Regional Cybersecurity Officer

MissionIn charge of Cybersecurity of the Asia (excluding China) region: Japan, Korea, Thailand, Malaysia, Indonesia and India (~16,000 users, 3.4 BEUR sales)➔ Act as the Cybersecurity point of contact for the region➔ Functionally manage an international team of 5 Sites Cybersecurity Officers spread across the region➔ Deploy the Valeo ISSP (Information Systems Security Policy) within the region, assess and improve the level of Cybersecurity of the different sites➔ Coordinate the Cybersecurity incidents in the region➔ Provide reporting of the region➔ Contribute to the evolution of the Valeo ISSP (Information Systems Security Policy) and some Group Cybersecurity programs.➔ Upon request, act as Group CISO (Chief Information Security Officer) delegate to perform some specific missions➔ Regularly travel within the region to meet your team, key stakeholders, and ensure that the ISSP is properly applied.Reporting line:Hierarchical: Asia Information Systems DirectorFunctional: Group CISO (Chief Information Security Officer)Responsibilities :Accountability➔ Act as the Cybersecurity point of contact for the regionFor the Group CISO (Chief Information Security Officer) and the Cybersecurity organization For the legal representativesFor the customersFor the partners and suppliers➔ Functionally manage the Sites Cybersecurity OfficersOrganize and lead the regular Cybersecurity meetings with the Sites Cybersecurity Officers of the regionRelay the Cybersecurity communications and actions to the Sites Cybersecurity Officers of the regionCoordinate the translations performed by the Sites Cybersecurity Officers regarding the Cybersecurity communications, eLearning, TIPs ➔ Deploy the Valeo ISSP (Information Systems Security Policy) within the region, assess and improve the level of Cybersecurity of the different sitesDisseminate Group standards, rules and best practices to the Sites Cybersecurity OfficersControl and validate the Valeo ISSP compliance for all the sites of the region. If mandated by the Group CISO, act as delegate to provide exemptions. Alert Sites Cybersecurity Officers/Group CISO in case of deviation. Manage the Cybersecurity action plans of the region.➔ Coordinate the Cybersecurity incidents in the regionEnsure capitalization within the region following Cybersecurity events and incidents➔ Provide reporting of the regionProvide regular and on-demand reporting to the GroupFollow and report the OEMs Cybersecurity requirements of the region➔ Contribute to the evolution of the Valeo ISSP (Information Systems Security Policy) and some Group Cybersecurity programs➔ Upon request, act as Group CISO (Chief Information Security Officer) delegate to perform some specific missionsResponsibility➔ Act as the Cybersecurity point of contact for the regionParticipate to the external security assessments (customer mandated audit) and act as delegate of Group CISO.➔ Functionally manage the Sites Cybersecurity OfficersDevelop knowledge of the Sites Cybersecurity OfficersManage their training.➔ Deploy the Valeo ISSP (Information Systems Security Policy) within the region, assess and improve the level of Cybersecurity of the different sitesDefine and follow improvement plans with the Sites Cybersecurity OfficersPerform or control, by Group CISO delegation, risk assessments for, but not limited to, projects, sites, third parties.➔ Coordinate the Cybersecurity incidents in the regionEnsure that all non-compliances, abnormal Cybersecurity events, and Cybersecurity incidents are raised by the Sites Cybersecurity Officers.Ensure swift resolution of Cybersecurity incidents with the Sites Cybersecurity Officers and the Group CIRT (Cybersecurity Incident Response Team).➔ Provide the reporting of the regionInform the Continental IS Director(s) of the region for all aspects related to Cybersecurity non-classified as 'Secret'.Request the authorization to have an exemption to the Valeo ISSP whenever it is mandatory to fulfill a law/regulation linked to the region activity.➔ OthersUpon request, act as Group CISO delegate to perform some specific missionsAct as internal Cybersecurity risk auditor for the other regions.Contribution➔ Contribute to the evolution of the Valeo ISSP (Information Systems Security Policy) and some Group Cybersecurity programsContribute to Group Cybersecurity programsPropose, to Group CISO, initiatives to improve:Cybersecurity of the regionValeo ISSP, Group standards and rulesCybersecurity KPIsExperience Required :Above 10 years of relevant experience in CybersecurityWorked in an international company in a multicultural environment.Knowledge and experience linked to Cybersecurity standards (ISO 2700x, NIST, NIS…)Knowledge and experience in technical topics such as malware, patch management, firewalling…Other infrastructure / network / system / database / application experienceInternational team management experienceInternational stakeholder management experienceCybersecurity Incident management experience