Security Governance Program Manager - Gogoro |Meet.jobs

薪資

800k - 1.4m TWD Annually

技能需求

    工作機會描述

    Position impact:

    As Gogoro Security Governance Program Manager demonstrates a broad base of information governance policies, procedures, standards and guidelines to help address strategic business questions and issues. The position must understand the information security head’s strategy. To build strategies and drive execution of critical initiatives that ensure we correctly and consistently identify risks in new initiatives, and maintain compliance with relevant regulatory requirements.

     

    Role and Responsibilities:

    • Establish and maintain up-to-date, easy-to-understand, referenceable, and usable Information Security and Privacy policies and plans that comply with our applicable frameworks and regulations (e.g.,ISO 27001). Establish and maintain an inventory of all procedures that support these policies and plans.
    • Create valuable, digestible, and memorable training opportunities on these policies for the organization and any roles specific to these policies. Ensure all employees are up-to-date on their annual training requirements for security / privacy / compliance.
    • Creates short and long term privacy compliance strategies in coordination with the Information Security Head and develops and builds strategic relationships with partners and business units to collaborate on integrating privacy by design practices into business processes.
    • Research, define and articulate key elements of an effective information governance program. 
    • Security Governance advisory – providing risk advisory, performing current state assessments, gap analysis, strategies and consulting to improve the security posture through necessary controls to comply with regulatory mandates and Information Security Standard.

     

     

    Qualification

    • 7 years progressive experience in IT Security field.
    • Familiarity with industry compliance and security standards and frameworks including one or more of: ISO 27001, GDPR.
    • Hands-on experience working with generally accepted IT audit standards and practices, IT security and control practices, and risk management concepts; this includes experience with reviewing the effectiveness of controls over key cyber risks, identifying significant exposures, and evaluating control effectiveness
    • In-depth knowledge of cybersecurity and information technology systems terminology, concepts, and practices
    • Strong program/project management experience
    • High level of personal integrity, with the ability to professionally handle confidential matters
    • Professional certification such as CISSP, CISA, CISM, ISO27001 LA are preferred.

    Gogoro

    We're Gogoro.

    此企業的其他工作機會