IT Security Leader

Take a step forward and let Edenred surprise you.

Every day we deliver innovative solutions to improve the life of millions of people connecting employees companies and merchants all around the world.

We know there are hundred ways for you to grow. With us you will expand your skills in a multicultural challenging and dynamic environment.

Dare to join Edenred and get ready to thrive in a globalcompany that will offer you endless opportunities.

Edenred is all about meritocracy. You come as you are and you contribute. Indeed the Edenred Group recognizes recruits and develops all talents and singularities.

We are committed to preventing all forms of discrimination and to providing all our candidates with equal opportunities regardless of their gender and gender expression disability origin religious belief and sexual orientation or any other criteria.

Edenred Taiwan as part of complementary solutions business line began investing in and building a digital e-ticket network in Taiwan in 2010. Under the Instant Voucher brand it integrates with major department stores high-volume restaurant chains and numerous enterprise platforms and e-commerce channels. Over the years the company has focused on the development of e-tickets accumulating numerous invention patents and issuing over 250 million e-tickets to date.

The Global IT Security Department at Edenred defines and leads cybersecurity strategy and programs via an international cybersecurity unit. It is also responsible for ensuring that the policy is properly implemented and applied by defining and deploying a reference framework preventive and corrective security measures an organizational structure and technical solutions for crisis management and regular security checks in all of the Groups host countries.

• YOUR ROLE

The IT Security Leader will be responsible for IT Security & Resiliency of Edenred Taiwan. This position reports to the business line CISO (direct report in Paris) and Edenred Taiwan CTO (dotted line).

He/she will work with local teams in Taiwan and APAC region collaborate and be supported by Group teams based primarily in Paris and Bucharest which provide expertise processes and solutions for all cybersecurity domains.

Key Responsibilities

He/she will:

• Steer local cybersecurity governance (KPIs/KRIs programs committees roadmap budget)
• Manage and coordinate local ISO 27001 certification efforts to ensure successful renewal
• Partner with product/engineering teams to identify assess prioritize and mitigate security risks
• Do threat modelling and security reviews early in the design process of products/platforms
• Work with and train development teams to integrate security best practices into SDLC
• Contribute to security audit alert and incident response related to products and platforms
• Orchestrate IT security controls execution (e.g. scans) and ensure findings remediation
• Stay up to date with the latest security trends vulnerabilities and mitigation techniques

He/she will also bring a 1st level of support to other(s) BU(s) in APAC region collaborating with cybersecurity peers when needed to ensure continuous support to operations.

Qualifications

The successful candidate will be an information security professional motivated by business understanding and strong interest in product security with a proven and successful experience in implementing security by design in strategic projects in conjunction with business and IT leaders.

He/she has a 5 years experience in a similar function or in application/product security roles. He/she is graduated from bachelors degree in information technologies IT security or similar.

Key qualifications:

• Excellent communication with ability to convey complex security concepts to all
• Adaptation to the audience and anticipation of issues preparing for possible resistance
• Strong analytical and problem-solving abilities and attention to detail
• Proactive and solution-driven with advanced organizational skills
• Capacity to pick the right battles and increase efficiency through automation
• Team spirit and agility working closely with various experts to achieve shared objectives

Technical skills:

• Robust technical skills for in-depth understanding of any technical aspect needed
• Strong knowledge of secure coding practices design patterns and common vulnerabilities
• Experience in performing threat modelling architecture/design and security assessments
• Proficiency in leading cybersecurity governance and committees

The candidate will be result-oriented with a can-do attitude capable of persuading and influencing others in the organization to recognize that security is paramount and not an option.

Languages required: fluent in oral and written English and Chinese (Mandarin)

Nice to have-

• Experience with payment security and fraud prevention
• Experience with ISO 27001 certified environments (re-)certification maintenance/process
• Experience in matrix and international IT organizations
• Experience with cloud-native security (Azure AWS GCP)
• Relevant certifications: ISO 27005 Risk Manager ISO 27001 Implementor CISSP CEH

Apply now and Vibe with Us!