Supervise, implement & monitor Sumisho's access controls and strategic information security programs that conform to both local, regulatory, and international standards and/or security best practices.
Develop / enhance Sumisho's infrastructure and data protection program by ensuring organizational compliance with regulations and requirements.
Conducts risk assessments in coordination with ISD, stakeholders, and authorized 3rd parties to identify critical assets, determine risk exposures and recommended solutions to mitigate the risks, and prepare high-level analyses for management.
Conduct continuous assessment of information security practices to identify areas for improvement.
Review input, assist, or lead remediation activities of detected information security vulnerabilities and cyber security incidents.
Spearhead various change projects in line with Sumisho's information security and data protection strategies.
Report directly to the Information Security Head on the current security posture of the organization.
Participates in the technical design study, review, and evaluation of infrastructure and automated applications, prior to and during live runs. Coordinates with external parties regarding systems and network security set-up for applications and servers.
