Information Security Program Manager

Gogoro

Gogoro

This job is no longer accepting applications

See open jobs at Gogoro.
IT, Operations
Kiev, Ukraine · Taipei City, Taiwan
Posted on Thursday, January 18, 2024

Position impact:

The Information Security Program Manager is pivotal in establishing and maintaining a robust and compliant information security infrastructure for Gogoro. This role directly impacts the organization's secure global operations, ensuring the confidentiality, integrity, and availability of sensitive information. The Information Security Manager upholds Gogoro's commitment to ISO 27001 and ISO 27701 standards, cybersecurity best practices, and regulatory compliance, safeguarding our reputation and fostering trust among customers, partners, and regulatory bodies.

Responsibilities:

  • ISO 27001/ISO 27701 Management: Oversee the development, implementation, and continuous improvement of the ISO 27001 Information Security Management System (ISMS) and ISO 27701 Privacy Information Management System (PIMS). Ensure compliance with ISO 27001/ISO 27701 standards through regular audits and assessments. Collaborate with internal stakeholders to address security control requirements.
  • Cybersecurity Framework: Design, implement, and manage a comprehensive cybersecurity framework to protect digital assets. Stay informed about evolving cyber threats and implement proactive measures to mitigate risks. Work closely with IT teams to integrate security controls into systems and applications.
  • Regulatory Compliance: Monitor and interpret relevant data protection laws, industry regulations, and cybersecurity standards.
  • Global Expansion Support: Guide and adapt security policies and controls to meet diverse regulatory environments. Conduct security risk assessments for new markets and propose mitigation strategies.
  • Security Awareness and Training: Develop and deliver security awareness programs to educate employees on security best practices.
  • Vendor Risk Management: Assess and manage security risks associated with third-party vendors and service providers.
  • Reporting and Communication: Prepare regular reports on the status of information security, compliance, and cybersecurity initiatives. Provide insights into the security posture and risk landscape.

Requirements:

  • 5+ years of progressive experience in the IT Security field. Security Consultants from Big Four Firms are welcome.
  • Familiarity with industry compliance and security standards and frameworks including one or more of ISO 27001, ISO 27701, NIST, and CIS.
  • Hands-on experience working with generally accepted IT audit standards and practices, IT security and control practices, and risk management concepts.
  • In-depth knowledge of cybersecurity and information technology systems terminology, concepts, and practices.
  • Strong program/project management experience.
  • High level of personal integrity, with the ability to professionally handle confidential matters.
  • Professional certifications such as CISSP, CISA, CISM, and ISO27001 LA are preferred.

This job is no longer accepting applications

See open jobs at Gogoro.