Information Security & Resilience Analyst APAC

at  abrdn

Job Description
Information Security & Resilience Analyst APAC
Security, Resilience & Protection (SRP) APAC
Location: Singapore

About the Role

• To support the regional SRP function in all matters relating to Information Security, Data Privacy, Operational Resilience and Third Party Risk Management working closely with regional and in country teams, as well as head office based colleagues in Security, Privacy, Resilience & Third Party risks.
• To assist in ensuring the abrdn APAC business proactively manages information security and data privacy risks in line with risk appetite, and operates in a way that complies with the requirements of the relevant regulations and legislation.
• To act as a point of contact for our business in APAC on security matters and maintain a productive working relationship between security, technology teams and the wider business.

This role reports into the Head of Technology, Security Resilience & Third Party Governance, APAC.

Roles and Responsibilities

• To support regional businesses and teams in the matters of Information Security and Data Privacy, for activity relating to project, regulatory liaison or assessment, client reporting as well as supporting ongoing business operations.
• To review, assess and interpret in country regulations and legislation in relation to Information / Cyber Security and Data Privacy, as well as wider IT Governance / IT Risk.
• Assist the oversight of the region and in countries’ risk and compliance position in relation to Information Security and Data Privacy, and report regularly on plans, key risks and issues.
• To prepare new initiatives, projects, or material business / IT changes support the preparation of security risk assessments and data privacy impact assessments.
• Support the delivery of security related education and awareness for colleagues across APAC.
• To recommend improvements in practices, processes and capabilities to ensure that abrdn APAC operates to the required standards and within risk appetite.
• Prepare regular reporting of regional Information/Cyber Security and Data Privacy status.
• To coordinate and respond in the event of security/privacy incidents.
• To support regional Operational Resilience and Business Continuity (BCP) activities.
• To support regional Third Party Risk Management and Governance activities.

Key Skills, Qualifications & Experience

• Prior Cyber Security, Information ecurity, Data Privacy, Third Party Management or Technology Risks related experience in a similar or related role is preferred.
• Recognized professional information security qualification is preferred but not essential. Ability to balance security with other factors or concerns. Understanding of business use of technology.
• Experience of working in a Financial Services, Investments or Asset Management or professional services environment is desired.
• Knowledge of control and risk management processes is required. Ability to frame decisions in terms of risk and to make risk judgements is essential. Experience in managing threats and risks in a complex environment and in particular balancing these against business requirements is desired.
• Audit knowledge or experience is preferred.
• Sound planning skills with high level of organisation and discipline to meet specific targets and objectives.
• Able to work with others in the organisation and able to build relationships and trust.
• Able to communicate effectively with others at all levels verbally and in writing and able to translate technical terms into business language.
• Strong Microsoft Office skills is required.

We value diversity in our workforce and welcome enquiries from everyone.
We’re committed to providing an inclusive workplace where all forms of difference are valued and which is free from any form of unfair or unlawful treatment. We define diversity in its broadest sense – this includes but is not limited to our diversity of educational and professional backgrounds, experience, cognitive and neurodiversity, age, gender, gender identity, sexual orientation, disability, religion or belief and ethnicity and geographical provenance. We support a culture that values meritocracy, fairness and transparency and welcomes enquiries from everyone.
If you need assistance or an adjustment due to a disability please let us know as part of your application and we will assist

About the Role

• To support the regional SRP function in all matters relating to Information Security, Data Privacy, Operational Resilience and Third Party Risk Management working closely with regional and in country teams, as well as head office based colleagues in Security, Privacy, Resilience & Third Party risks.
• To assist in ensuring the abrdn APAC business proactively manages information security and data privacy risks in line with risk appetite, and operates in a way that complies with the requirements of the relevant regulations and legislation.
• To act as a point of contact for our business in APAC on security matters and maintain a productive working relationship between security, technology teams and the wider business

Roles and Responsibilities

• To support regional businesses and teams in the matters of Information Security and Data Privacy, for activity relating to project, regulatory liaison or assessment, client reporting as well as supporting ongoing business operations.
• To review, assess and interpret in country regulations and legislation in relation to Information / Cyber Security and Data Privacy, as well as wider IT Governance / IT Risk.
• Assist the oversight of the region and in countries’ risk and compliance position in relation to Information Security and Data Privacy, and report regularly on plans, key risks and issues.
• To prepare new initiatives, projects, or material business / IT changes support the preparation of security risk assessments and data privacy impact assessments.
• Support the delivery of security related education and awareness for colleagues across APAC.
• To recommend improvements in practices, processes and capabilities to ensure that abrdn APAC operates to the required standards and within risk appetite.
• Prepare regular reporting of regional Information/Cyber Security and Data Privacy status.
• To coordinate and respond in the event of security/privacy incidents.
• To support regional Operational Resilience and Business Continuity (BCP) activities.
• To support regional Third Party Risk Management and Governance activities