Information Security Compliance Lead
Media.MonksWe’re Media.Monks – global content, data, and media powerhouse. Our solution is simple and singular: Disrupting the industry, driven by digital.
This Information Security Compliance Lead will lead the implementation and improvement of administrative and technical controls of the company's Information Security Management System. This person should understand the risk management process in order to define action plans to mitigate risks, follow up the progress and measure the effectiveness. The position will coordinate and manage internal and external compliance audits.
- Lead the alignment to the global ISMS (based on ISO27001) over the APAC region.
- Integrate the compliance efforts in the region with the global roadmap.
- Follow up and report the compliance status of processes and technology in the region.
- Identify risk related to information security in the technical environment, the relationships with third parties or any component of the company's operations.
- Define security measures to lower the risks identified.
- Understand about technical and administrative controls in the different areas: networking, operations, access management, SSDLC, cloud security, end-point protection, physical security, third party risk assessment, organization security and legal compliance.
- Coordinate the information security assessments with 3rd parties (clients, suppliers).
- Facilitate the awareness process in terms of delivery and measurement.
- Coordinate and reply to internal and external audits related to information security.
- Investigate on technologies that could improve the security baseline and the compliance (e.g. DLP, end-point protection, network security, security and vulnerabilities assessment).
- Bachelor's degree in Computer Science, Computer or Systems Engineering or equivalent.
- Minimum of 6 years of experience in related positions.
- Solid knowledge of security on networking, cloud, infrastructure configuration, end-point protection and SDLC.
- Knowledge and experience implementing and maintaining the standard ISO 27001/2.
- Experience on InfoSec risk management.
- InfoSec related certifications (e.g. CISSP, CISM, CRISC, CISA)
- Excellent communication and social skills.
- Ability to confidently present findings to the C-level as well as to others with non-technical background.
- Ability to coordinate work within the team and with other departments.
- Prioritization capabilities due to commitments and deadlines.
- Self-directed, resourceful, and a critical thinker with attention-to-detail and proactive problem-solving skills.
- Ready to learn new contents both from others or self-learned.
- Passionate about self-improvement and suggesting improvements to processes or activities.
- +3 year of experience in Security Risk Management, Information Security, Security controls or Security/IT Audit
- Information Security Certification (e.g. CISSP, Comptia Sec, CISM, CRISC, etc)
- ISO27001 Lead Implementer/Auditor
- Knowledge of the SOC2 framework
Media.Monks is the purely digital operating brand of S4Capital plc that connects 8,600+ digital natives across one global team. We are united by a mission to shift industries forward and pave the path towards ambitious outcomes so our clients and our people can realize their full potential for growth. Our unified model combines solutions in media, data, social, platforms, studio, experience, brand and technology services to help our clients continuously reinvent themselves throughout increasingly rapid cycles of disruption. Our efforts to shape culture, build innovative technologies and unlock the future of growth have earned recognition from numerous esteemed panels: we maintain a constant presence on Adweek’s Fastest Growing lists (2019-22), regular recognition at Cannes Lions, inclusion in AdExchanger’s Programmatic Power Players (2020-23), the title of Webby Production Company of the Year (2021-23), a record number of FWAs, and have earned a spot on Newsweek’s Top 100 Global Most Loved Workplaces 2023. Together, these achievements solidify our experience in digital innovation, excellence in craft, and commitment to personal growth.
While we continue to grow our teams, please be mindful of fraudulent job postings and recruiting activities that may use our company name and information. Please be mindful to protect your personal information, especially your national identification number, and bank account information during a recruiting process. While Media.Monks may reach out to potential candidates via LinkedIn, we will always ask applicants to apply through our website (https://media.monks.com/careers) and will never ask for payment or bank account information during the recruitment process.
Responsible for resourcing and implementing security controls for your teams processes and systems
Responsible that all your personnel apply information security in accordance with the established information security policy
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Perks/benefits: Career development
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Information Security Officer jobs
- Open Chief Information Security Officer jobs
- Open Security Operations Engineer jobs
- Open Ingénieur DevSecops H/F jobs
- Open Staff Security Engineer jobs
- Open Analyste CERT / Incident Responder junior (H/F) jobs
- Open Senior Security Architect jobs
- Open Analyste CERT / Incident Responder senior (H/F) jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Consultant jobs
- Open Senior Security Analyst jobs
- Open o365 Security Architect jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Staff Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open Security Researcher jobs
- Open Product Security Engineer jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Governance-related jobs
- Open Risk assessment-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Analytics-related jobs
- Open ISO 27001-related jobs
- Open CISM-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Security assessment-related jobs
- Open DoD-related jobs
- Open APIs-related jobs
- Open Forensics-related jobs
- Open Splunk-related jobs
- Open EDR-related jobs