Regional Information Security Lead - AMEA

At ABB, we are dedicated to addressing global challenges. Our core values: care, courage, curiosity, and collaboration - combined with a focus on diversity, inclusion, and equal opportunities - are key drivers in our aim to empower everyone to create sustainable solutions. Write the next chapter of your ABB story.

This position reports to

EL IS - Head of Security, Risk & Compliance

Your role and responsibilities

Accountable for establishing, defining, and maintaining Information Security Demand Management and delivery planning processes for the Electrification Business in AMEA region. Drives global, regional and local Information Security leadership, guidance, and support for all the IS functions and IS organization of ELIT and InfoSec IS service for EL business in AMEA region. Provides expertise to ensure that IS ser-vices impacting IT systems are operated in security compliance with legislation and external regulations (NIST, Local InfoSec requirements, etc.), and the data contained are used and secured properly.

Qualifications for the role

• Information Security is currently indicated as one of ABB's highest risks and requires a focused approach to mitigate deficiencies. By ensuring compliance requirements this role directly supports the Global strategic aim of minimizing this risk.
• Failure to understand and ensure customer and/or regulatory compliance requirements as "license to operate", may lead to loss of revenue or business and in severe cases attract significant financial penalties.
• Non implementation of Information Security standards and policies can lead to high negative impact to the business in respect of availability of systems, confidentiality of sensitive data and/or maintaining data integrity.
• Complexity of EL IT organization, Information security IS Services and Corporate IS operating model and the delivery of Information Security services (globally or locally).
• Working across multiple countries, cultures, languages and local IT regulations for compliance.
• Development and implementation of a new common language and understanding across the EL IT organization globally to raise Information Security awareness to enable the EL business to make risk-based decisions for IT projects.
• Development and implementation of a new process for demand management.
• Supports and guides the organization in shaping IS Control Compliance.
• Provides input into the ELIS InfoSec Strategy and subsequently rolls out and manages adherence and compliance/completion of strategic goals.
• Facilitates improved awareness and actions towards reducing overall risk to ac-ceptable levels for business in the region and country, tthrough active engage-ment in areas covered by the ABB IS Risk Dashboard.
• Manages the KPI's and ensures progress against items. Creates action plans for backlog, overdue, at-risk items,
• Main point of contact for their Region/Country area to ensure that both Global and EL Information Security Services meets the needs of the business.
• Acts as single point of contact for Business, IS Managers and other relevant stakeholders, in order to evaluate and prioritize IS Risk & Security demands.
• Drives engagement with business and local IS through communication of the IS Risk & Security programs, services and changes to Country Management, Local Business Units, IS Managers and Country IS.
• Leads and supports security awareness education at both regional and country level.
• Delivers appropriate IS Solutions/services and provides technical expertise and advice and supports the installation, management, maintenance and optimization in regards of the required security, or the changing of existing IS solu-tions/services in accordance with agreed Service Level Agreements (SLAs).
• Qualifications
• Bachelor's or master's degree in information security or technology, Computer Science, Software Engineering or a related qualification, and/or demonstrated capability through past employment ex-perience.
• Security Certifications (CISSP, CISM, etc.) and/or Auditor certifications (ISO 27001 auditor, CISA etc.) are desirable.
• Good knowledge of ITIL processes would be advantageous.
• Knowledge & Experience
• 12+ years of Information Systems experience of which 5+ years in Information Security and/or IS Compliance.
• Expertise in understanding and managing of IS Risk, Security & Compliance requirements in global organizations.
• Excellent experience in assessing, understanding security threat landscape, current and future state of security technologies and their inter-relationship with IT landscape.
• Excellent understanding of information security concepts, protocols, industry best practices and strategies.
• Must be fluent in Mandarin & English, both verbal and written.
• Excellent verbal and written communications skills across multiple levels of stakeholders, with the ability to convey information to both technical and non-technical audiences, in an easily understood authoritative and actionable manner.
• Demonstrated ability to work effectively with people under challenging circumstances.
• Strong experience to translate business requirements into technical IS capabilities and solutions.
• Ability to influence others and move toward a common vision or goal.
• Must be a critical thinker, with strong problem-solving skills.
• Strong experience of managing and resolving multi-vectored incidents.
• Internal experience of ABB departments at managerial level and ways of working is advantageous.

More about us

We value people from different backgrounds. Apply today for your next career step within ABB and visit www.abb.com to learn about the impact of our solutions across the globe. #MyABBStory