Business Information Security Officer (BISO) JapanSingaporeKorea

Company:

Boeing Enterprise Security (BES) is on the lookout for a highly motivated East Asia region Business Information Security Officer (BISO) to join the Global Cybersecurity team.

The Global Cybersecurity program is dedicated to the assurance of cybersecurity regulatory framework compliance in-region security GRC advice and oversight and strategic cybersecurity solutions to enable global business operations.

The BISO will serve as the primary point of contact between the BES organizational functions and Boeing entities business programs and other stakeholders across the East Asia region. The BISO is the regions trusted cybersecurity partner and is responsible for maintaining strategic relationships with various organizational leaders/stakeholders from IT Legal and Security departments.

We are looking to have this person based either in Boeing Tokyo office Boeing Seoul office or Boeing Singapore office.

Type of contract in each region:

• Japan and Singapore will be hired as open ended.
• Korea will be hired on a 2 year-fixed term contract with possibility to convert to an open-ended contract subject to business conditions and individual performance.

Primary Responsibilities:

Facilitate the authority to operate (ATO) in a region

• Manage regulatory compliance and assurance activities (e.g. audits assessments attestations)
• Registration with East Asia regulatory authorities as an appointment Cybersecurity Focal/officer as needed
• Serve as a conduit between Enterprise Security Leaders/SMEs Cyber Legal Counsel regional partners and stakeholders

Champion Governance Risk and Compliance (GRC) responsibilities in East Asia region

• Assess cybersecurity risk and overall health that may impact business operations in the region
• Ensure regional compliance and alignment with Boeing Enterprise Security policy
• Identify/safeguard regional IT assets ensure effective governance minimum defensive controls and IT Preparedness Plans

Provide cybersecurity advisory project support and promote cybersecurity awareness

• Serve as the regional point person for cybersecurity requests and inquiries from internal / external customers
• Provide expert cybersecurity advisory to enable regional business initiatives and imperatives
• Promote awareness of BES directives cybersecurity policies and security best practices
• Partner with regional stakeholders to deliver comprehensive security planning and solutions

Basic Qualifications (Required Skills & Experience):

Having Strategic Business Acumen:

• An expert translator with the ability to convert complex technical security concepts into clear concise business language for non-technical stakeholders executives and regional Boards.
• Strong influencer leadership skills to gain buy-in from business leaders and partners without having direct authority over them
• An ability to act as a business enabler that can align Enterprise security initiatives to regional business objectives and imperatives.

Technical Expertise & Security Foundation:

• A technical fluency and strong understanding of the entire security domain (network/cloud data protection application identity/access management vulnerability incident response).
• In-depth knowledge of the security regulatory landscape across East Asia (China MLPS 2.0 various AI Laws/Acts PDP Acts) and familiarity with other global regulatory standards (ISO/IEC 27000 NIST SP 800-171 CSF)
• Proven ability to lead/conduct IT security risk assessments support internal security audits and prepare for regulatory assessments

Leadership & Cultural Fit:

• Ability to operate within a large complex global multicultural environment.
• Proactive innovative observant detail-oriented and tolerant of ambiguity with the flexibility to thrive in a dynamic environment
• Operates with a sense of urgency while maintaining a high standard of quality delivery.
• Professional collaborative respectful with a strong sense of accountability ethics and business integrity.

Preferred Qualifications (Desired Skills/Experience):

• 10 years IT/Security related work experience ideally with 5 years in a management/leadership role
• CISSP CISM CISA Security or other cybersecurity certifications
• 5 years presenting complex security risks strategies and concepts in business terms to executive leadership
• 5 years leading or conducting IT/cybersecurity risk assessment
• 5 years of experience with East Asiasecurity regulatory assessments and pertinent compliance activities
• 5 years proven experience working in a Security GRC related role
• Strong executive presence and business acumen excellent written and oral communication skills and the ability to translate technically complex issues into simple easy to understand concepts
• Experience working in an IT/Security role across multiple East Asia / APAC countries
• Multi-lingual with strong verbal comprehension and written English competence.

Typical Education & Experience:

• Advanced degree (e.g.. Bachelor Master etc.) preferred but not required.

Relocation:

Relocation assistance is NOT a negotiable benefit for this position. Candidate must live in the immediate area or relocate at their own expense.

Employer is NOT willing to sponsor applicants for employment visa status.

Other Job-related Information:

This requisition is for a locally hired position. Benefits and pay are determined at the local level and not on Boeing US-based payroll.

Other details will be communicated at the interview or in the selection process.

• Prepared to travel (Commitment up to 25%)
• Based near a Boeing Global business office
• Within easy travel access to an international airport hub
• Able to accommodate hybrid working (1-2 days a week onsite to meet with business leaders and IT/Law partners)

Language Requirements:

Education:

Relocation:

Security Clearance:

Visa Sponsorship:

Contingent Upon Award Program

Shift: