ABOUT THE ROLE
What makes Cognizant a unique place to work? The combination of global and innovative environment creates many opportunities for people like YOU — professionals with an entrepreneurial mindset who want to make a difference globally. The Corporate Security Business Information Security (BIS) team is a global team responsible for ensuring that all security risks on client delivery engagements are managed end-to-end and for establishing trust across a wide variety of engagements. The group frequently engages with business leaders and customers to identify, assess, and mitigate security risks. The team is also the primary interface between the wider Corporate Security community and the business to deliver our security obligations to customers.
Cognizant is seeking Information Security leaders to expand, lead, and manage security governance function across the Asia-Pacific and Japan (APJ) region, particularly within ASEAN region: Singapore, Malaysia, Philippines, Thailand, Vietnam, and Indonesia with potential extension to Greater China region: Mainland China, Hong Kong, and Taiwan. Candidates will have a proven ability in Security Governance, Risk, and Compliance (GRC), Security Engineering & Architecture, and Program Management.
JOB RESPONSIBILITIES:
Security Governance
- Manage and implement Security Governance, Risk, and Compliance (GRC) practices across a wide variety of client delivery engagements within the region, including public sector, telecommunications, retail, and financial services.
- Ensure compliance with regional and international cybersecurity and privacy laws, frameworks, and standards such as International (ISO 27001, NIST CSF, GDPR), Singapore (Cybersecurity Act, CCoP, MAS TRM, PDPA), and China (CSL, DSL, PIPL).
- Work with the Business Information Security Officer (BISO) and affiliated Centre of Excellence (CoE) leaders to ensure organizational practices align with business objectives and the evolving threat landscape.
- Drive alignment with Cognizant, client, and regulatory security policies, standards, and risk management frameworks across all engagements.
Security Risk and Control Management
- Engage with a variety of stakeholders, including business leaders, auditors, customer security officers, legal, HR, and IT teams, to understand security requirements and risk scenarios.
- Apply end-to-end risk management principles guided by business context and risk appetite; identify, assess, treat, and monitor risks.
- Develop security management and data protection plans for key accounts by identifying assets, threat vectors, and defining mitigation strategies and control frameworks.
- Conduct periodic risk and control assessments to evaluate adherence to contractual, regulatory,and internal obligations, and provide implementation plans to close gaps.
Support business and client facing risk discussions and contribute to security clauses, contractual obligations, and risk acceptance processes.
Security Operations and Program Management
- Uplift the security maturity of various parts of the Cognizant business, including subsidiaries and acquisitions, to meet global security policies, standards, and guidelines.
- Manage third-party and client audits/security assessments, including OSPAR, SOC 2 Type I/II, PCIDSS, DPTM PDPA, and ISO 27001; plan scope, schedules, and coordinate evidence collection across corporate functions.
- Assist delivery teams in reviewing Technical Solution Designs and Secure SDLC processes to ensure IT products and services are secure-by-design and aligned with risk appetite.
- Coordinate corporate incident management response and support investigations within definedntimeframes; liaise with customers, regulators, and external stakeholders as required.
- Develop security training and awareness materials and deliver or facilitate awareness programmes.
- Provide leadership reporting, including risk posture, remediation progress, and key security metrics to senior stakeholders.
- Contribute to regional security strategy and continuous improvement initiatives.
JOB REQUIREMENTS
- Must have a Bachelor’s degree or above in a related field or equivalent experience.
- Must hold relevant security certifications such as CISSP, CRISC, or CISA.
- Must have experience managing Information Security functions within a highly regulated environment.
- 10+ years of cybersecurity experience.
- 5+ years of people and/or program management experience.
- Strong knowledge of security frameworks such as ISO 27001, NIST CSF, MAS TRM, and PDPA.
- Experience in attaining certifications or attestations such as ISO 27001, OSPAR, SOC reports, etc.
- Experience with Security/Infrastructure Design, Engineering, or Architecture.
- Experience in Project/Program Management.
- Experience working with government, critical infrastructure, or regulated industry is highly desirable.
- Excellent stakeholder engagement skills.
- Excellent presentation and communication skills, with the ability to convey complex security risks and mitigation strategies in a concise and business-relevant manner.
- Ability to plan both tactically and strategically.
- Deliver outcomes with a sense of urgency while maintaining strong attention to detail.
- Demonstrate pragmatism by recommending risk mitigation strategies that balance cost, risk, and business value.
- Strong collaboration skills and willingness to be a team player, leveraging cross-functional inputs to solve complex problems.
- Willingness to travel (~10%).
コグニザントについて
コグニザント(NASDAQ: CTSH)は、AI Builderおよびテクノロジーサービスプロバイダーとして、お客様にフルスタックのAIソリューションを構築することで、AI投資と企業価値を結ぶ架け橋となっています。業界、ビジネスプロセス、エンジニアリングに関する当社の深い専門知識を活かし、組織固有のビジネス環境をテクノロジー・システムに組み込みます。これにより、人間の可能性を最大限に引き出し、確かな成果を実現するとともに、急速に変化する世界においてグローバル企業が常に一歩先を行くための支援を行っています。 詳細については、cognizant.ai をご覧ください。
雇用に関する追加情報
本募集に記載されている報酬情報は、掲載日時点で正確なものです。Cognizantは、適用される法令に従い、いつでも本情報を変更する権利を留保します。
応募者は、対面またはビデオ会議による面接への参加を求められる場合があります。また、各面接の際に、現在有効な州政府または政府発行の身分証明書の提示を求められる場合があります。
Cognizantは機会均等雇用主です。応募および選考において、人種、肌の色、性別、宗教、信条、性的指向、性自認、国籍、障がい、遺伝情報、妊娠、退役軍人の地位、その他連邦法・州法・地方自治体の法律により保護されるいかなる特性に基づく差別も行いません。







