Advisor, ITD and Head, Cybersecurity and Compliance Unit

IMPORTANT INFORMATION:

This is a fixed term appointment or assignment for senior staff, for a period of three (3) years. This opening is open to internal and external applicants.

If you are selected as an external candidate, the appointment may be extended for a period of up to 3 years per extension, or not renewed. In case of extension, staff may continue in the position for another term of up to 3 years.

The appointment may be extended for a period of up to 3 years per extension, or not renewed. In case of extension, staff may continue in the position for another term of up to 3 years. Also, if the staff selected has a regular appointment, staff will retain the regular appointment and their selection will be considered an assignment for an initial fixed period of up to 3 years. If the staff selected has a fixed term appointment, their previous appointment will cease, and they will be given a new fixed term appointment for an initial term of 3 years.

At the end of the initial period, ADB, as its discretion may: (a) renew a fixed term appointment or assignment, or (b) not renew a fixed term appointment.

Fixed-term appointments or assignments for senior staff are subject to terms and conditions determined by ADB as indicated in all relevant policies.

Overview

Asian Development Bank (ADB) is an international development finance institution headquartered in Manila, Philippines and is composed of 68 members, 49 of which are from the Asia and Pacific region. ADB is committed to achieving a prosperous, inclusive, resilient, and sustainable Asia and the Pacific****, while sustaining its efforts to eradicate extreme poverty. ADB combines finance, knowledge, and partnerships to fulfill its expanded vision under its Strategy 2030.

ADB only hires nationals of its 68 members.

The position will be head of the Cybersecurity and Compliance Unit (ITOD-CS) within the Information Technology Department (ITD). ITD manages the information systems and technology services required for ADB’s Headquarters and Field Offices. ITOD-CS sets the Information Security standards, policies, incident management and Business Continuity approaches for Technology within ADB. The team also monitors compliance with the standards and policies within ITD.

To view ADB Organizational Chart, please click here.

Job Purpose

The Advisor, ITD and Head, Cybersecurity and Compliance Unit develops, implements, drives, and monitors the enterprise vision, charter, strategy, and program for information security and IT risk management for ADB.

S/he acts as the authority for the development and enforcement of organization security strategy, standards, and policies, and has ultimate responsibility for ensuring the protection of corporate information. S/he guides the design and continuous improvement of the IT security architecture and Cyber Risk Maturity Model that balances business needs with security risks. S/he advises the board and top executives on all security matters and sets directions for complying with regulatory inquiries, legal and compliance regulations, inspections, and audits. S/he is an expert in cyber security compliance standards, protocols, and frameworks, as well as the Cyber Security Risk Management Framework.

S/he keeps abreast of cyber-related applications and hardware technologies and services and is constantly on the look-out for new technologies that may be leveraged to enhance work processes, or which may pose potential threats. S/he is an inspirational and influential leader, who displays sound judgement and decisiveness in ensuring that corporate information is well protected and secured. S/he is strategic in his/her approach toward resource management and capability development among her/his teams.

S/he directs and manages an independent assurance program for cybersecurity to assess, monitor and report on the operating effectiveness of security controls. Proactively and effectively reports on information security priorities, top risks, and action plans.

S/he is responsible to formulate, implement, and manage institutional information security strategies and programs designed to protect ADB’s information technology (IT) systems and information from illegitimate access and reduce/mitigate information security risks across the organization. S/he leads programs and processes to monitor the emergence of new threats and vulnerabilities, assessing impacts, and driving responses, as appropriate (incident response policies and standards). S/he leads the development and maintenance of a security and risk management functional capability and framework that defines and manages ITD’s overall approach to information risk and control that aligns with ADB’s risk management strategy.

S/he ensures that clear and timely business advice is provided to management on key information security and assurance issues and that information security and risk is adequately represented on relevant business/governance forums and is known, well-integrated, and addressed across the organization. Maintain and implement business continuity and disaster recovery strategies and solutions to ensure organizational resiliency for ADB. Facilitate information security governance through the implementation of a hierarchical governance program, including the formation of an information security steering committee or advisory board. Lead and manage the information security team.

S/he will report to Director General, ITD and may supervise International, National, and Administrative staff.

Responsibilities

a. Information Security Strategy, Policies, and Standards

b. Incident Response Management

c. Information Risk Management

d. Business Continuity Management

e. Business Relationship Management and Communications

f. Cyber Security Advisory

Qualifications

Relevant Experience & Requirements

General Considerations

The selected candidate, if new to ADB, is appointed for an initial term of 3 years.

ADB offers competitive remuneration and a comprehensive benefits package. Actual appointment salary will be based on ADB’s standards and computation, taking into account the selected individual’s qualifications and experience.

ADB seeks to ensure that everyone is treated with respect and given equal opportunities to work in an inclusive environment. ADB encourages all qualified candidates to apply regardless of their racial, ethnic, religious and cultural background, gender, sexual orientation or disabilities. Women are highly encouraged to apply.

Please note that the actual level and salary will be based on qualifications of the selected candidate.