OUR STORY
At ST, we believe in the power of technology to drive innovation and make a positive impact on people, business, and society. We are a global semiconductor company, and our advanced technology & chips forms the hidden part of the world we live in today.
When you join ST, you will be part of a global business of more than 115+ nationalities and present in 40 countries, 50,000+, diverse and dedicated creators & makers of technology around the world!
Developing technologies takes more than talent: it takes amazing people who understands collaboration and respect. People with passion and desire to disrupt the status quo, push boundaries and drive innovation – whilst unlocking your own potential.
Do you thrive on building secure and resilient information systems? Are you passionate about staying ahead of evolving cyber threats? If so, we want to hear from you!
ST is seeking a talented and motivated Site Information Security Officer for the site of Muar. You will play a key role in safeguarding our digital and industrial solutions and ensuring compliance with cybersecurity regulations and industry standards.
The purpose of the job is to ensure that local information security risks are identified and managed, and that the company information security framework is implemented at the site. This involves improving cybersecurity awareness, participating to cybersecurity incident management or ensuring that site services and local IT/industrial solutions are properly managed for security.
Main responsibilities:
- Cybersecurity assurance: run regular security reviews at the sites to ensure compliance with ST policies and procedures.
- Manage local cybersecurity risks: leveraging on your cybersecurity expertise, identifying and assessing security risks, documenting them in the site infosec risk register, and following their treatment.
- Run quarterly meetings with site management to share the cybersecurity posture of the site and agree on the prioritization of actions.
- Be the cybersecurity interface for local certification, regulatory or customer audits.
- Third-party risk management: ensure that selection and management of local suppliers follows the cybersecurity rules.
- Promote a strong security culture at the site, running impactful campaigns to raise users’ awareness on cybersecurity risks and expected behavior.
- Support the CyberSOC/CSIRT in the management of local cybersecurity incidents.
- As the cybersecurity technical reference contact for the sites, that ensure local IT solutions comply with the cybersecurity framework and the technical architecture of the cybersecurity zoning at the sites.
- Perform day-to-day cybersecurity operations that require an assessment, such as supporting the preparation of security exception requests, reviewing requests for services requiring Site Infosec Officer approval, or participating to IT CAB(s) to ensure right placement in cyber security zones.
Skills:
- 5+ years’ experience covering several cybersecurity domains.
- Ability to cover the entire scope of cybersecurity.
- Expertise in several cybersecurity domains (such as network, system, application, incident management, awareness, vulnerability management, audit and risk assessment…).
- Master in cybersecurity, IT or equivalent experience.
- Language spoken at the site is a must.
- Fluency in English within a professional context (written and spoken).
- Security certification (such as CISSP, CISM) is a plus.
Soft Skills:
- Excellent communication and influence skills, to interact with people at all levels of the organization
- Ability to translate technical aspects into risks and communicate clearly on those risks
- Strong integrity, rigor and proactivity is a must.
Working at ST means innovating for a future that we want to make smarter, greener, in a responsible and sustainable way. Our technology starts with you. Join us and start the future!
To discover more, visit st.com/careers