Joyson Safety Systems is a global leader in Mobility Safety, serving automotive clients across the Americas, Europe, and Asia. Our commitment to data integrity, cybersecurity, and information security is fundamental to protecting our data and ensuring system integrity worldwide.
Position Overview:
We are seeking a Regional Information Security Officer (RISO) to oversee Joyson Safety Systems’ regional information, cyber, and technology security initiatives. This critical role will shape the vision, strategy, and program to protect information assets and technologies throughout the region. Reporting to the Global Information Security Officer, the RISO will collaborate with regional IT leaders on security policy development, risk management, cybersecurity planning, disaster recovery, and business continuity initiatives.
Key Responsibilities:
Strategic Leadership and Vision:
- Drive the design, implementation, and monitoring of a comprehensive information security, compliance, and IT risk management program.
- Advise leadership on infrastructure, solutions, and processes to enhance JSS’s cybersecurity resilience and response.
- Improve JSS's overall cybersecurity profile to mitigate business risks and support value management.
Risk Management and Compliance:
- Identify, evaluate, and report on information security risks to meet compliance and regulatory standards.
- Lead a culture of cybersecurity awareness and adherence to regional and global policies and regulations.
- Oversee Governance, Risk, and Compliance (GRC) strategy, in alignment with global policies and reporting.
Technical Security Operations:
- Support the establishment and ongoing management of a cybersecurity incident response plan and disaster recovery plan.
- Coordinate the deployment of security technologies and collaborate with the Security Operations Center (SOC) to enhance incident response processes.
- Develop and continuously test Security Incident Response Procedures to align with regional needs and resources.
Institutionalize Information Security:
- Collaborate on security strategies for application architecture and vendor management, ensuring ongoing compliance.
- Implement and oversee internal audit controls, reviews, and operational processes to support annual mandatory audits.
- Create and manage KPIs for communicating cybersecurity risks effectively to business leaders.
Communication and Reporting:
- Maintain clear communication with stakeholders on cybersecurity strategies and present relevant updates.
- Prepare detailed reports for business and IT stakeholders.
Additional Responsibilities:
- Supervise direct reports supporting the System Access Request (SAR) Program and other RISO functions.
- Respond to cybersecurity assessments, questionnaires, and audits.
- Support internal and external audits and compliance investigations.
- Coordinate with global SOC to manage security incidents and improve response efficiencies.
- Execute protection and recovery procedures, conduct risk assessments, and identify process improvements.
- Drive a "Security First" culture in collaboration with global and regional IT and non-IT teams.
Required Skills and Qualifications:
- Experience in a risk-based cybersecurity approach with knowledge in computing, applications, infrastructure, networks, telecommunications, and cloud architecture.
- Strong interpersonal, management, and analytical skills, with expertise in problem-solving and effective collaboration across teams.
- Hands-on experience in creating and implementing GRC policies and solutions (OpenPages preferred).
- Extensive knowledge in information security, IT risk management, and applicable audit and compliance frameworks (e.g., C-SOX, NIST CSF, SOX, TISAX, ISO27001).
- Technical proficiency in information security solutions, including Endpoint Detection and Response (EDR), SIEM, Zero Trust, IAM, and vulnerability management.
- Microsoft Security and M365 Suite experience required.
- Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or related field (Master’s degree preferred).
- At least one recognized information security certification (CISSP, CISM, etc.) is strongly preferred.
- Minimum of 5 years in professional risk management, information security, or IT leadership roles (including people management).
- Proficiency in English and a primary regional language is required.
- ServiceNow ITSM experience is preferred.
Why Join Us?
Be part of a forward-thinking global company committed to safety, security, and innovation. Joyson Safety Systems offers a collaborative environment where you can drive impactful cybersecurity initiatives and shape the security posture of a global leader in automotive safety.
Ready to Apply?
Join our team and help us protect the future of mobility safety. Apply today!