Security Manager I - Digital Risk
108677
- Gurugram
You will shape and support the development of the AsiaX Digital Risk agenda—encompassing cybersecurity, digital resilience, Responsible AI (RAI), and Data Risk—by translating global strategy into effective, region-specific implementations.
You will establish robust reporting frameworks to measure program efficiency and lead regional compliance for data protection and AI security, closely monitoring regulatory changes to drive prioritized remediations and ensure continuous audit readiness for key certifications like ISO/IEC 27001 and SOC 2 Type 2. Acting as a trusted regional advisor, you will provide pragmatic guidance to internal stakeholders, articulate security trade-offs in business-relevant language, and expertly manage client security audits and escalations.
Additionally, you will drive our digital resilience by implementing comprehensive BCP/DR strategies and running recovery exercises, while simultaneously co-developing and operationalizing RAI controls utilizing your hands-on experience with AI tools. Partnering closely with product and IT teams, you will drive a secure Software Development Life Cycle (SDLC), perform rigorous product security reviews, manage vendor penetration testing, and design vital security guardrails across cloud, IAM, APIs, and data. Finally, you will oversee third-party vendor risk management for the region and establish key performance metrics to track vulnerability remediation, vendor coverage, and overall incident response success.
You are someone who thrives in a high-performance environment, bringing a growth mindset and entrepreneurial spirit to tackle meaningful challenges that have a real impact.
In return for your drive, determination, and curiosity, we’ll provide the resources, mentorship, and opportunities to help you quickly broaden your expertise, grow into a well-rounded professional, and contribute to work that truly makes a difference.
When you join us, you will have:
- Continuous learning: Our learning and apprenticeship culture, backed by structured programs, is all about helping you grow while creating an environment where feedback is clear, actionable, and focused on your development. The real magic happens when you take the input from others to heart and embrace the fast-paced learning experience, owning your journey.
- A voice that matters: From day one, we value your ideas and contributions. You’ll make a tangible impact by offering innovative ideas and practical solutions, all while upholding our unwavering commitment to ethics and integrity. We not only encourage diverse perspectives, but they are critical in driving us toward the best possible outcomes.
- Global community: With colleagues across 65+ countries and over 100 different nationalities, our firm’s diversity fuels creativity and helps us come up with the best solutions. Plus, you’ll have the opportunity to learn from exceptional colleagues with diverse backgrounds and experiences.
- Exceptional benefits: On top of a competitive salary (based on your location, experience, and skills), we provide a comprehensive benefits package to enable holistic well-being for you and your family.
- Bachelor’s degree is required (master’s degree is preferred) in IT/computer science, cyber security, or equivalent experience
- 7+ years of cybersecurity or digital resilience experience, with exposure to regional or multi-country environments. (Singapore, IND, Japan, Aus, Korea)
- Hands-on experience in cyber/data security regulatory compliance, especially in Japan, Korea, Australia, India, or Singapore
- Hands-on experience on digital resilience, such as disaster recover testing, business continuity plan development
- Working knowledge of common information security controls, guidelines and standards, such as ISO27001, NIST CSF 2.0
- Strong working knowledge across multiple core security domains such as network security, API security, cloud security, Identity and Access management, and data security
- Experience with security technologies and tooling, e.g. vulnerability scanners, firewalls, privilege access management solution, SIEM etc