• Provide leadership and oversight by setting the direction, strategy, deliverables, and operating model for the Application Security focused on assessments and testing function
• Own the definition, implementation and ongoing maintenance of service roadmaps to ensure a fit for purpose service, organisation, processes and tools are in place to support the delivery of the team’s appsec operational objectives
• Act as the thought leader for Application Security and ensure the service stays on par/ahead of competitive and industry trends
• Institutionalize “security as code” practices across the CTO teams through advocacy, training and team-based coaching engagements with shift left as a core aim
• Overall responsibility for Application Security Testing services covering Code Security Reviews (SAST), Mobile Application Security Reviews, Software Composition Analysis, Web Application Scanning (DAST), Developer Security Enablement and Application Penetration Testing
• Lead complex and global application security improvement efforts that work across business functions
• Plan and manage the financing of the Application Security Testing service within the applicable budget framework
• Ownership of the Application Security Testing catalog content (including service fact sheets, service descriptions, service level objectives, etc.)
• Provide leadership over the operation of Application Security tools, 
• Plan and execution of scanning and testing, researching and analyzing vulnerabilities, identifying relevant threats, corrective action recommendations, summarizing and reporting results
• Responsible for establishing and managing an Advanced Security Testing lab, which will be leveraged to deliver application security testing through a robust testing methodology and process
• Ensure Application Security Testing services are agile to cater for testing requirements for DevSecOps and cloud-based environments
• Develop and advocate the use of automated testing tools and processes, standardized frameworks and standards to enhance the agility and effectiveness of application security services
• Responsible for establishing and operating a quality assurance process to assure the quality of third parties engaged by the Grab occasionally for regulatory purposes, to deliver an Application Security overview

Skills: AppSec Strategy, Security Testing, DevSecOps Integration, Vulnerability Analysis, Tool Management, Budget Planning, Automation Advocacy, Quality Assurance

• Own the strategy and execution for the global application security program responsible for quantifying and advancing the security of applications and development practices
• Lead and direct a global application security program responsible for all secure SDLC controls (SAST, SCA, DAST, etc), defining secure application architecture standards, and threat modeling
• Collaborate with development and DevOps teams to drive “shift left” initiatives and build a global SecDevOps practice across the application inventory
• Design and deliver a comprehensive, continuous reporting capability depicting the overall security posture of products based on secure SDLC control data, infrastructure/service vulnerabilities, and the state of authentication/authorization mechanisms
• Lead the development and implementation of an API security program
• Lead cross-functional cybersecurity initiatives to ensure that appropriate controls are in place to protect vulnerable applications from external and insider threats
• Develop metrics as part of an OKR framework to measure both the security of development practices and the effectiveness of the application security program
• Ensures that application security-related contract and compliance requirements are satisfied collaterally and efficiently by the execution of the application security program
• Promote a highly collaborative work environment that allows for creative approaches to highly complex and technical challenges
• Manage vendor relationships that provide services or technologies specific to application security
• Produces and maintains policies and standards related to application security

Skills: AppSec Strategy, Secure SDLC, DevSecOps Practice, API Security, Threat Modeling, Compliance Management, Security Metrics, Vendor Management

• Set security strategy and best practices for cloud security, working with the Cloud Security Architects
• Managing a team of highly experienced and motivated engineers to achieve the OKRs
• Work with engineering teams/SRE/DevOps to create a suitable strategy for the adoption of security as part of the CI/CD pipeline and SDLC
• Identify manual processes and improve through automation
• Ensure security best practices are followed at every level and provide solutions to improve existing processes
• Be involved in the design and subsequent implementation of software and service infrastructure
• Hire and mentor exceptional DevSecOps engineers
• Define or drive the maturity of Information Security Management Systems and Security Roadmaps for large enterprises
• Consult VP and C-level stakeholders on security solutions and enterprise security programs and manage those relationships
• Define Security Programs in some of the following domains - Cloud Security, Application Security
• Conduct Security assessments for enterprises, for cloud/hybrid workloads
• Orchestrate the discovery process together with Security Architects
• Lead sales process, prepare RFP/RFI responses
• Manage a team of security consultants and architects
• Consult client leads from engineering, infrastructure, development, database, and security teams on security topics

Skills: Cloud Security, DevSecOps Leadership, CI/CD Security, Process Automation, Infrastructure Design, Security Roadmap, Stakeholder Consulting, Security Assessment

• Responsible for the independent safety oversight of all aspects of flight safety, ground safety and cabin safety
• Responsible for the operational risk management of all safety and security-related matters
• Responsible for managing the SMS coordinator interface with the Operational BUs
• Responsible for the performance of the accident prevention and flight safety program, and for ensuring communication and coordination with appropriate operational managers
• In charge of the Company Accident Investigation Team (CAIT) - investigate incidents, serious incidents and accidents
• Develop a Safety and Security Strategy to ensure safe and secure airline operations
• Develop a Safety and Security Policy and approve standards
• Ensure the airline SMS and SeMS remain effective and compliant with all related regulatory requirements
• Ensure ongoing implementation and maintenance of the CX Security Program (CXSP / AOSP)
• Ensure the implementation of effective safety and security controls to maintain the safety and security of CX operations, assets, passengers and property, system-wide, daily
• Provide safety and security leadership by facilitating, developing, coordinating and promoting safety and security awareness and recognition initiatives
• Ensure that an effective working relationship is maintained with the Aviation Regulatory bodies with regard to all safety matters
• Develop and manage the air/ground/cabin safety/security reporting programmes
• Ensure that data-based risk and trend analysis and proactive risk assessment are conducted
• Continually review the Airline’s Safety / Security objectives, Safety / Security Performance Indicators and Safety / Security Performance Targets on an ongoing basis

Skills: Flight Safety Oversight, Risk Management, Safety Strategy, Accident Investigation, Regulatory Compliance, Safety Program, Risk Assessment, Data Analysis

• Ensure the company excels in all areas of Health, Safety and Security, and seek innovative ways to raise the performance bar
• Provide leadership and guidance on all HS&S governance for the business and take the lead on business continuity planning
• Establish and promote a public safety strategy with a strong communication plan to ensure the safe management of all customers and spectators
• Create and develop an HS&S strategy that goes beyond compliance and ensures a compliant and vibrant, healthy and safe working culture is embedded in day-to-day operations
• Ensure policies and procedures in place are up to date and are applied in daily business
• Continuously challenge, test and improve the Health, Safety and Security programme, policies and procedures
• Through effective threat vulnerability risk assessments, develop and implement a security strategy, with a clear and effective structure and communication plan
• Ensure the security risks are proactively managed, presenting the company as a security exemplar and event industry leader
• Lead and manage health, safety and security for new projects and programmes across the sites and play a vital role in providing governance for the safety management systems and control standards being delivered
• Continue to reduce the accident and incident rates across the sites
• Support the site's operational teams in ensuring there is no complacency concerning Health, Safety and Security risk
• Drive a culture of shared learning across the sites to ensure all sites operate at an improved standard across Health, Safety and Security

Skills: Health Safety Strategy, Risk Assessment, Policy Compliance, Security Governance, Incident Reduction, Safety Communication, Program Improvement, Culture Development

• Ability to lead and inspire cross-functional, interdisciplinary teams
• Very good understanding and practical experience in risk management and deploying vulnerability management processes
• Knowledge of information security management frameworks, such as ISO/IEC 27001 and NIST
• Good understanding of all current legislation and regulations about Proton
• Strong infrastructure and software engineering understanding
• Able to lead from the front, be hands-on, and have a strong work ethic
• Must have a startup mindset (pragmatic, adaptive, energetic, and efficient)
• Strong bias towards action and execution
• Solid network in the security field
• Experience in engaging with and influencing senior leaders and board members
• Outstanding project management and organizational skills
• Exceptional communication and interpersonal skills

Qualifications: BA in Public Administration with 4 years of Experience

• Proficient in Microsoft Office – Excel, PowerPoint, Word, Email, Internet etc.
• Proficient in Google Office Suite – Google Drive, Google Sheets, Google Docs, Gmail, etc.
• Working experience in warehouse management, security, logistics/supply chain, e-commerce, and consulting 
• Experience in security/loss prevention management
• In-depth knowledge of performance metrics
• Experienced in monitoring and situation evaluation
• Attention to detail and a high level of accuracy and precision
• Excellent communication and leadership, organizational and time-management skills
• Strong problem-solving and analytical skills
• Ability to make quick and smart decisions under pressure
• Working experience in security and protection services, with sector-specific experience in mining
• Proven track record in developing policies, procedures and SOPs

Qualifications: BA in Security Management with 6 years of Experience

• Strong analytical and data gathering skills, excellent verbal and written communication, high attention to detail and exceptional problem-solving ability
• Good understanding of security management statutory obligations, requirements, and dynamics
• Strong knowledge of and experience with one of Azure, AWS, or GCP, with exposure to at least one other major cloud provider
• Strong knowledge of and experience with security monitoring and observability (SIEM) systems (Splunk/Azure Sentinel/etc.)
• Prior experience working with security operations teams across non-production and production environments
• Prior experience of working with modern cloud-native systems within scaled production environments
• Exposure to technical leadership, project management, and agile development
• Proficiency with any of the following - Anti-Virus, HIPS, ID/PS, Full Packet Capture, Host-Based Forensics and Network Forensics
• In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform
• Understanding of mobile technology and OS (i.e., Android, iOS, Windows) and Unix and basic Unix commands
• Strong understanding of web application security and AWS
• Able to troubleshoot and debug issues, and demonstrate a methodical approach to root cause analysis
• Familiarity with configuration management tools

Qualifications: BA in Public Safety Administration with 8 years of Experience

• Must have CISA, CRISC, CISSP, CIPP, CIPM, CIPT, or other professional certification
• Experience with or working knowledge of Amazon Web Services
• Experience with or working knowledge of AliCloud
• Experience helping IT organizations understand compliance requirements, evidence gathering requirements, and implementing compliance-related processes and tools
• Foundation in Pharmaceutical GxP and ICH frameworks
• High-level understanding of best practices in security, policy creation, and risk management
• Experience of working in a globally oriented team on enterprise infrastructure and security
• Ability to read and write code in Python and JavaScript
• Strong written and verbal communication skills, attentive to details
• Proven leadership and organizational skills with a practical, operational sense
• Able to be effective at developing internal and external partnerships
• Have experience as a liaison with international, federal, state and local first responder agencies
• Strong financial skills, including the ability to write business cases and determine ROI
• Demonstrable experience of educating technical SMEs around writing secure software and a clear understanding of the latest best practices in this area
• Exhibit exemplary and unquestionable personal integrity and moral compass

Qualifications: BA in Political Science with 7 years of Experience

• Experience securing cloud software services and an understanding of design for scalability, performance, and reliability
• Knowledge in cloud platform technologies such as Amazon's VPC, Elastic Load Balancing, Global Accelerator, Transit Gateway, Security Groups
• Knowledge of security and privacy-related industry standards and frameworks (e.g., SOC, ISO 27001/2, NIST 800-53, NIST CSF, CSA CCM) 
• Demonstrated understanding of security technologies at scale
• Demonstrated ability to make tradeoff decisions that balance risk with reward in security and privacy
• Ability to negotiate with and influence multiple cross-functional teams, including Product, Engineering,
• Leadership skills to navigate ambiguity and pressure to drive results
• Experience with vulnerability scanning solutions
• Previous Cloud Security experience, ideally on Azure Cloud
• Experience with dealing with Containers, Kubernetes and Serverless Security
• Experience with security and control frameworks (NIST CSF, ISO27001, CIS CSC 20, MITRE ATT&CK) and experience mapping control frameworks to security practices
• Excellent written and verbal communication skills
• Working knowledge of implementing and maintaining industry standards such as NIST, PCI-DSS, GDPR, and ISO 27001
• Experience as a Head of Information Security / Cyber / CISO within a small/medium organisation with a strong digital presence

Qualifications: BA in International Relations with 6 years of Experience