IT Security Leader

Take a step forward and let Edenred surprise you.

Every day, we deliver innovative solutions to improve the life of millions of people, connecting employees, companies, and merchants all around the world. 

We know there are hundred ways for you to grow. With us, you will expand your skills in a multicultural, challenging, and dynamic environment. 

Dare to join Edenred and get ready to thrive in a global company that will offer you endless opportunities.

Edenred is all about meritocracy. You come as you are, and you contribute. Indeed, the Edenred Group recognizes, recruits and develops all talents and singularities.

We are committed to preventing all forms of discrimination and to providing all our candidates with equal opportunities regardless of their gender and gender expression, disability, origin, religious belief and sexual orientation or any other criteria.

Edenred Taiwan, as part of complementary solutions business line, began investing in and building a digital e-ticket network in Taiwan in 2010. Under the "Instant Voucher" brand, it integrates with major department stores, high-volume restaurant chains, and numerous enterprise platforms and e-commerce channels. Over the years, the company has focused on the development of e-tickets, accumulating numerous invention patents and issuing over 250 million e-tickets to date.

The Global IT Security Department at Edenred defines and leads cybersecurity strategy and programs via an international cybersecurity unit. It is also responsible for ensuring that the policy is properly implemented and applied, by defining and deploying a reference framework, preventive and corrective security measures, an organizational structure and technical solutions for crisis management, and regular security checks in all of the Group’s host countries.

• YOUR ROLE

The IT Security Leader will be responsible for IT Security & Resiliency of Edenred Taiwan. This position reports to the business line CISO (direct report, in Paris) and Edenred Taiwan CTO (dotted line).

He/she will work with local teams, in Taiwan and APAC region, collaborate and be supported by Group teams based primarily in Paris and Bucharest which provide expertise, processes and solutions for all cybersecurity domains.

Key Responsibilities

He/she will:

• Steer local cybersecurity governance (KPIs/KRIs, programs, committees, roadmap, budget)
• Manage and coordinate local ISO 27001 certification efforts to ensure successful renewal
• Partner with product/engineering teams to identify, assess, prioritize, and mitigate security risks
• Do threat modelling and security reviews early in the design process of products/platforms
• Work with and train development teams to integrate security best practices into SDLC
• Contribute to security audit, alert and incident response related to products and platforms
• Orchestrate IT security controls execution (e.g., scans) and ensure findings remediation
• Stay up to date with the latest security trends, vulnerabilities, and mitigation techniques

He/she will also bring a 1st level of support to other(s) BU(s) in APAC region collaborating with cybersecurity peers when needed to ensure continuous support to operations.

Qualifications

The successful candidate will be an information security professional motivated by business understanding and strong interest in product security, with a proven and successful experience in implementing security by design in strategic projects in conjunction with business and IT leaders.

He/she has a 5+ years’ experience in a similar function, or in application/product security roles. He/she is graduated from bachelor’s degree in information technologies, IT security or similar.

Key qualifications:

• Excellent communication with ability to convey complex security concepts to all
• Adaptation to the audience and anticipation of issues, preparing for possible resistance
• Strong analytical and problem-solving abilities and attention to detail
• Proactive and solution-driven, with advanced organizational skills
• Capacity to pick the right battles and increase efficiency through automation
• Team spirit and agility, working closely with various experts to achieve shared objectives

Technical skills:

• Robust technical skills for in-depth understanding of any technical aspect needed
• Strong knowledge of secure coding practices, design patterns and common vulnerabilities
• Experience in performing threat modelling, architecture/design and security assessments
• Proficiency in leading cybersecurity governance and committees

The candidate will be result-oriented with a can-do attitude, capable of persuading and influencing others in the organization to recognize that security is paramount and not an option.

Languages required: fluent in oral and written English and Chinese (Mandarin)

Nice to have-

• Experience with payment security and fraud prevention
• Experience with ISO 27001 certified environments, (re-)certification maintenance/process
• Experience in matrix and international IT organizations
• Experience with cloud-native security (Azure, AWS, GCP)
• Relevant certifications: ISO 27005 Risk Manager, ISO 27001 Implementor, CISSP, CEH, …

Apply now and Vibe with Us!