Lead the development and execution of the SCBX group's multi-year cybersecurity strategy, aligning it with business goals, risk appetite, and emerging threats. This includes defining strategic objectives, key initiatives, and resource allocation.
Provide expert guidance and oversight in the establishment and enforcement of cybersecurity policies, standards, and procedures across the SCBX group, ensuring compliance with internal policies, industry standards (e.g., NIST, ISO 27001), and regulatory requirements (e.g., BOT, PDPA, GDPR).
Direct comprehensive security assessments and risk analyses across the SCBX group to identify vulnerabilities, assess risk exposure, and develop mitigation strategies. This includes overseeing penetration testing, vulnerability scanning, and security audits.
Serve as a trusted advisor to senior management on cybersecurity matters, providing strategic insights, risk assessments, and recommendations for enhancing the organization's security posture.
Champion a culture of security awareness across the enterprise by developing and promoting effective training programs and communication strategies.
Oversee the establishment and maintenance of Cybersecurity Operating Models and related cybersecurity processes, ensuring alignment with industry best practices and business needs.
Define, track, and report on key cybersecurity performance metrics (KPIs) and risk indicators (KRIs) to measure the effectiveness of cybersecurity strategies, risk management practices, and compliance efforts. Provide regular updates and strategic recommendations to senior management and the board of directors.
Represent SCBX at industry events and forums, contributing to thought leadership and staying abreast of emerging trends and threats.
Mentor and guide team members, fostering their professional development and contributing to the growth of the cybersecurity team.
Qualifications:
Bachelor’s or Master’s degree in Information Security, Computer Science, or a related field preferred.
10+ years of progressive experience in security assessment, Strategy development, Security Advisory and Consulting expiring is required with a proven track record of developing and implementing in large, complex organizations, preferably within the financial services industry, global consulting firms.
Advanced professional certifications such as CISSP, CISM, or equivalent are required.
Extensive experience working with regulatory frameworks and industry standards such as BOT, PDPA, GDPR, NIST, ISO 27001, and SOC2.
Deep understanding in security assessment, Strategy development, Security Advisory and Consulting expiring is required.
Broad understanding of various security domains, including GRC, IAM, Cloud Security, Data Security, Application Security, and Cyber Defense, with expertise in contemporary security concepts such as Zero Trust and DevSecOps.
Exceptional leadership, communication, and presentation skills, with the ability to influence and collaborate with stakeholders at all levels, including executive leadership and the board of directors.
Proven ability to think strategically, analyze complex situations, and develop innovative solutions to cybersecurity challenges.
Strong analytical, problem-solving, and decision-making skills.
Experience in leading and managing large-scale cybersecurity projects and initiatives.
Skills
Computer Science
Information Security
CISSP
Functions
Project & Product Management
Job Overview
Job Type:
Hybrid
Company
SCBX
19 active jobs
Industry:
Banking & Finance
Ready to Apply?
Submit your application now and take the next step in your career journey.
