IT Executive

Add expected salary to your profile for insights

Zuellig Pharma is a leading healthcare solutions company in Asia, and our purpose is to make healthcare more accessible to the communities we serve. We provide world-class distribution, digital, and commercial services to support the growing healthcare needs in this region.

The company was started a hundred years ago and has grown to become a multibillion-dollar business covering 17 markets with over 12,000 employees. Our people serve more than 200,000 medical facilities and work with over 450 clients, including the top 20 pharmaceutical companies in the world.

Purpose of the Role:

• Collaborate with other departments to ensure cybersecurity policies align with organizational goals.
• Develop and execute a cybersecurity roadmap that aligns with the organization's business objectives.
• Stay updated on emerging threats, technologies, and best practices to continuously improve the organization's security posture.
• Manage budgets for cybersecurity tools, network upgrades, and server maintenance.
• Communicate cybersecurity risks, incidents, and remediation efforts to senior management and other stakeholders.
• Provide regular updates on the organization's security posture and compliance status.

Expectations of the Role:

• Ensure strict implementation and adherence of ZPMY to ensure consistency in maintaining security hygiene.
• Conduct security assessments, with guidance from the Regional Security Team across ZPMY information assets such as networking devices, servers, database systems, and web applications/websites through ZMY and provide reports with remediation activity progress in rectifying the identified security vulnerabilities.
• Evaluate and recommend improvements on network security infrastructure, with a focus on Managed Unified Threat Management (UTM) systems, NAC, and adapt security baseline standards.
• Liaise with the internal team and critical enabling functions group such as HR, Business Operations, Legal, and other necessary parties for related Data Privacy and Protection programs.
• Assist the ZP Cybersecurity team for ISO 27001 and ISO 27701 initiatives and programs for ZP enterprise.
• Technical assessment of security access requests from ZP end-users regarding the website access request, email domain reputation review (whitelist or blacklist request), Office 365 access control security, Audit Logging solution, ZP mobile device and application management, and other security solutions handled by the ZP Cybersecurity team.
• Participate and lead Internal and external audit initiatives and programs for ZPMY related to IT and Cybersecurity, which also involves monitoring the status and completion of IT audit actionable items for ZPMY Market.
• ISO 27001 Information Security Management System audit initiatives and preparations – document management and control, preparing stakeholders for ISMS audit (e.g., perform workstation audit readiness), creation of necessary standards, procedures, & workflows and other assigned tasks related to ISMS.
• Coordinate with Information Security Officers of business units and/or IT Support of the business units for any related security initiatives for ZPMY.

Attributes Required:

Must-Have:

• Experience in the field of Cybersecurity, Information Security with a strong background in technology network security & IT Security solution implementations.
• Experience in implementing IT Security Solutions.

Advantage to Have:

• Experience in managing the mentioned security applications above.
• Experience in handling and facilitating Cybersecurity incidents.
• Experience in performing and analyzing the logs and activities of networks, servers, virtual environments, and systems.
• Experience in web application security hardening.
• Experience in Cloud Infrastructure Security (Microsoft Azure and Google Cloud Platform).
• Familiarity with performing risk assessments in alignment with industry standards such as ISO 31000, etc.
• Knowledge of ISO 27001 ISMS and IT Security processes, concepts, and technologies.
• Basic concepts on ISO 27701 Privacy Information Management Systems.

Please write to us to express your interest or you may submit your job application online.