Global Head of Cyber Security - United Kingdom - SATS Ltd.

Description

About SATS – Feed and Connect Communities

SATS is a global leader in gateway services and Asia's pre-eminent provider of food solutions. Using innovative food technologies and resilient supply chains, we create tasty, quality food in sustainable ways for airlines, foodservice chains, retailers, and institutions. With heartfelt service and advanced technology, we connect people, businesses, and communities seamlessly through our comprehensive gateway services for customers such as airlines, cruise lines, freight forwarders, postal services and eCommerce companies.

Fulfilling our purpose to feed and connect communities, SATS delights customers in over 210 locations and 27 countries across the Asia Pacific, UK, Europe, the Middle East and the Americas. SATS has been listed on the Singapore Exchange since May 2000. For more information, please visit

KEY RESPONSIBILITIES

Governance and Compliance

• Develop and maintain a strong information security governance structure for SATS through the implementation of an agreed governance program.
• Develop and maintain the global Cyber Security Strategy and Roadmap.
• Oversee the development, enhancement, and delivery of a comprehensive suite of cyber security services and solutions on a global scale.
• Work with the BUs to ensure that relevant information security requirements are included in contracts.
• Work collaboratively with the regional Chief Information Officers (CIOs) to ensure that the compliance activities undertaken, and the key cyber security projects being delivered positively impact operational security risks, recovery and maturity.
• Create and manage a targeted information security awareness training programs for all employees, including establishment of metrics to measure the effectiveness of the security training program.
• Provide clear risk mitigating directives for all SATS initiatives both locally and internationally with components in Information Technology (IT) / Operational Technology (OT), including the mandatory application of controls.
• Facilitate and support the development and implementation of incident response plans and procedures.
• Develop and maintain up-to-date information security policies, standards and guidelines. Oversee the approval and publication of these information security policies and practices.
• Work effectively with business units to facilitate information security risk assessment and risk management processes and empower them to own and accept the level of risk they deem appropriate for their specific risk appetite.
• Support internal and external audit activities that pertain to SATS information security.
• Support and enforce obligations to government regulations and its amendments.

Lead and Collaborate

• Lead the Cyber Security department across the international locations to ensure consistent and high-quality information security management in support of SATS business goals.
• Build a strong and collaborative working relationship within the Technology BUs and wider SATS leadership team to influence and enforce strong security practices for new initiatives and on-going operations.
• Maintain an on-going relationship with the government agencies to influence pragmatic outcomes around SATS's compliance to the relevant Cyber Security practices.
• Work with SATS's Compliance teams to ensure that all information owned, collected or controlled by or on behalf of the company is processed and stored in accordance with applicable laws and other regulatory requirements.
• Collaborate and liaise with the data privacy officer to ensure that data privacy requirements are included where applicable
• Support the development and review of effective disaster recovery policies and standards to align with the Enterprise Risk Management (ERM) program goals.
• Monitor the external threat environment for emerging threats and advise relevant stakeholders on the appropriate courses of action.
• Take the lead to educate SATS employees to improve awareness of cyber threats and good cyber safety practices in all locations.
• Lead a highly performing and engaged team
• Ensure that security is embedded in the initiative/project delivery process by providing the appropriate information security policies, practices and guidelines
• Manage the budget for the information security function, monitoring and reporting discrepancies
• Monitor the external threat environment for emerging threats, and advise relevant stakeholders on the appropriate courses of action

KEY REQUIREMENTS

• Degree in computer science or cyber security or a related field of study, or equivalent experience
• Proven experience in leading, coaching and developing highly engaged performing teams
• Professional security management certification such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM)
• At least 5 years of leading and managing an Information Security practice in organisations that had both Information Technology (IT) and Operational Technology (OT)
• Experience in successfully leading organisations in meeting and maintaining industry/government-based security compliance standards (e.g. CSA CCoP 2.0, PDPA, COBIT, NIST)
• Demonstrable experience developing and sponsoring the delivery of security work programs for organisations to meet compliance obligations and improve security posture
• Proven track record and experience in leading/authoring the development and maintenance of information security policies and procedures for organisations
• Sound knowledge of cyber security concepts and technologies
• Practical experience with financial/budget management
• Fluent with risk-based information security management with ability to review, articulate and recommend any proposed controls to senior management based on compliance requirements and pragmatic needs
• Demonstrable, strong people leadership and management skills, proven track record of building and leading high performing teams. Solid experience that ranges from ensuring that high performers are engaged and challenged to ensuring that underperformance is managed
• Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and nontechnical audiences at various hierarchical levels, ranging from board members to department members
• Ability to influence BUs outside of their direct control to achieve best security outcomes for organisation
• Ability to effectively prioritise and execute tasks in a high-pressure environment