AI-generated summary
beta
This job is an Information Security Manager for the APAC region at Chubb. You might like this job because you'll lead cybersecurity efforts, shape security culture, and ensure businesses safely thrive across multiple countries.
Undisclosed
Malaysia, Kuala Lumpur
Job Description
Purpose
Are you interested in spearheading cybersecurity excellence in a growth and diverse region? Chubb is seeking a seasoned Information Security Manager to lead our information security initiatives across multiple countries in the APAC region. This is a unique opportunity to make a significant impact by shaping the regional security culture and enabling business to thrive securely.
As Information Security Manager, you will be responsible for safeguarding Chubb’s operations by leading the countries cybersecurity mandate, fostering a strong security culture, and ensuring compliance with security standards. This role covers a portfolio of multiple country business and requires strong relationship management and influencing skill, as well as in-depth security knowledge and understanding of the regional cyber regulatory landscape.
The incumbent will be a senior member of the APAC RISO Information Security team, part of Global Information Security (GIS).
Ability to drive and support the GIS agenda consistently across a growing, highly complex geography and diverse working culture is critical success criteria for the role.
Strategy and Program Leadership
Lead the Information security program across assigned countries
Ensure implementation of CISO priorities owned by business CIOs & delivery teams, acting as escalation point
Embed security into business requirements
Provide transparency & insights to the GIS leadership on program deployment and security strategy requirements
Security Governance
Chair monthly meetings to review the GIS program status, risk exposure, and support CIO & COO to drive risk mitigation plan
Represent GIS in quarterly business reviews, enterprise risk management committees and country board meetings
Review risk and performance indicators, CIO scorecards and act as escalation point to drive the risk to appetite
Transformation & Integration, M&A
Lead security planning and resourcing to scale and support business growth
Provide leadership and security expertise to Business executive on integration programs and M&A activities
Issue and Exception Management
Review and challenge control deviations, perform risk assessments and provide remediation recommendations
Ensure new issues and exceptions align with the GIS Cyber Governance framework
Review and challenge issue remedial plans, engage owners for risk-based remediation and escalate overdue issues for rectification
Security Risk assessment
Ensure new technology initiatives and changes are built with security by design in collaboration with security architecture and technical security teams
Provide security advisory support to assist business and technology comply with GIS security policies and standards
Identify thematic and systematic security risks in business process, application and infrastructure
Perform risk assessment and provide recommendation for mitigation
Liaise with business and technology leadership to drive the remedial plan
Provide update to GIS management for the remedial plan and progress
Stakeholder Management
Maintain effective relationships with senior business leaders and partners (CIO, COO, CRO, President, Business executives)
Influence executives to support cyber security risk management improvements
Raise awareness of Cyber threats, ensuring adequate coverage for business’ information security program
Regulatory, audit and client engagement
Identify cyber and information security requirements applicable to the Business in partnership with Legal & Compliance function
Perform gap assessment against new cyber regulations. Engage GIS domain SME as appropriate to define action plans
Lead audit, client and regulatory cyber engagements
Incident Response
Oversee, support and report on business security incidents in collaboration with Global SOC, the Privacy function, and the regional executive teams.
Job Requirements
Qualifications
Bachelor’s degree in computer science, Information Systems, or a related field (preferred).
Professional certifications such as CISSP, CISM, or equivalent (preferred).
Familiarity with the insurance industry (preferred)
Extensive experience (10+ years) in information security, with expertise in implementing and leading security programs across geographic portfolios.
Strong knowledge of industry standards and frameworks (e.g., ISO 27001, NIST CSF, ISF SoGP).
Proven ability to influence senior stakeholders and align country, regional, and global security requirements.
A self-starter with strong interpersonal skills and the ability to work independently and in a matrixed format.
Strong verbal and written communication and presentation skills, including providing technical information effectively with non-technical audiences.
Experience with APAC regulatory compliance requirements related to information and cybersecurity, including familiarity with regional frameworks, standards, and regulations
Technical expertise in application security, infrastructure security, and vulnerability management.
Company Benefits
Professional career growth
Chubb makes substantial investments in its people so they have opportunities to grow professionally.
Chubb associate program
Get connected with the training, development, mentoring and experiences you’ll need to grow at our company!
Mobility
Employees are exposed to a variety of markets and ongoing opportunities to learn, network, progress and succeed.
Additional Info
Company Activity
Last active - few days ago
Experience Level
0 - 10 Years of Experience
Company Profile
