Head of Technical Security, APAC

The Head of Technical Security will report directly to the Regional Information Security Officer, APAC.The Head of Technical Security will be responsible for providing technical security guidance and leadership across the APAC Region. Key responsibilities include security assessments of applications, IT and business projects, infrastructure and application vulnerabilities, understanding the regional implementations of existing and new global security technologies, and supporting regional cyber security incidents in coordination with the Data Protection Officer and global teams. The successful candidate would be responsible for executing on strategies, policies and standards developed by APAC and Global leadership.Key Responsibilities:Build, manage and develop a technical security team aligned to the Group and Regional Information Security model. Manage the security assessment process of applications and infrastructure being driven by IT and Business projects.Confirm design and security meets leading practices, as well as Chubb’s policies and standards ensuring issues are identified, remediated or managed through the exception processProvide oversight, approval and guidance to regional development teams, and provide security input for development process, where possibleDrive regional IT process improvements with Infrastructure and Application Development teams to improve the remediation of infrastructure and application-level vulnerabilities.Implement standards and processes to manage the security configuration of all devices and support security-related change management activities in support of policies and standardsUnderstand the APAC rollout of global security enablement projects, including interaction with Architecture, Infrastructure, and Development teams.Provide technical expertise and input, into new and existing, policies and standards based on regional regulatory requirements.Provide technical expertise and input to regional priorities, in line with global strategy. Keep up to date with global strategic direction.Support integration of regional IT infrastructure with global security solutions, ensuring global requirements are met. Keep up to date with global security technologies.Manage new security assessments, and recertifications, of applications, ensuring issues are identified, remediated or managed through the exception process Qualifications/Requirements:Bachelor’s Degree from an accredited college or university in Information Security, Information Technology, Computer Science, or a related technical degreeAt least 10 years’ IT experience, working in a technical discipline At least 10 years’ working experience of security technologiesAt least 5 years’ experience working in a senior technical role, with exposure to senior management and decision makingExpert knowledge of security technology, with proven ability to apply knowledge to use caseExcellent stakeholder management skills, including technical members of staff and senior executives, including stakeholder negotiation and influencingKnowledge of project lifecycles, with understanding of project lifecycle methodologies such as Agile, Waterfall and CI/CDProven ability to follow, and implement incident management processes, managing stakeholders and organizing technical resourcesExperience with Identity & Access Management processes.Extensive understanding of IT technologies such as networking, servers, IOT etc.Extensive experience understanding application architectures and their securityDetailed knowledge of securing cloud platforms and applicationsDemonstrated ability to understand and analyze complex business processes and technologies to make sound recommendations to constituentsExperience interpreting and applying information security standards and frameworks (e.g., ISO/IEC 27001/27002, PCI-DSS, NIST Cybersecurity Framework, etc.)Preferred Qualifications:Experience within the insurance industry or financial services