Information Security Strategy Lead

A leading global technology-driven organisation in Bangkok is seeking an accomplished Information Security Strategy Lead to champion the implementation, governance, and ongoing enhancement of information security and digital resilience across a complex environment. This pivotal role offers you the opportunity to shape the future of cyber risk management, regulatory compliance, and operational resilience while working closely with senior leadership and key stakeholders.

What you'll do:

As an Information Security Strategy Lead based in Bangkok, you will be entrusted with advancing the organisation’s overall cyber resilience by developing robust frameworks that underpin every aspect of its technology landscape. Your day-to-day responsibilities will involve close collaboration with senior executives to ensure that all facets of information security governance are seamlessly integrated into business operations. You will conduct in-depth assessments to uncover vulnerabilities while facilitating forums that bring together diverse stakeholders for shared decision-making. By providing expert advice on best practices across multiple projects and operational areas—and overseeing risk management processes—you will play a vital role in maintaining compliance with ever-evolving regulations. Your efforts in promoting awareness through training initiatives will further embed a culture of vigilance throughout the organisation. Additionally, your ability to evaluate third-party providers’ controls ensures that external partnerships align with stringent internal standards. Through regular reporting to leadership teams on compliance status and risk exposure—and by supporting audits—you will help drive continuous improvement in digital resilience.

• Lead the design, implementation, and continuous improvement of enterprise information security frameworks, policies, standards, and procedures to ensure robust protection across all technology services.
• Ensure full compliance with applicable regulatory requirements, internal policies, and industry-recognised security frameworks by monitoring adherence across projects and business operations.
• Conduct thorough security assessments to identify control gaps and develop actionable remediation plans that address emerging information security risks within the organisation.
• Facilitate effective information security governance forums, steering committees, and management review meetings to drive alignment on strategic priorities.
• Serve as the primary point of contact for all information security-related matters with internal stakeholders, customers, vendors, auditors, and business partners.
• Provide expert consultation and guidance on information security best practices across projects, operational activities, and strategic initiatives to support business objectives.
• Oversee comprehensive information security risk management activities including risk assessments, treatment plans, exception management processes, documentation of deviations, monitoring progress, and ensuring timely remediation within established governance structures.
• Evaluate the effectiveness of existing security controls across both internal services and third-party providers to maintain high standards of protection.
• Promote a culture of information security awareness through targeted communication campaigns, training programmes, stakeholder engagement activities, and executive-level reporting on compliance status and risk exposure.
• Support internal and external audit activities by preparing detailed reports on security posture while contributing to regional and global governance initiatives.

What you bring:

To excel as an Information Security Strategy Lead in this forward-thinking organisation based in Bangkok you will bring substantial experience from previous roles focused on cybersecurity governance or IT risk management within complex environments. Your academic background—supported by relevant professional certifications—will provide a solid foundation for navigating intricate regulatory landscapes while your practical expertise enables you to implement effective frameworks that safeguard critical assets. You will have demonstrated success building consensus among diverse groups through clear communication strategies tailored for both technical & non-technical audiences alike. Your analytical abilities allow you to assess risks holistically while your attention-to-detail ensures no vulnerability goes unaddressed. A collaborative spirit underpins your approach as you work closely with colleagues across departments—fostering trust & understanding at every level. Above all else your passion for continuous improvement drives you not only to meet but exceed expectations when it comes to protecting organisational interests.

• Bachelor's or Master's Degree in Information Security, Cybersecurity, Computer Science, Information Technology, Risk Management or related discipline is required for this position.
• Professional certifications such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), CISA (Certified Information Systems Auditor), CRISC (Certified in Risk and Information Systems Control), ISO 27001 Lead Auditor/Implementer or PCI DSS-related credentials are highly desirable.
• At least eight years’ experience working within Information Security Governance or Cybersecurity functions—ideally within large-scale technology environments—is essential for success in this role.
• Demonstrated expertise implementing enterprise-wide information security frameworks alongside proven ability managing compliance programmes aligned with regulatory requirements such as ISO 27001 or NIST standards.
• Extensive background conducting rigorous risk assessments coupled with hands-on experience developing remediation plans addressing identified control gaps is expected.
• Experience managing third-party vendor risk assessments—including contract documentation review—and ensuring ongoing compliance with organisational requirements is important.
• Familiarity with audit management processes including remediation tracking; experience preparing detailed compliance reports for both internal/external stakeholders is advantageous.
• Exceptional communication skills—both written & verbal—in English are necessary given frequent interaction with senior executives & cross-functional teams globally.
• Strong analytical mindset combined with attention-to-detail; ability to influence outcomes through collaborative stakeholder engagement is valued highly.
• A proactive approach towards problem-solving; results-oriented attitude; high degree of integrity & commitment towards upholding governance standards are key attributes sought after.

What's next:

If you are ready to take your career in information security strategy to new heights while making a tangible difference within a supportive global environment—this is your moment!

Apply today by clicking on the link provided—your next exciting challenge awaits!

Due to the high volume of applications, our team will only be in touch if your application is shortlisted.

Robert Walters Recruitment (Thailand) Limited
Recruitment License No.: น. 1188 / 2551