Epicareer Might not Working Properly
Learn More
Please Turn on your JavaScript

Epicareer might not working properly because your browser javascript is turned off.

What is JavaScript?

JavaScript is like the magic behind making websites interactive. Basically, it makes Epicareer more enjoyable and engaging.
How do i turn this on?
Find tutorial for your browser below :
  1. Make sure the webpage is open.
  2. In the Safari app on your Mac, choose Safari > Preferences, then click Security.
  3. Make sure the Enable JavaScript checkbox is selected.
  4. Click Websites.
  5. On the left, click Content Blockers.
  6. Make sure Off is chosen in the pop-up menu next to the website.
  7. On the left, click Pop-up Windows.
  8. Make sure Allow is chosen in the pop-up menu next to the website.
Visit Site here
  1. Open Chrome on your computer.
  2. Click. then Settings.
  3. Click Privacy and Security.
  4. Click Site settings.
  5. Click JavaScript.
  6. Select Sites can use Javascript.
Visit Site here
  1. If you're running Windows OS, in the Firefox window, click Tools > Options.
  2. Tip: If you're running Mac OS, click the Firefox drop-down list > Preferences.
  3. On the Content tab, click the Enable JavaScript check box.
Visit Site here
  1. Click the "Settings and more" icon at the top right of the Edge browser window.
  2. Click Settings.
  3. From the Settings menu, click Cookies and site permissions.
  4. Scroll down and click on JavaScript.
  5. In the JavaScript window, toggle the slider to "on" or "allowed."
  6. Close the Settings tab.
  7. Refresh the page.
Visit Site here
  1. Go to Settings.
  2. Click Advanced in the left sidebar, and click Privacy & security.
  3. Under Privacy and security, click Site settings.
  4. Click JavaScript.
  5. At the top, turn on or off Allowed (recommended).
Visit Site here
Any Question? Contact us
logo
Jobs or company...

Lead, TPRM Risk and Compliance

Salary undisclosed

Apply on

Linkedn
Original
Simplified
The Estée Lauder Companies is the global leader in prestige beauty — delighting consumers with transformative products and experiences, inspiring them to express their individual beauty. We are the only company focused solely on prestige makeup, skin care, fragrance, and hair care with a diverse portfolio of 25+ brands sold in approximately 150 countries and territories. Infused throughout our organization is a passion for creativity and imagination — a desire to push the boundaries and invent the unexpected — as we continue the bold work of our founder Estée Lauder.

Who We Are

Do you want to be part of the team catalyzing digital innovation, harnessing the power of data, and transforming the fabric of security across the world’s most prestigious beauty, skincare, and luxury fragrance brands? Then join the information security and technology team, Enterprise Cybersecurity & Risk (ECR) at Estée Lauder Companies (ELC). The ECR team fuels cyber-defense, technology excellence, risk and compliance, and global resilience. We stay on the forefront of cyber threats to deliver fit for purpose tools, technologies, and processes that protect ELC’s business operations and empower secure strategic growth. If you thrive in change rich entrepreneurial environments, then this is the team for you. From our fast-paced delivery plans to our global team expansion, this is an exciting time to join us!

What You’ll Do

The ECR Manager, Risk and Compliance will drive Compliance initiatives, including evaluation of IT-related risks, assessment of control effectiveness, and control owner achievement of effective control environments for continued compliance. This role necessarily deals with highly confidential and sensitive information, and the role is expected to both define appropriate handling of such information for the enterprise and to implement best handling practices.

You Will Be Responsible For
  • Partner with TPRM program key stakeholders to ensure the appropriate due diligence is conducted based on global and regional compliance requirements.
  • Ability to understand details of vendor’s cybersecurity program and identify where gaps exist with internal company policy requirements.
  • Cybersecurity technical expertise to review vendor attestations (e.g., SOC1/SOC2, Vulnerability Scan, Penetration Testing, PCI DSS, ISO 27001, etc.) and identify potential gaps or control weaknesses.
  • Familiarity with China Privacy Laws and Cybersecurity regulations such as Personal Information Protection Law (PIPL), Data Security Law (DSL), Multi-Level Protection Scheme (MLPS) 2.0, and Cybersecurity Law of China (CSL).
  • Familiarity with Frameworks such as NIST CSF, OWASP10, ISO, ITIL and CMMI.
  • Familiarity with SaaS and COTS based applications and the unique risks associated with each use case.
  • Awareness of emerging cybersecurity threats including zero-day vulnerabilities, supply chain, and iOT related risks
  • Ability to clearly articulate the potential implications of cybersecurity risks to less technical users.
  • Update IT policies, standards, and Standard Operating Procedures.
  • Ability to triage use cases and prioritize due diligence activities based on the vendor’s inherent risk profile.
  • Ability to effectively communicate (verbal and written) technical subject matter clearly and succinctly in both Chinese and English
  • Produce risk assessment reports and effectively communicate and collaborate with vendors to implement remediation responses.
  • Effectively collaborate with cross-functional, interdisciplinary teams, such as Procurement, Supply Chain, R&D, Legal and Privacy to conceptualize and require contract security provisions for remediation of risk identified in vendor assessments specific use cases and third-party engagements.
  • Experience with industry-recognized Cybersecurity and Governance, Risk and Compliance (GRC) systems and applications such as Process Unity, CyberGRX, BitSight and Recorded Future along with familiarity with Shared Assessment methodology.
  • Able to develop effective, collaborative relationships with all levels of internal and external stakeholders.

Qualifications

Who You Are
  • Practical experience in technology risk and control or IT audit, including experience in project governance/management and understanding of business processes, key IT risk/controls, organizations, markets, retail, and/or manufacturing.
  • Strong communication skills, influence/negotiation skills, attention to detail, conflict management experience, analytical skills, and measurement/visualization ideas. Ability to problem-solve, think creatively, challenge the status quo, and manage ambiguity.
  • Ability to communicate complicated or technical information to executives, including proven ability to work both independently and as part of a team, with stakeholders at all levels.
  • Proficient in Microsoft Suite of products including Visio, Excel, Word, and PowerPoint. Proficient in English as a business language.
  • Experience handling, securing, and communicating highly confidential and sensitive information.

Job: Information Technology

Primary Location: Asia Pacific-MY-14-Wilayah Persekutuan

Job Type: Standard

Schedule: Full-time

Shift: 1st (Day) Shift

Job Number: 2412174
Similar Jobs

1d ago

Land Surveyor
AxiCom Sdn. Bhd.
Bandaraya Melaka, Malaysia

Full Time, onsite, onsite

Salary undisclosed