- Information Technology
- Singapore - Singapore
Our Cyber Security teamIt’s no secret that our intellectual property is massively critical to our success. But how do we keep it from the prying eyes of the bad guys? Dyson’s Global Cyber Security department works effectively to keep our secrets secret and secure our crown jewels using advanced technologies to stay one step ahead of the game. We take a pragmatic approach, transforming cyber security in order to enhance our business resilience, enable our colleagues to move fast, delight our customers, and better manage potential cyber disruption. Investing in new cyber security capabilities across technology, process, and people, we build on and leverage our strong cyber security ecosystems to tackle future threats.
Our IT Security Risk & Compliance, Enterprise Security, and Cyber Defence functions are the beating heart of Dyson’s Cyber Fusion Centre capabilities. Together, they enable the successful delivery of exciting new projects, help existing toolsets remain effective, enable and encourage compliance, balance red & blue team capabilities, and make sure that cyber security incidents are managed in a timely and efficient way.
About the roleThe IT Security Risk & Compliance Analyst, reporting to the IT Security Risk & Compliance Manager, will be responsible for:
- Perform due diligence and Cyber Security assurance over third parties.
- Provide reporting on the security stance of third parties and highlight potential risks to senior stakeholders.
- Assist in maintaining the Cyber Security Risk Register, holding key individuals accountable for remedial action.
- Provide IT support to the Internal Audit function, tracking remedial actions.
- Assist in the continued compliance with PCI-DSS and the annual assessment and maintenance.
- Complete assurance tasks, ensuring that the key Cyber Security policies and standards are adhered to.
- Work with key business areas to work towards a level of compliance, where required.
- Escalate where non-compliance poses a business risk to key business stakeholders.
- Perform regular and periodic compliance-related tasks.
- Develop in the development and publishing of Cyber Security policies and standards.
- Support Cyber Security training and awareness activities and initiatives.
About youWith experience in a similarly dynamic, international role and complex organisation, you’ll have a proven working knowledge of leading an IT function in the global/region working as part of a global matrix managed team.
- Autonomy - Works under broad direction. Work is often self-initiated. Is fully responsible for meeting allocated technical and/or project/supervisory objectives. Establishes Milestones and has a significant role in the assignment of tasks and/or responsibilities.
- Influence - Influences organisation, customers, suppliers, partners, and peers on the contribution of own specialism. Builds appropriate and effective business relationships. Makes decisions which impact the success of assigned work, i.e., results, deadlines, and budget.
- Complexity - Performs an extensive range and variety of complex technical and/or professional work activities. Undertakes work which requires the application of fundamental principles in a wide and often unpredictable range of contexts. Understands the relationship between own specialism and the wider customer/organisational requirements.
- Business Skills - Advises on available standards, methods, tools, and applications relevant to own specialism and can make appropriate choices from alternatives. Analyses, designs, plans, executes, and evaluates work to time, cost, and quality targets. Assesses and evaluates risk. Communicates effectively, both formally and informally. Facilitates collaboration between stakeholders who have diverse objectives. Takes all requirements into account when making proposals. Takes initiative to keep skills up to date. Maintains an awareness of developments in the industry. Analyses requirements and advises on scope and options for continuous operational improvement. Demonstrates creativity, innovation, and ethical thinking in applying solutions for the benefit of the customer/stakeholder.
- IT security management, audit, and risk qualifications such as Certified in Securtiy Audit (CISA), Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA) and Certified in Risk and Information Systems Control (CRISC) would be an advantage.
- Experience of conducting compliance reviews, including creation of GAP analysis reports and remediation plans in specific to IT controls / standards.
- Understanding of risk methodologies and experience applying these in assessments.
- Experience in leading third-party assessments and running third-party assurance activities, preferably against a recognised framework.
- Experience in leading and driving cyber security awareness training, communication or campaign would be an added advantage.
- Demonstrable evidence of effective problem solving skills in complex support and experience relating to Cyber Security, Compliance, or Assurance including IT Business Continuity & DR
- Excellent relationship skills – the ability to build positive relationships with both technical and business personnel.
- Excellent communication skills in written and oral presentation material.
Our culture is unique. It's not easy or comfortable. It's certainly not for everyone, but if you thrive on challenge and are excited by change – it could be for you.
Dyson monitors the market to ensure competitive salaries and pension contributions. Beyond that, you’ll also enjoy a profit-related bonus, generous leave and life insurance. But financial benefits are only the start of a Dyson career. Rapid professional growth, leadership development and new opportunities abound, driven by regular reviews and dynamic workshops. And with a vibrant culture, flexible working hours, the latest devices and a relaxed dress code reflecting our engineering spirit, it’s an exciting team environment geared to creativity, innovation and ambition.
We are following the government guidelines regarding COVID19. At this time all interviews will be conducted via video or telephone. We’re taking these precautionary measures to protect both our employee and candidate wellbeing. Our Talent Acquisition team will work with you and provide further information as appropriate.