Share This Job
Director, Information Security Officer, Greater China & Mongolia
Please note: This is not a Remote role and will require the incumbent to be based in Shanghai, China and work a hybrid schedule (60% of the time need to be onsite).
This is a People Manager role.
Job Description Overview:
The Information Security Officer, GCM at The Coca-Cola Company will be a part of the Global Cybersecurity function under the Regional Information Security team. In this role you will lead or be a key coordinator of security initiatives to improve the security posture of the Greater China Operating Unit (OU), Concentrate Plant (CPS) Operations and Franchise bottlers and partners located in the territory. The successful candidate will deliver this mission by understanding the Global Cybersecurity strategy and roadmap and executing it through cross-functional collaboration across Technology Services’ Global Delivery, Global Cybersecurity, Privacy, Security Operations, and franchise bottler and partner IT teams, thus delivering measurable results for The Coca-Cola System in the GCM OU. The successful delivery of your responsibilities will ensure that the programs, services and solutions within the Company are delivered securely to achieve their business goals. The position will report to the Senior Director, Regional Cybersecurity Operations based out of Singapore.
Function Related Activities/Key Responsibilities
(b) Operating Unit Support (Mainly GC&M)
-
Support and maintain relationships with key IT and business leadership and stakeholders across your supported business units.
-
Promote company security requirements and guidelines to IT stakeholders and ensure they have the knowledge to apply them appropriately.
-
Understand and communicate key Global Cybersecurity activities across supported business units, such as cybersecurity awareness and incident response. In particular, act as an extension of the corporate cybersecurity team and coordinate similar activities at GC&M to help bridge time zones.
-
Understand and support key business and IT strategies across your supported business units.
-
Understand and support the delivery of key applications and programs within your supported business units.
(c) Franchise Bottler Engagement
-
Assist the APAC Regional Information Security Officer to maintain relationships with key security and IT executives at bottlers in GC&M.
-
Support the business and IT strategies at each bottler in your geography.
Corporate Liaison
-
Develop and maintain relationships with key IT and business leadership and stakeholders at GCM.
-
Understand and support key business and IT strategies in TCCC’s Digital & Technology Services and Global Cybersecurity and facilitate alignment across the operating unit.
-
Understand and provide support on technological requirements of data privacy regulations applicable to the in-scope operating units.
Education Requirements:
-
Bachelor’s Degree in Computer Science, Computer Engineering or other appropriate field Required.
-
Relevant industry certifications are preferred, such as CISSP and/or CISM, CISA, and other established security-related certifications. Azure-related Professional Certifications and/or MCSE: Cloud Platform and Infrastructure. Privacy-related certifications are encouraged.
Related Work Experience:
-
Minimum of 10 years of work experience in governance, risk, compliance and cloud security or relevant related field. Of the accumulated work experience, it is preferable to have at least 3 years of cloud (e.g. Azure, Alicloud, Aws) operation support working experience. Cloud administration certification is preferred.
-
Work experience and familiarity with China cybersecurity and data security/privacy regulatory requirements, including but not limited to Multi-level Protection Scheme (MLPS) certification, cross-border data security attestation, cybersecurity inspection, and others.
-
Familiarity with the leading cloud technologies, e.g., different AI solutions, IOT, HDInsight, DB PaaS, cloud storage, etc. In particular, a technical understanding of Microsoft Azure security, AI, and infrastructure would be preferable.
-
Technical experience designing, implementing, and/or supporting enterprise technology solutions.
-
Technical experience identifying and mitigating risk using comprehensive security controls and technologies.
Functional Skills:
-
Participate in cross-functional teams to promote technology strategies, analyze and test products, or perform pilot and first implementations of new technologies to integrate them into the Company's Global infrastructure.
-
Deliver standards-related training or architecture updates (e.g., hardware, methodology, software packages, business data, security, retention, delivery methods, and tools) to stakeholders (e.g., stewards, custodians, application teams) to ensure standards compliance and quality master data.
-
Create a communications plan (e.g., memos, letters, plan review meetings, status lists) to ensure frequent, accurate, and timely communication with all stakeholders and solidify commitment to the project plan.
-
Perform and evaluate risks of cybersecurity-related observations arising from security activities, including security and vendor assessments.
-
The ability to communicate confidently, adapt to different contexts, and engage effectively with senior leadership.
-
Native Chinese speaker with good command of the English language.
What We Can Do For You
-
Career growth and development: Leveraging our boundaryless network, we provide access to educational platforms and provide coaching, mentoring and feedback, as a part of our Leadership & Development process.
-
Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs. We want to make our culture inevitable.
-
International Experience: Become part of international projects and work along multicultural teams, through our global network
SkillsIT Security Auditing; IT Problem Solving; Cybersecurity Controls; Information Security Risk Management
Our Purpose and Growth Culture:
We are taking deliberate action to nurture an inclusive culture that is grounded in our company purpose, to refresh the world and make a difference. We act with a growth mindset, take an expansive approach to what’s possible and believe in continuous learning to improve our business and ourselves. We focus on four key behaviors – curious, empowered, inclusive and agile – and value how we work as much as what we achieve. We believe that our culture is one of the reasons our company continues to thrive after 130+ years. Visit Our Purpose and Vision to learn more about these behaviors and how you can bring them to life in your next role at Coca-Cola.
We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity and/or expression, status as a veteran, and basis of disability or any other federal, state or local protected class.