Ninja Van is a tech-enabled logistics company on a mission to provide hassle-free delivery services for businesses of all sizes across Southeast Asia. Launched in 2014, we started operations in Singapore and have become the region's largest and fastest growing last-mile logistics company, partnering with over 35,000 merchants and delivering more than 1,000 parcels every minute across six countries.
At our core, we are a technology company that is disrupting a massive industry with cutting-edge software and operational concepts. Powered by algorithm-based optimisation, dynamic routing, end-to-end tracking and a data-driven approach, we provide best-of-class delivery services that delight both the shippers and end customers. But we are just getting started! We have much room for improvement and many ideas that will further shape the industry.
**Job Descriptions**:
- Develop country information security strategy in alignment with Group Strategy
- Develop country information security budget and roadmap
- Manage delivery of Group Information Security tools and capabilities locally.
- Manage local Information Security projects
- Support CISO in managing the delivery of global programs, KPIs, and KRIs
- Run local security training programs
- Communicate and ensure implementation of group IS policies, procedures, and processes locally.
- Adapt security procedures as per local needs where required
- Qualify local Security Incidents and co-ordinate incident response with Group IS
- Lead and/or participate in post Incident Reviews
- Manage local Security Architecture decisions by working in liaison with Group Information Security
- Manage resolution of vulnerabilities or issues detected in local IT/Tech Infrastructure
- Reduce the information security risk by identifying the root cause and working with local/group stakeholders to take corrective actions
- Support the Local Team with questions related to regulatory compliance and IT/InfoSec audits
**Requirements**:
- Having a minimum Bachelor's Degree in Information Security / STEM (Science, Technology, Engineering, and Mathematics)
- Having well-rounded 8-10 years total experience in IT/IT Security
- Experience in leading IT security, attestation, and assurance audits globally
- Professional security certifications (e.g. CISM, CISA, CRISC.) is a plus
- Knowing ISO 27001 is also a plus
- High degree of attention to detail and discipline in tracking and managing the closure of identified vulnerabilities and issues arising from an audit
- Seasoned in Project Management and Stakeholder Management
- Speaking both Bahasa & English proficiently