As a Specialist in Strategy & Control at SCBX, you will play a crucial role in supporting the
implementation of the organization's security strategy and control initiatives. You will work closely
with senior team members to contribute to Security Strategy and Group Assessments, Awareness &
Training, and Security Governance & Performance Measurement. Join our team and gain valuable
experience while assisting in strengthening our security posture through effective governance and
control practices.

Responsibilities:

• Conduct comprehensive security assessments across business units and subsidiaries to identify vulnerabilities and areas for improvement.
• Implementation of the subsidiaries’ security strategy in alignment with business goals and industry best practices.
• Collaborate with stakeholders to contribute to security initiatives and assist in developing action plans for risk mitigation.
• Assist in the design and delivery of security awareness and training programs for employees at all levels of the organization.
• Assist in promoting security communication materials to cultivate a culture of security awareness.
• Participate in monitoring and measuring the effectiveness of awareness and training initiatives, providing inputs for continuous improvements.
• Support the establishment and maintenance of effective security governance processes, including policies, standards, and procedures.
• Contribute to monitoring compliance with security governance frameworks and regulatory requirements.
• Monitor key performance indicators (KPIs) and security metrics to measure the effectiveness of security controls and risk management practices.
• Preparing reports and presentations for senior management and relevant stakeholders.

Requirements:
To be successful in this role, you should have experience in most of the following:

• 2-5 years of progressive experience in cyber security strategy / assessment area, with a proven track record of driving successful security assessment and governance in large and complex organization.
• Proven experience in conducting security assessments.
• Extensive knowledge of security governance frameworks and best practices such as NIST, ISO27001-2, SoC2.
• Demonstrate a comprehensive understanding of various security domains, including GRC, IAM, Cloud, Data Security, Application Security, and Cyber Defense, while also being familiar with contemporary security concepts such as Zero Trust.
• Experience in designing and delivering security awareness and training programs.
• Relevant certifications such as CISSP, CISM, or equivalent.
• Excellent communication and presentation skills, with the ability to interact with stakeholders at all levels.
• Strong analytical and problem-solving abilities, with a detail-oriented approach to security strategy development.
• Possess excellent written communication skills and the ability to present technical concepts in a clear and understandable manner, making it accessible to executives. Proficiency in creating compelling and concise PowerPoint presentations.
• Demonstrated ability to work effectively as a team player, collaborating with cross-functional teams.