Information Security Office - Senior Manager
Fidelity International
2d ago

Department Description

The Global Cybersecurity & Information Security (GCIS) department is a part of the Global Technology department. The Technology function provides IT services to the Fidelity International business, globally.

These include the development and support of business applications that underpin our revenue, operational, compliance, finance, legal, and marketing and customer service functions.

The broader organisation incorporates Infrastructure services that the firm relies on to operate on a day to day basis including data centre, networks, proximity services, security, voice, incident management and remediation.

Global cybersecurity & Information security (GCIS) is responsible for :

  • Cyber Security : Protecting the Technology Environment from internal and external security threats,
  • Application Security (through secure coding practices, penetration testing, and developer training)
  • IAM Operations working to principles of least privilege, access appropriate to role, and Role Based Access Control Security Assurance & Compliance
  • Infrastructure Security
  • Vulnerability Management
  • Security Engineering and Architecture
  • IAM Product working on engineering, supporting & implementing new IAM solutions providing security controls in products like Identity governance & administration, Privileged access management, PKI and Enterprise directory services.
  • Cyber Defence Operations
  • Information Security office
  • Purpose of your role

    The Information Security Officer (ISO) is accountable for ensuring appropriate controls are in place for the security of information assets.

    The ISO safeguards information by seeing that security risks are identified, assessed and accurately reported. Additionally, the ISO is charged with ensuring local procedures and activities comply with all regulatory requirements and internal policies, procedures, guidelines and standards.

    The ISO is the center of competence for Information Security providing an advisory services role and acting as the focal point for security compliance related activities and responsibilities.

    Your key accountabilities

  • Design policy, procedure, and standards for information security in Asia. Be a key advisor on significant business and product decisions.
  • Ensuring continuous ISO27001 accreditation.
  • Manage a diverse team of technology risk specialists
  • Run a continual service improvement programme for all assurance activities
  • Take an active role in department information security projects and initiatives.
  • Provide a day-to-day operational service in responding to business enquiries regarding information security of company initiatives
  • Work with the wider security team to manage exceptions to the controls, preparing any required documentation, advising management of decisions and tracking any agreed rectification plans through to completion
  • Provide all-hours-response to major security or recovery incidents, providing technical advice as required. Lead incident response to any information security issues.
  • Responsible for compliance checking and reporting of Information Security initiative status across the region.
  • Able to translate technical knowledge into business terms and present to senior leadership.
  • Provide regular information security awareness training to all staff including phishing tests, classroom sessions and online courses
  • Your skills and experience

  • 8+ years’ experience in Information Security preferably within an international Financial Services firm
  • Expertise in information security policies, standards, controls and frameworks such as ISO27001
  • Well versed in Risk Management principles.
  • Managing a diverse team
  • Good understanding of Infrastructure, Application security issues and remediation
  • Understanding of regional data protection, privacy and practices
  • Familiar with PCI / DSS audit
  • Ability to plan, organise, co-ordinate and work well under pressure
  • Strong eye for detail with ability to produce accurate, well-structured reports to deadlines
  • Discrete and of high integrity
  • Able to remain motivated while completing routine tasks
  • Flexible and enthusiastic approach and attitude
  • Excellent English communication and presentation skills both verbal and written
  • Desirable qualifications

  • Related graduate degree
  • Certified ISO 27001 lead implementer or auditor
  • Further professional qualifications such as CISSP, CISA, CISM etc are an advantage
  • Fidelity International offers investment solutions and services and retirement expertise to more than 2.5 million customers globally.

    As a privately-held, purpose-driven company with a 50-year heritage, we think generationally and invest for the long term.

    Operating in more than 25 locations and with $611.4 billion in total assets, our clients range from central banks, sovereign wealth funds, large corporates, financial institutions, insurers and wealth managers, to private individuals.

    Our Workplace & Personal Financial Health business provides individuals, advisers and employers with access to world-class investment choices, third-party solutions, administration services and pension guidance.

    Together with our Investment Solutions & Services business, we invest $471 billion on behalf of our clients. By combining our asset management expertise with our solutions for workplace and personal investing, we work together to build better financial futures.

    Our clients come from all walks of life and so do we. We are proud of our inclusive culture and encourage applications from the widest mix of talent, whatever your age, gender, ethnicity, sexual orientation, gender identity, social background and more.

    As a flexible employer, we trust our people to perform their role in the way that works best for them, our clients and our business.

    We are a disability-friendly company and would welcome a conversation with you if you feel you might benefit from any reasonable adjustments to perform to the best of your ability during the recruitment process and beyond.

    Data as at 30 September 2020.

    Report this job

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Application form