Sign in

Risk and Cybersecurity Manager

: Chemonics International, Inc.

: Nonprofits / องค์กรไม่แสวงหาผลกำไร

: 1861

: 4 October 2022

29 October 2022

Position Title: Risk and Cybersecurity Manager

Duty Station: Bangkok, Thailand

Classification: Long-term professional

Desired Start Date: As soon as possible

Closing Date: 29 October 2022

 

Chemonics seeks a Risk and Cybersecurity Manager to support several USAID-funded projects based in Bangkok, Thailand. Chemonics International is a US-based international development consulting firm operating in over 80 countries. Our mission is to promote meaningful change around the world to help people live healthier, more productive, and more independent lives.

 

The Risk and Cybersecurity Manager will develop strategic and tactical plans for overall project risk management. They will establish the governance framework for project information security to provide assurance that information security strategies are consistent with applicable laws and regulations in addition to existing USAID cybersecurity risk mitigation measures. They will identify key security initiatives and programs through a risk-based approach. They will communicate new security initiatives and risks to senior management and stakeholders to ensure that information risk is understood and identified. They will monitor and report the performance of the security program to senior management and advise them on the impact of the project’s key risks.

 

The Risk and Cybersecurity Manager will liaise frequently with Chemonics’ Washington office project management unit (PMU) and cybersecurity teams based in Washington, D.C. to ensure smooth coordination and support for ongoing project operations. We are looking for individuals who have a passion for making a difference in the lives of people around the world.

 

Specific Tasks and Responsibilities

The Risk and Cybersecurity Manager will have the following tasks and responsibilities:

• Analyze and correlate physical and information security events to identify appropriate event handling actions.
• Assess operational and implementation costs and evaluate them against the potential business impact if security policies and controls are not implemented.
• Assess the effectiveness of the measures against security risk management plan.
• Develop IT security policy and operational procedures based on information collected.
• Develop a documented action plan containing policies, practices, and procedures that mitigate the identified risks.
• Document information related to IT security attacks, threats, risks, and controls.
• Establish a standard methodology for performing security tests in accordance with security requirements.
• Establish review procedures based on the project security risk management plan.
• Evaluate effectiveness of current incident response plan against industry best practices.
• Evaluate response plans periodically to ensure relevance.
• Identify threats and risks that are relevant to project operations and systems.
• Monitor the effectiveness of action plans in addressing information risks.
• Obtain corporate management's endorsement of security policies, standards, and procedures by articulating cost and benefits.
• Perform comparative analysis of security service performance level parameters against security information sources.
• Prepare information security performance report based on results from analysis and correlation of information security events.
• Rate and categorize potential security incidents.
• Recommend suitable enhancements to improve information security performance.
• Review business and security environment to identify existing requirements.
• Review security policies, standards, and procedures by considering the threats identified and other information collected.
• Test incident response plans periodically to ensure response times and executed procedures are acceptable.

 

Qualifications

• Bachelor’s degree in computer science (including programming/networking), information systems, infocomm security management, network security, digital forensics, or related field required.
• Minimum five (5) years of experience in progressively more challenging roles required.
• Experience supporting USAID and/or large INGO projects preferred.
• Experience in South and Southeast Asian security contexts is required.
• Strong individual initiative and ability to manage daily activities and achieve expected results with or without direct oversight.
• Demonstrated leadership, versatility, and integrity.
• Professional proficiency in written and spoken English required; fluency in Thai and/or Myanmar language is strongly preferred.
• Thai national or non-Thai who can work legally in Thailand.

 

 

Application Instructions

Please send an email with your CV attached and include “Risk and Cybersecurity Manager” in the subject line to thailandoffice@chemonics.com no later than October 29, 2022. Applications will be reviewed on a rolling basis. No telephone inquiries, please. Only finalists will be contacted.

 

Chemonics is an equal opportunity/Affirmative Action employer and does not discriminate in its selection and employment practices. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, political affiliation, sexual orientation, gender identity, marital status, disability, protected veteran status, genetic information, age, or other legally protected characteristics. Military veterans, AmeriCorps, Peace Corps, and other national service alumni are encouraged to apply.

 

Contact: thailandoffice@chemonics.com

Contact : thailandoffice@chemonics.com

---

ไอที / ITนักพัฒนาโครงการ / Creative project developerเจ้าหน้าที่ประจำสำนักงาน / Officerเจ้าหน้าที่ภาคสนาม / Field officerนักวิจัย / Researcherนักสื่อสารออนไลน์ / Online communication