职位描述
云安全
主机安全
网络安全管理

Purpose of the Role

Data Protection Manager is accountable for ensuring data security and maintaining the Company’s enterprise cybersecurity across corporate and markets. Responsible for maintaining cybersecurity and data privacy policies, contributing to security and compliance efforts, and providing security guidance to enterprise application and infrastructure teams. And also, this role is responsible for overseeing security governance for new IT projects.




Key Job Responsibilities Specific duties include, but are not limited to:

Maintain cybersecurity and data privacy policies, ensure compliance through regular checks, risk assessments, and status reporting.
Develop and implement tailored data protection policies, procedures, and guidelines in accordance with relevant laws and regulations.
Provide guidance and best practices for personal data protection, offering advice and recommendations on the interpretation and application of data protection rules.
Organize and execute cybersecurity and data privacy awareness programs.
Assists in implementing and operating information security frameworks / standards and overseeing security governance for projects across the organization.
Collaborate closely with cross-functional teams, including legal, marketing, and business units, to ensure alignment on data protection initiatives and requirements.




*The above tasks and responsibilities are a summary of the typical functions of the job and may not be exhaustive of all possible responsibilities, tasks and duties of the role.




Requirements:

EDUCATION: Degree or Certification in Information Technology, Computer Science or related field. Certification courses: CISSP/CISA/CISM/CRISC or related certification a plus.
SPECIFIC BUSINESS KNOWLEDGE: At least 5 years of experience in cybersecurity, IT compliance, IT risk management, or data privacy. Regional IT experience is advantageous.Experience in conducting audits and assessments to monitor compliance with data protection requirements and identify areas for improvement. Proficiency in maintaining cybersecurity awareness and data privacy management programs. Experienced in data security and compliance checks, as well as using cybersecurity tools (DLP, EDR, SIEM) and working with third-party SOC service providers for incident triage and management. Played a role in enforcing IT security policies and procedures
SPECIFIC BUSINESS KNOWLEDGE: Proficient in working within a matrixed, multi-country organizational structure and managing outsourced technology partners. Deployment experience with technologies and services such as DLP, PAM, and SASE. Ability to provide management with metrics and information for accurate reporting on compliance, security, and areas of risk. Familiarity with security industry standards such as CIS, ISO, NIST, and PCI. Knowledgeable about data protection laws and regulations such as PDPO, PIPL, PDPA, and GDPR, as well as data security assessments and vendor compliance.
COMPETENCY: Problem-solving skills with a focus on creative solutions and user experience considerations. • Ability to adapt and learn new technologies and skills, with a self-learner mindset. • Focus on working together with an emphasis on end-user customer service.