Head of Cybersecurity

Location: Shenzhen, China
Department: Cybersecurity

Position Overview:
We are seeking an experienced and highly skilled Head of Cybersecurity to lead the setup and development of the local cybersecurity framework. This individual will play a pivotal role in establishing cybersecurity protocols, ensuring compliance with both local regulations and global standards, and fostering collaboration with the bank's headquarters to maintain consistent cybersecurity policies. The ideal candidate will have the ability to build a comprehensive cybersecurity infrastructure from scratch and will provide strategic direction for all aspects of cybersecurity for our operations in the region.

Key Responsibilities:

• Develop and Implement Cybersecurity Framework: Lead the creation and implementation of the bank's cybersecurity framework for the local branch, ensuring it aligns with the global policies from headquarters as well as local regulatory requirements.
• Collaborate with Global Teams: Act as the liaison between the local team and global headquarters, ensuring synchronization of cybersecurity strategies, policies, and tools.
• Risk Management: Identify, assess, and prioritize cybersecurity risks and implement measures to mitigate potential threats. Develop a cybersecurity risk management strategy that complies with both local and international regulations.
• Incident Response: Establish and manage a robust incident response plan, ensuring quick detection and resolution of cybersecurity incidents, breaches, and threats.
• Compliance and Regulatory Management: Stay updated on local and international cybersecurity regulations, ensuring the bank's operations are fully compliant with all applicable laws. Work closely with legal and compliance teams to meet any reporting and regulatory obligations.
• Vendor Management: Manage relationships with external vendors and service providers for cybersecurity tools and services, ensuring they meet the bank's security standards and policies.
• Team Leadership and Training: Build and lead the local cybersecurity team. Provide training and awareness programs to ensure that all employees understand their role in maintaining cybersecurity.
• Security Audits and Monitoring: Set up continuous monitoring systems and perform regular security audits to ensure the integrity, confidentiality, and availability of the bank’s information systems.
• Technology Integration: Collaborate with IT teams to integrate cybersecurity into all new technology projects, ensuring security by design.

Qualifications and Skills:

• Experience:
  • Minimum 8-10 years of experience in cybersecurity, with at least 3-5 years in a leadership role.Banking background.
  • Proven experience in building or scaling cybersecurity frameworks from the ground up, ideally in the financial services industry or for large enterprises.
  • Familiarity with local regulatory requirements (e.g., [Country-Specific Regulation Names]).
  • Experience in collaborating with global teams and ensuring alignment of cybersecurity strategies.
• Technical Skills:
  • In-depth knowledge of cybersecurity frameworks and standards such as ISO 27001, NIST, and CIS.
  • Strong understanding of risk management methodologies, vulnerability assessments, penetration testing, and threat modeling.
  • Expertise in incident response, security operations, and forensics.
  • Familiarity with data protection regulations (e.g., GDPR, local data privacy laws).
  • Knowledge of network security, cloud security, encryption, and other technical cybersecurity measures.
• Certifications (Preferred):
  • CISSP (Certified Information Systems Security Professional)
  • CISM (Certified Information Security Manager)
  • CISA (Certified Information Systems Auditor)
  • CRISC (Certified in Risk and Information Systems Control)
• Leadership Skills:
  • Strong leadership abilities, capable of building and mentoring a local team.
  • Excellent communication and collaboration skills, with the ability to work effectively with internal stakeholders, vendors, and regulatory authorities.