Chief Privacy Protection and Cybersecurity Compliance Expert

Position: Chief Privacy Protection and Cybersecurity Compliance Expert (Asia Pacific)

As the Chief Privacy Protection and Cybersecurity Compliance Expert, you will be responsible for leading the development and execution of privacy and cybersecurity strategy across the Asia Pacific region. Your role will encompass policy formulation, regulatory intelligence, risk assessment and mitigation, crisis management, capability development, and frontline support for legislative and regulatory engagement.

Work Location: Malaysia Kuala Lumpur

Responsibilities:

1. Develop and implement Asia Pacific regional privacy and cybersecurity policies, strategies, standards, and specifications, while supporting local representative offices in adapting and optimizing these local frameworks.
2. Monitor and analyze evolving legal and regulatory trends across the region, conduct risk assessments, and design control measures; facilitate reviews of local representative offices regulatory insights and support national-level risk analysis.
3. Lead regional privacy and cybersecurity incident response planning, including preparation of response plans, organization of simulation drills, and capability development; provide guidance to local representative offices in building crisis response readiness.
4. Conduct governance reviews and inspection across Asia Pacific regional countries to assess compliance status, identify gaps, and drive improvement actions.
5. Serve as subject matter expert in legislative feedback on privacy protection and cybersecurity regulatory communications; lead professional teams on key projects and collaborate with local representative offices to implement external engagement strategies.
6. Design and deliver training programs to enhance the competency of privacy and cybersecurity personnel across the region and national-level, including CSPOs, DPOs, and related personnel.

Requirements:

1. In-depth knowledge of key privacy and cybersecurity standards and frameworks (e.g., ISO 27001, ISO 27701, NIST CSF, NIST Privacy Framework,etc).
2. Familiarity with privacy and cybersecurity legal and regulatory landscapes across key APAC markets.
3. Proven experience in Governance, Risk, and Compliance (GRC) methodologies.
4. Understanding of core business operations and the ability to align security programs with business objectives.
5. Strong regulatory analysis skills, with the ability to identify emerging risks and propose practical mitigation strategies.
6. Demonstrated experience in managing privacy/cybersecurity incidents and leading crisis response efforts.
7. Ability to develop stakeholder communication strategies, prepare briefing materials, and conduct effective presentations.
8. Hold at least one internationally recognized certification in cybersecurity or privacy (e.g., CISSP, CIPM, CIPP, CISM).
9. High degree of professionalism, integrity, and attention to detail.
10. Excellent communication, collaboration, and interpersonal skills.

Professional abilities required for the job:

1. Policies and strategies that satisfy both compliance requirements and business needs, approved by regional and local leadership.
2. Timely regulatory trend analysis and impact assessments for the Asia Pacific regional.
3. Documented risk analyses and control measures integrated into the organization's compliance management system.
4. Established and trained Privacy SWAT team, supported by scenario-based contingency plans and regular crisis drills.
5. Annual audit plans executed, with clear reporting and actionable improvement recommendations.
6. Effective representation in regulatory dialogues and external communications that enhance organizational reputation.
7. Regular training delivered to management and staff to ensure ongoing capability uplift and compliance awareness.

Experience:

1. Have at least 8 years of experience in cyber security and privacy protection-related roles or directly in frontline customer-facing positions.