Senior Vice President, Vciso, Cyber Risk

Kroll is the leading global provider of risk solutions. For more than 40 years, Kroll has helped clients make confident risk management decisions about people, assets, operations, and security through a wide range of investigations, cyber security, due diligence and compliance, physical and operational security, and data and information management services. Headquartered in New York with more than 50 offices across nearly 30 countries, Kroll has a multidisciplinary team of over 5,000 employees and serves a global clientele of law firms, financial institutions, corporations, non-profit institutions, government agencies, and individuals.

This is an excellent opportunity to join the leadership of a rapidly growing, world-leading global team at the forefront of cyber security and investigations.

For more details about the wide range of cyber risk management services, please go to www.kroll.com/en/services/cyber-risk

• Creating high quality cyber security policies and procedures
• Staying up-to-date with relevant cyber security legislation, frameworks and industry trends
• Being familiar with management of data breaches and cyber security crisis situations and able to manage such incidents independently drawing on appropriate resources to deliver positive outcomes
• Coordinating and working closely with team members in other Kroll offices
• Able to deliver assessments and thought leadership across a range of security frameworks and topics, such as NIST Cyber Security Framework, Cloud Security, Security Operations Centre
• Leveraging genuine Chief Information Security Officer or Office (CISO) experience, and working with the global team to lead and deliver Interim CISO, Virtual CISO, Data Protection Officer (DPO) and data privacy compliance, cyber risk assessments, data protection impact assessments, governance reviews and other security assessment and risk advisory services
• Producing accurate, high quality client reports and proposals
• Working as a trusted advisor to some of the largest organisations in the region
• Experience of data privacy and data protection laws, regulations and operational implementation, such as EU-GDPR, Singapore PDPA and other jurisdictional personal data laws and regulations.
• Taking ownership of projects and deliverables and assisting in strategy planning for delivering CISO related services across the region
• Analysing and assessing risk to client’s information technology systems and enterprise environment either in one-off engagements or as the client’s permanent partner

Qualifications

• Able to manage multiple projects on a daily basis
• Must have demonstrable experience of at least eight years within security and/or data protection departments within large organisations
• Have the capability to communicate risk at a leadership/board level in the context of one or more industry sectors
• Be a hands-on practitioner when it comes to analysing, assessing and managing risk
• CISSP, CISA, CISM, CIPM, CIPP certifications preferred
• Have excellent written and spoken English (knowledge of a second Asian language an advantage)
• Understand relevant cyber security legislation and regulatory/ maturity frameworks
• Self-motivated and able to demonstrate experience, credibility and a passion for this type of work. This will include evidence of a strong career history in senior security positions, research capabilities, knowledge of a diverse array of tool-sets, community participation and self-learning beyond commercial training
• Willingness to travel

Above all, Kroll expects senior candidates to be strategically minded, excellent communicators, fearless decision makers, intellectually curious and willing to immerse themselves into new challenges. In return, the company provides an environment where there is on-going training and unparalleled exposure to a wide range of clients, assignments and technologies.