ISMS Manager (ISO 27001)

Headquartered in Tokyo, Sumitomo Mitsui Banking Corporation (SMBC) is a leading global financial institution and a core member of Sumitomo Mitsui Financial Group (SMBC Group). Built upon our rich Japanese heritage since 1876, we put our customers first and provide seamless access to, from and within the Asia Pacific region.   SMBC is one of the largest Japanese banks by assets and maintain strong credit ratings across our global integrated network.  We work closely as one SMBC Group to offer personal, corporate and investment banking services to meet the needs of our customers.

With sustainability embedded within our strategy and operations, we are committed to creating a society in which today’s generation can enjoy economic prosperity and well-being, and pass it on to future generations.

Job Responsibilities:

1. Responsible in designing, implementing, and managing the ISO 27001 framework, ensuring systematic compliance with its requirements.
2. Leads risk assessments, gap analyses, and control implementation, which are foundational to certification success.
3. Align ISO 27001 with local and international regulatory standards reducing legal and compliance risk.
4. Ensures the institution builds effective business continuity, disaster recovery, and incident response processes as part of ISO 27001.
5. Acts as a central point of accountability, ensuring consistent application of policies and controls.
6. Serves as the primary liaison with external auditors, ensuring audit readiness, maintaining required documentation, and responding to findings.
7. Drives training and awareness programs to promote a security-first culture across the organization-an ISO 27001 requirement.
8. Ensures that the management system stays dynamic and aligned with evolving threats and business needs.
9. Ensures that data confidentiality, integrity, and availability are proactively managed through robust controls.

Job Requirements:

1. Diploma/University Graduate/Degree holder/Professional Qualification/Certification.
2. Must possess minimally with at least ISO/IEC 27001 Lead Implementer or ISO/IEC 27001 Lead Auditor certification.
3. Good communication and interpersonal skills.
4. Ability to effectively prioritize workload to meet tight deadlines and work objectives.
5. Proficiency with Microsoft applications e.g. Microsoft Word and Microsoft PowerPoint.