Enable America Jobs

Position Overview:

The Information Security Officer, GCM at The Coca-Cola Company will be a part of the Global Cybersecurity function under the Regional Information Security team. In this role you will lead or be a key coordinator of security initiatives to improve the security posture of the Greater China Operating Unit (OU), Concentrate Plant (CPS) Operations and Franchise bottlers and partners located in the territory. The successful candidate will deliver this mission by understanding the Global Cybersecurity strategy and roadmap and executing it through cross-functional collaboration across Technology Services' Global Delivery, Global Cybersecurity, Privacy, Security Operations, and franchise bottler and partner IT teams, thus delivering measurable results for The Coca-Cola System in the GCM OU. The successful delivery of your responsibilities will ensure that the programs, services and solutions within the Company are delivered securely to achieve their business goals. The position will report to the Senior Director, Regional Cybersecurity Operations based out of Singapore.

Function Specific Activities:

Function Related Activities/Key Responsibilities

(b) Operating Unit Support (Mainly GC&M)

• Support and maintain relationships with key IT and business leadership and stakeholders across your supported business units.

• Promote company security requirements and guidelines to IT stakeholders and ensure they have the knowledge to apply them appropriately.

• Understand and communicate key Global Cybersecurity activities across supported business units, such as cybersecurity awareness and incident response. In particular, act as an extension of the corporate cybersecurity team and coordinate similar activities at GC&M to help bridge time zones.

• Understand and support key business and IT strategies across your supported business units.

• Understand and support the delivery of key applications and programs within your supported business units.

(c) Franchise Bottler Engagement

• Assist the APAC Regional Information Security Officer to maintain relationships with key security and IT executives at bottlers in GC&M.

• Support the business and IT strategies at each bottler in your geography.

Corporate Liaison

• Develop and maintain relationships with key IT and business leadership and stakeholders at GCM.

• Understand and support key business and IT strategies in TCCC's Digital & Technology Services and Global Cybersecurity and facilitate alignment across the operating unit.

• Understand and provide support on technological requirements of data privacy regulations applicable to the in-scope operating units.

Education Requirements:

• Bachelor's Degree in Computer Science, Computer Engineering or other appropriate field Required.

• Relevant industry certifications are preferred, such as CISSP and/or CISM, CISA, and other established security-related certifications. Azure-related Professional Certifications and/or MCSE: Cloud Platform and Infrastructure. Privacy-related certifications are encouraged.

Related Work Experience:

• Minimum of 10 years of work experience in governance, risk, compliance and cloud security or relevant related field. Of the accumulated work experience, it is preferable to have at least 3 years of cloud (e.g. Azure, Alicloud, Aws) operation support working experience. Cloud administration certification is preferred.

• Work experience and familiarity with China cybersecurity and data security/privacy regulatory requirements, including but not limited to Multi-level Protection Scheme (MLPS) certification, cross-border data security attestation, cybersecurity inspection, and others.

• Familiarity with the leading cloud technologies, e.g., different AI solutions, IOT, HDInsight, DB PaaS, cloud storage, etc. In particular, a technical understanding of Microsoft Azure security, AI, and infrastructure would be preferable.

• Technical experience designing, implementing, and/or supporting enterprise technology solutions.

• Technical experience identifying and mitigating risk using comprehensive security controls and technologies.

Functional Skills:

• Participate in cross-functional teams to promote technology strategies, analyze and test products, or perform pilot and first implementations of new technologies to integrate them into the Company's Global infrastructure.

• Deliver standards-related training or architecture updates (e.g., hardware, methodology, software packages, business data, security, retention, delivery methods, and tools) to stakeholders (e.g., stewards, custodians, application teams) to ensure standards compliance and quality master data.

• Create a communications plan (e.g., memos, letters, plan review meetings, status lists) to ensure frequent, accurate, and timely communication with all stakeholders and solidify commitment to the project plan.

• Perform and evaluate risks of cybersecurity-related observations arising from security activities, including security and vendor assessments.

• The ability to communicate confidently, adapt to different contexts, and engage effectively with senior leadership.

• Native Chinese speaker with good command of the English language.

Job Requirements:

Education: Bachelor's degree or University (Required)

Growth Behaviors:

• GROWTH MINDSET: Demonstrates curiosity. Welcomes failure as a learning opportunity.

• SMART RISK: Makes bold decisions/recommendations.

• EXTERNALLY FOCUSED: Understands the upstream and downstream implications of his/her work. Tracks and shares external trends, best practices, or ideas.

• PERFORMANCE DRIVEN AND ACCOUNTABLE: Has high performance standards. Outperforms her/his peers.

• FAST/AGILE: Removes barriers to move faster. Experiments and adapts. Thrives under pressure and at a fast pace.

• EMPOWERED: Brings solutions instead of problems. Challenges the status quo. Has the courage to take an unpopular stance.

Skills:

Cybersecurity Controls; Information Security Risk Management; IT Problem Solving; IT Security Auditing

We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity and/or expression, status as a veteran, and basis of disability or any other federal, state or local protected class.