Information Security Specialist

Reports to:

  • Infrastructure Manager.


  • Implement and monitor a strategic, comprehensive enterprise information security and IT risk management program.

  • Work directly with the business units to facilitate risk assessment and risk management processes.

  • Implement and support Data Privacy framework.

  • Enforce implementation of and compliance with regional security policies.

  • Collaborate with senior management, regional security team, and corporate compliance to establish governance for the security programs.

  • Pro-active monitoring of security related policies and systems to identify and mitigate security risks.

  • Partner with business stakeholders across the company to facilitate training on minimizing threats to the IT systems and raise awareness of information security concerns.

  • Assist with the overall business technology planning by providing knowledge and recommendations on information security.

  • Support the information security scope of internal and external audits.

  • Lead and collaborate with the Information Security Management Representatives (ISMRs) for the surveillance audits and re-certifications of Information Security Management System (ISO 27001).

  • Ensure timely de-activation of user accounts for resigned staff and conduct periodic reviews of permissions for current staff.

  • Review periodically and keep security related documentation (SOPs, WI, forms, ISO, etc.) up to date.

  • Follow up and consolidate monthly ISMS report.

  • Partner with Quality Assurance team and Application Support team to conduct and maintain Computer System Validation (CSV) for local and regional IT systems.

  • Any other tasks related to information security, data privacy and compliance as assigned by the IT Infrastructure Manager.


  • Bachelor’s degree in a technology-related field required.

  • Professional security management certification is required.

  • Minimum 3-5 years of experience in risk management, information security and IT (IT Consultant and/or Compliance Lead on Information Security Management System (ISMS), Cyber Security with Internal Auditor and/or External Auditor on ISMS related certification or experience would be advantageous)

  • Knowledge of common information security management frameworks, such as ISO/IEC 27001 (ISMS).

  • Good written and verbal communication skills and high level of personal integrity.

  • Innovative thinking and leadership with an ability to motivate cross-functional, interdisciplinary teams.

  • Good organizational and documentation skills.

  • Excellent command of both written and spoken English.

If you would like to apply for this position, please send your resume to or fill in your information on the section below.

*All applications will be treated in strict confidentiality. All material submitted in connection with your application will become part of our confidential recruitment files. We regret that only shortlisted candidates will be notified.

Job Application

© 2019 by Ultimate Talent Consulting Co., Ltd. created with

  • LinkedIn Social Icon