IT & Data Regional Cybersecurity Manager APAC

Company: Danone

Category: Cybersecurity

Location: Malaysia

Experience: Executive-level

Employment: Permanent contract

Work type (remote): No

About the role

The role is responsible to deliver cybersecurity programs, capabilities and change management in the region. A self‑starter and able to drive transformation in an ambiguous environment. The role will require a sharp and fluid mind to adapt global priorities to regional strategy to enable a secure environment for the employer.

Key responsibilities

  • Be the key cyber contact for the region and manage relationships with the business, IT & DATA and Product Owners.
  • Articulate the value of cyber, understand cyber needs for the region (e.g., preventing and protecting crown jewel data and critical systems from cyber threats).
  • Provide subject matter advice, guidance and counsel for key stakeholders and accountable for driving cybersecurity in the region.
  • Drive cyber capability uplift for the region in line with central capabilities and work with the Zone Cyber lead and CISO team to drive change in the region.
  • Define regional KPIs to measure changes in the region, which feed into global KPIs.
  • Implement cyber policy in the regions and evaluate regional policy exceptions (e.g., evaluating the risks of asking for a policy exception, co‑solving to embed policies’ requirements operationally).
  • Run local cybersecurity risk assessments for critical projects and make recommendations.
  • Run regional training and awareness campaigns.
  • Support compliance assessments and work with local compliance to implement security controls for personal data.
  • Work with the Zone Cyber Lead and CISO team for escalations for crisis management.
  • Act as the incident response manager for the region, and respond to incidents occurring locally which affect critical assets such as intellectual property, regulated data, customer data and the company's reputation.
  • Monitor and remediate critical vulnerabilities, actions from penetration tests and the backlog of items from local incidents.

Requirements

  • A recognized degree or Master or professional qualification in Information Technology, Cyber Security, or related discipline.
  • At least more than 7 years experience in technology and cybersecurity risk or related domain.
  • Ability to apply risk and control frameworks.
  • Experience in conducting and management penetration testing and vulnerability management is a must.
  • Recognized information technology / security certifications, such as CISSP, CISM, CISA etc are a plus.
  • Must be able to connect and collaborate effectively with key stakeholders within the organisation.
Visit original vacancy

Updated: May 21, 2026 at 9:57 AM

We use cookies to personalize jobs, improve analytics, and keep your data secure.

Learn more