management with inputs and recommendations to ensure proactively manage risks and protection of CDI Customer and partner information assets and data.

REQUIREMENTS

10 years of progressive experience in IT / IT Security Security Governance Risk and Compliance (GRC) ideally within high-security manufacturing data center and adjacent industries.
Audit Expertise: 3 years of experience leading external audits for GSMA-SAS PCI-CP or ISO 27001 certifications.
Certifications preferred: CISSP CISA CISM.
Operational Physical and IT Security knowledge and experience.
Knowledge in Cyber & Cloud Security
Risk Management: Expertise in conducting formal risk assessments and business impact analyses.
Security auditing experience will be added advantage
GRC tools and security dashboards (e.g. Splunk Grafana Kibana Power BI) to manage and report on security posture.
Able to travel 20-30% of time within Asia as needed.

Other Information:

Working Location: One North
Working Hours: Monday - Friday 9am - 6pm

At Thales were committed to fostering a workplace where respect trust collaboration and passion drive everything we do. Here youll feel empowered to bring your best self thrive in a supportive culture and love the work you do. Join us and be part of a team reimagining technology to create solutions that truly make a difference for a safer greener and more inclusive world.

Required Experience:

Manager

Location: Singapore SingaporeThales is a global technology leader trusted by governments institutions and enterprises to tackle their most demanding challenges. From quantum applications and artificial intelligence to cybersecurity and 6G innovation our solutions empower critical decisions rooted in...

Location: Singapore Singapore

Summary

Responsibilities

Reporting to the CDI Regional Security Director the role is responsible and accountable for Security Governance and Oversight of CDI Asia Business Security including Operations Product and Outsourced activities.
Act as the Tactical Process Manager bridging security personnel and organizational leaders to facilitate achievement of strategic security objectives.
Oversee business and operational security management related to but not limited to personnel physical production and IT security across various Secure Product manufacturing and personalization sites within the region (Module Card Document & ID).
Ensure information security oversight at Asia regional sites complies with organizational security requirements certifications and applicable regulations.
Provide expert advisory and guidance to sites for achieving and maintaining required accreditations and ongoing compliance with security regulations in accordance with regulatory requirements and applicable standards such as GSMA-SAS ISO 14298 ISO 27001 PCI-CP etc. (with accountability for outcomes)
Act as Regional (PoC) for Industry 4.0 initiatives for Manufacturing and Banking activities.
Conduct risk assessments and regular audits for internal and external stakeholders
Ensure that security risks and issues are appropriately identified managed and mitigated in a measurable manner following corporate policies and customer requirements.
Experience and familiarity with Cloud Security to ensure GRC and assurance for business cloud security including AWS Azure GCP Kubernetes serverless and data protection practices.
Act as domain expert and trusted advisor to provide management with inputs and recommendations to ensure proactively manage risks and protection of CDI Customer and partner information assets and data.

REQUIREMENTS

10 years of progressive experience in IT / IT Security Security Governance Risk and Compliance (GRC) ideally within high-security manufacturing data center and adjacent industries.
Audit Expertise: 3 years of experience leading external audits for GSMA-SAS PCI-CP or ISO 27001 certifications.
Certifications preferred: CISSP CISA CISM.
Operational Physical and IT Security knowledge and experience.
Knowledge in Cyber & Cloud Security
Risk Management: Expertise in conducting formal risk assessments and business impact analyses.
Security auditing experience will be added advantage
GRC tools and security dashboards (e.g. Splunk Grafana Kibana Power BI) to manage and report on security posture.
Able to travel 20-30% of time within Asia as needed.

Other Information:

Working Location: One North
Working Hours: Monday - Friday 9am - 6pm

Required Experience:

Manager

Key Skills

Apply Now

About Company

Thales

In all critical environments - air, land, sea, space and cyberspace - decision-makers, operators, crews and members of our armed services and security forces are faced with millions of important decisions every day. It is in supporting these people that Thales in the United States ha ... View more

View Profile View Profile

AI AutoApply

Apply to 100+ jobs with one click