CrawlJobs Logo

Information Security Risk Lead

https://www.citi.com/ Logo

Citi

Location Icon

Location:
Thailand , Bangkok

Category Icon
Category:
Banking

Job Type Icon

Contract Type:
Employment contract

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

The Information Security Risk Lead is responsible for driving efforts to support governance, risk and compliance for CISO at Citi. The overall objective of this role is to ensure the execution of Information Security directives and activities in alignment with Citi's cyber and information security policy and country regulatory related requirements.

Job Responsibility:

  • Manage and validate deliverables of all Information Security (IS) programs, ensuring closure per agreed timelines and goals
  • Engagement with local regulators BOT, SEC, TB-CERT, Thai-CERT, MDES, NCSA, etc. on IS related matters
  • Manage regulatory exams and internal & external audits
  • Work closely with Global & Regional Information Security teams to improve processes and reduce risk, and support the IS regulatory related activities for Thailand
  • Manage internal/external resources to organize cyber-attack simulations exercise, coordinating and overseeing vulnerability, mitigation/remediation/correction action plans, and issues management process
  • Accountable for delivery of the associated remediation from regulatory assessments
  • Proficiency in preparing periodic updates / reports / presentation deck for both internal stakeholders and regulators
  • Provide timely and appropriate updates to regional and global stakeholders
  • escalate issues in a timely manner to senior management
  • Build and develop partnerships with business, IT, risk, compliance, IS, senior management staff and stakeholders
  • Facilitate and lead cross-functional meetings, assist in developing analytics and reporting to track effectiveness of process and identify potential process improvements
  • Acts as IS/Cybersecurity SME to senior stakeholders and/or other team members.
  • Engagement required across global & regional teams will be required to work across time zones especially NAM time zone.

Requirements:

  • Master’s/Bachelor’s/University degree or equivalent experience in Computer Science, Cyber Security, Computer/Information Engineering, Information Technology or a related discipline is preferred
  • One or more industry-recognized cybersecurity-related certifications such as CISSP, CISA, CISM, CRISC, ISO 27001
  • 6 - 10 years or above of relevant experience in Cyber Security Management / Cyber Security Operations / Technology Risk Management / Third-party Risk Management or IT Audit, preferably with experience gained from banking / finance services industry / consultancy / control compliance or legal disciplines
  • Experience in assessing cyber regulatory compliance from BOT, SEC etc.
  • Strong understanding of International Standards/Frameworks such as: NIST, ISO 27001series, COBIT, CIS, GDPR, DORA, etc.
  • Proficient in interpreting and applying policies, standards and procedures
  • Excellent project management and organizational skills (PMP, PRINCE2, etc. is a plus)
  • Strong consultation, reporting writing and communication skills with highly proficiency in both spoken and written English and Thai
  • Thai language fluency is a must.

Nice to have:

  • PMP
  • PRINCE2

Additional Information:

Job Posted:
March 22, 2025

Employment Type:
Fulltime
Work Type:
On-site work
Icon
Citi - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Information Security Risk Lead

Information Security & OT Lead

At METLEN Energy & Metals, we are catalysts for a sustainable future, positioned...
Location
Location
Greece , Athens
Salary
Salary:
Not provided
https://www.metlengroup.com Logo
Metlen Group
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Information science, Information systems or a related scientific field
  • Master’s degree will be considered an asset
  • +5 years of experience in Information Security or Cybersecurity roles
  • Strong technical background in cybersecurity and OT security
  • Proven experience in managing information security in OT environments is a strong plus
  • Solid understanding of ISO 27001, ISA/IEC 62443, and NIS2 directives
  • Strong knowledge of risk management methodologies and compliance frameworks
  • Excellent collaboration and communication skills for multi-site and cross-border coordination
Job Responsibility
Job Responsibility
  • Respond to audit requirements for all international sites including factories, energy plants, and solar fields
  • Participate in cyber incident response processes related to international and local industrial installations
  • Guide technical leaders and support information security compliance in Greek and international operations
  • Propose cybersecurity architectures and solutions to safeguard operational technology (OT) infrastructure
  • Participate in management committees to inform senior leadership on cyber risks and compliance issues
  • Work closely with international IT business partners on cybersecurity topics across the global footprint
What we offer
What we offer
  • Competitive remuneration package
  • Ticket Restaurant Card
  • Group Health Insurance Plan
  • Preferential household electricity plan
  • Pension Plan
Read More
Arrow Right

Senior Information Security & OT Lead

Senior Information Security & OT Lead position in Athens, responsible for cybers...
Location
Location
Greece , Athens
Salary
Salary:
Not provided
https://www.metlengroup.com Logo
Metlen Group
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Information science, Information systems or a related scientific field
  • +5 years of experience in Information Security or Cybersecurity roles
  • Strong technical background in cybersecurity and OT security
  • Proven experience in managing information security in OT environments
  • Solid understanding of ISO 27001, ISA/IEC 62443, and NIS2 directives
  • Strong knowledge of risk management methodologies and compliance frameworks
  • Excellent collaboration and communication skills for multi-site and cross-border coordination
Job Responsibility
Job Responsibility
  • Respond to audit requirements for all international sites including factories, energy plants, and solar fields
  • Participate in cyber incident response processes related to international and local industrial installations
  • Guide technical leaders and support information security compliance in Greek and international operations
  • Propose cybersecurity architectures and solutions to safeguard operational technology (OT) infrastructure
  • Participate in management committees to inform senior leadership on cyber risks and compliance issues
  • Work closely with international IT business partners on cybersecurity topics across the global footprint
What we offer
What we offer
  • Competitive remuneration package
  • Ticket Restaurant Card
  • Group Health Insurance Plan
  • Preferential household electricity plan
  • Pension Plan
  • Fulltime
Read More
Arrow Right

Information Security Lead Analyst

As part of Citi Infrastructure Defense team, the analyst position will participa...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of experience with multiple security disciplines and strong understanding of layered defense concepts
  • Deep understanding of TCP/IP technologies and knowledge of network routing protocols
  • Experience defining enterprise security strategy and ecosystem across diverse products
  • Strong hands on experience with firewall and proxy technologies (Bluecoat, Squid, NGINX)
  • Large Scale Network and Security design experience is essential
  • Work with and understand regulatory and risk management requirements
  • Strong unix / linux experience
  • Scripting (Python/Perl/Bash)
  • University / College degree in any STEM area or equivalent industry/technology knowledge
Job Responsibility
Job Responsibility
  • Identify opportunities to automate and standardize information security controls
  • Resolve any vulnerabilities or issues detected in an application or infrastructure
  • Analyze source code to mitigate identified weaknesses and vulnerabilities within the system
  • Review and validate automated testing results and prioritize actions that resolve issues based on overall risk
  • Scan and analyze applications with automated tools, and perform manual testing if necessary
  • Reduce risk by analyzing the root cause of issues, their impact, and required corrective actions
  • Direct the development and delivery of secure solutions by coordinating with business and technical contacts
  • Assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup
What we offer
What we offer
  • Opportunity to work on the internal security posture for a large financial and thus shaping the industry overall
  • Exposure to a broad range of investment technology businesses and products
  • Access to our word class testing lab with physical hands on using hundreds of devices in the IT security ecosystem
  • Fulltime
Read More
Arrow Right

Legal Third-Party Management and Information Security Risk Lead

As part of the Legal Outside Counsel, Third Party Management and Operations team...
Location
Location
United Kingdom , Belfast
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Ability to assess residual risk in complex vendor environments and make sound defensible recommendations
  • Experience applying risk-based frameworks to prioritize issues and mitigation efforts
  • Strong interpersonal skills for engaging legal, compliance, technology, procurement and senior risk stakeholders
  • Proficiency in creating clear and concise reports dashboards and governance experience
  • Leading or supporting cross functional projects, ability to support risk transformation initiatives, and integrate evolving legal tech and regulatory guidance into assessment methodologies
  • Bachelor’s degree or equivalent
Job Responsibility
Job Responsibility
  • Manage and oversee a set of complex initiatives that span multiple lines of business in the Cyber Security (CS), Information Security (IS) and Third-Party Risk Management (TPRM) space for Global Legal Solutions
  • Assess the risks and effectiveness of Third Party IS processes and controls based on enterprise requirements ensuring the IS risk is within tolerance
  • Evaluate the design and execution of the Legal IS Program, identifies potential enhancements and drives implementation of governance, methodologies and tools required for the effective oversight of Third-Party Management IS risk to continually strengthen the Program
  • Assist the day-to-day activities within the TPM Risk and Info Sec group
  • Monitor, track and control outcomes to resolve issues, conflicts, dependencies and critical path deliverables related to issues and gaps found in the TPISA process
  • Drive implementation of enterprise Third Party Management controls required to be assessed as part of the Managers Control Assessment, reviews results, and determines if remediation actions are appropriate
  • Document control design, testing methodology, and evidence for effectiveness reviews in compliance with Citi's Risk and Control Standards
  • Contribute to quarterly control certifications, issue management processes and audit engagements
What we offer
What we offer
  • Generous holiday allowance starting at 27 days plus bank holidays
  • increasing with tenure
  • A discretional annual performance related bonus
  • Employee Assistance Program
  • Pension Plan
  • Paid Parental Leave
  • Special discounts for employees, family, and friends
  • Access to an array of learning and development resources
  • Private medical insurance packages to suit your personal circumstances
  • Fulltime
Read More
Arrow Right

Country Security Lead

The Country Security Lead (CSL) for ASML China acts as the local representative ...
Location
Location
China , Shanghai
Salary
Salary:
Not provided
asml.com Logo
ASML
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 10 years (Information) Security experience
  • Minimum of 8 years experience with physical security
  • Minimum of 5 years IT working experience
  • Able to engage with Senior Leadership in China
  • Ability to build strong, trusting relationships with technical and non-technical user base
  • Highly-motivated, with a strong work ethic and able to work effectively under minimal supervision
  • Excellent verbal and written communication skills in English and Mandarin
  • Excellent multi-tasking skills
  • Enterprise Security risk expertise: Strong understanding of risk frameworks, strategic security risk mgt, policy management, and business continuity management
  • Security Risk mitigation & advisory: Ability to identify, assess, manage and monitor security risk mitigation strategies at a country level
Job Responsibility
Job Responsibility
  • Responsible for managing the China security organization on behalf of the CISO of ASML, driving the development and delivery of security services in China
  • Challenge and verify the adequate performance of security controls in China, against ASML and China risk appetite and as executed by the first line of responsibility in the sectors in China
  • Execute the central security strategy as determined by the CISO and adding country specific aspects to it to improve security maturity
  • Collaboration with the 1st line sector SRMs to identify, assess and mitigate security risks, overseeing and reporting via the China Virtual Security Team (VST)
  • Identify improvement opportunities together with the 1st line sector SRMs’ and the 2nd line team in terms of processes and activities
  • Provide necessary support for improvements and will act in a pivotal role to bring (security) teams together where needed
  • Overseeing the development of country specific response plans, assuring the timely and thorough handling of security indents under coordination of the central Security Operations Centre
  • Ensuring adherence to centrally determined or country specific laws and regulations related to information security
  • Act on behalf of the CISO of ASML and work closely together with the 1st line country SRM’s to define and execute a joined security roadmap for China
  • Assure the capabilities as required by the central Second Line Security, Intelligence Fusion Centre and Security Operations Center teams are developed and maintained, as well as organizing Security activities related to risk culture and awareness initiatives
  • Fulltime
Read More
Arrow Right

Information Security Lead

We are offering an exciting opportunity in the Financial Services industry, base...
Location
Location
United States , Bensalem
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Lead the daily maintenance and automation of the SOC dashboard
  • Monitor and manage daily security alerts and logs, including Central Log, Virus, IPS, DLP, Web Content, Secure Email, and Active Directory Changes
  • Conduct regular security device and configuration reviews
  • Generate monthly security metrics and dashboards
  • Ensure comprehensive and efficient security patching in partnership with the IS team
  • Evaluate and suggest improvements to our SOC and Automation systems
  • Support both external and internal audit processes
  • Document security incidents as part of the CSIRT team
  • Engage outside contractors with proper technical expertise when necessary
  • Manage and monitor security staff to build a reliable, high-performing infrastructure team
Job Responsibility
Job Responsibility
  • Lead the daily maintenance and automation of the SOC dashboard
  • Monitor and manage daily security alerts and logs, including Central Log, Virus, IPS, DLP, Web Content, Secure Email, and Active Directory Changes
  • Conduct regular security device and configuration reviews
  • Generate monthly security metrics and dashboards
  • Ensure comprehensive and efficient security patching in partnership with the IS team
  • Evaluate and suggest improvements to our SOC and Automation systems
  • Support both external and internal audit processes
  • Document security incidents as part of the CSIRT team
  • Engage outside contractors with proper technical expertise when necessary
  • Manage and monitor security staff to build a reliable, high-performing infrastructure team
What we offer
What we offer
  • medical
  • vision
  • dental
  • life and disability insurance
  • 401(k) plan
  • Fulltime
Read More
Arrow Right

Information Security Officer

The Information Security Officer is a senior leadership role responsible for ove...
Location
Location
Portugal , Lisbon; Oporto; Madrid; Barcelona
Salary
Salary:
Not provided
https://www.tui.com Logo
TUI
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experienced authentic leader with a good understanding of technology and managing Information Security risks in the enterprise
  • Passionate about Information Security, delivering business value and driving continuous improvement
  • Strong people leadership skills and experience in building a positive enabling security culture based on trust, quality and pragmatic risk management
  • Great communicator and influencer comfortable working across hierarchical, organisational, cultural and market boundaries
  • Experience of managing teams, mentoring and developing security talent from different cultural backgrounds
  • Professionally qualified holding a recognised security accreditation (CISSP/CISM/CISA etc.,) or equivalent experience with demonstrable Continuous Professional Development
  • Maintain a good understanding of latest security threats and the mitigating strategies
  • Ability to provide advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards
  • Experience of the implementation, operation and maintenance of an Information Security Management framework such as ISO27001 or NIST CSF
  • Good understanding of integrating security into software or product development lifecycle and cloud security
Job Responsibility
Job Responsibility
  • Promote and inspire a security first culture at TUI
  • Direct the development, implementation, delivery and support of an enterprise Information Security strategy aligned to the strategic requirements of the business
  • Lead the provision of Information Security resources expertise, guidance and systems necessary to execute strategic and operational plans across all of the organisation’s information systems
  • Ensure that each Domain is motivated and empowered to deliver the prioritised roadmap
  • Protect the TUI brand and its customers, detect and respond to incidents, strengthen defences, reduce the attack surface and secure behaviours
  • Drive adoption of and adherence to security policies, standards and controls through the provision of expert advice and guidance
  • Protect our most critical assets and ensure appropriate assurance and rigorous testing is in place
  • Ensure security incidents are managed effectively through engagement with the security operations team, and that lessons learned and audit findings are remediated
  • Ensure effective security operations (e.g. vulnerability scanning, patching)
  • Protect the integrity, availability, authenticity, non-repudiation and confidentiality of information and data in storage and in transit
What we offer
What we offer
  • Attractive remuneration, bonus opportunity, exclusive travel perks & discounts, extensive health & wellbeing support
  • Flexible working: hybrid or remote working models
  • Opportunities to upskill, reskill and grow your career
  • Access the TUI Tech Learning Hub to level-up and reach your ambitions
  • Participate in our tech communities and collaborate on global projects and teams
  • Get involved with incredible local charity and sustainability initiatives like the TUI Care Foundation and the Sustainable Tech Community
  • Fulltime
Read More
Arrow Right

Information Security Manager

Cogoport is on a mission to bridge the $3.4 trillion Trade Knowledge and Executi...
Location
Location
India , Mumbai
Salary
Salary:
Not provided
https://cogoport.com/ Logo
Cogoport
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in cybersecurity, risk management, and information security leadership
  • Bachelor's/master’s degree in computer science, Information Security, or a related field
  • Certifications: CISSP, CISM, CEH, or equivalent cybersecurity certifications (preferred)
  • Expertise in risk assessment, penetration testing, and vulnerability management
  • Hands-on experience with security tools such as SIEM (Splunk, IBM QRadar), endpoint protection, and cloud security solutions
  • Strong knowledge of zero-trust security models, identity and access management (IAM), and security operations (SOC)
  • Ability to effectively communicate security risks and strategies to both technical and non-technical stakeholders
Job Responsibility
Job Responsibility
  • Develop and implement a comprehensive cybersecurity strategy aligned with Cogoport’s business objectives
  • Collaborating with senior leadership as the primary authority for all security-related matters
  • Oversee security governance and continuous security improvements across all business units
  • Identify, assess, and mitigate cybersecurity risks across applications, cloud infrastructure, and corporate systems
  • Conduct periodic security audits, risk assessments, and penetration testing to proactively address vulnerabilities
  • Ensure compliance with ISO 27001, GDPR, SOC 2, NIST, and other industry security frameworks
  • Develop, document, and maintain an incident response plan to manage and mitigate security breaches
  • Oversee the implementation and management of security technologies, including firewalls, IDS/IPS, SIEM, and endpoint protection
  • Monitor network traffic for anomalies and cyber threats, taking immediate action against security incidents
  • Lead incident detection, investigation, and response processes while minimizing business impact
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy