IT Security Manager - Governance, Risk and Compliance , Lotus's

I balance exceptional delivery for customers on what matters, engaging teams and colleagues, with the needs of the business. I am an expert and often the first layer of management of people or projects.

Responsibilities

• Understand and interpret requirements across relevant IT Risk frameworks, map overlapping Technology policies and standards.
• Conduct Technology Risk Management, Help secure workflows, products, and operations across the company (Thailand & Malaysia) by identifying risk areas, providing recommendations on security compliance and IT governance best practices and authoring respective policies and procedures around security, data governance, and risk.
• Design, configure, and operate core security technologies, including Antivirus / EDR, Data Loss Prevention (DLP), and Vulnerability Assessment (VA) scanning tools, ensuring effective coverage and risk-based configuration.
• Oversee and coordinate the Vulnerability and Penetration Management Program, including risk prioritization, remediation tracking, and recommendation of appropriate mitigation solutions.
• Build & coordinate security awareness & training program for Thailand & Malaysia.
• Coordinate with internal audit, external audit and IT team to provide the information as audit request and update the current status of audit next step to IT management.
• Coordinate with Risk management in performing activities related to IT security, IT risk and compliance.
• Drive continuous process/services improvement to all security functions utilizing KPIs, KRIs and metrics.
• Be the point of contact (for Malaysia) to ensure that Security requirements and control are met with Policies & Standards as well as Security Operation & Monitoring.
• Other related duties as assigned.

Requirements

• 5+ years working in IT filed with a focus on information security or IT audit.
• Knowledge of ISO27001, PCIDSS and IT security control
• Exceptional communication, problem solving and cross-group collaboration skills
• Good command of written and spoken English
• Ability to present ideas in business-friendly and user-friendly language
• Ability to prioritize, track and manage a large number of divergent tasks and action items
• Ability to influence in a team-oriented, collaborative environment

Operational Skills Relevant for This Job

• Strong ability to analyze user requirements, make recommendations and implement solution
• Strong oral and written communication skills
• Strong presentation and interpersonal skills
• Ability to prioritize and execute in high-pressured environment
• Understanding of information security principles and best practice (e.g., ISO27001, PCIDSS, OWASP and GDPR/PDPA)
• Ability to present security topics to a non- technical audience and presenting the business value of security
• Good interpersonal skills with the ability to build and influence teams; and self-motivated

Benefits

Health Insurance – At Lotus's, we care about your health! Group insurance from a top insurance company is included in your benefits—OPD, IPD, Emergency OPD

Provident Fund – Lotus's cares about your long-term plan! We offer 3% provident fund.

Year-end bonus – We include variable and performance bonus for our employees.

Attractive Vacations days – Enjoy our attractive annual leave. Let’s say the minimum is 16 days!

No overtime – We work 5 days a week with. We set our own goals and deadlines.

Free car parking space – No more stress or extra cost if you drive to work. We offer free parking space for our employees.

Best Culture

• Clear focus.
• Diverse Workplace (Our members are from around the world!)
• Non-hierarchical and agile environment
• Growth opportunity and career path