company logo

Information Security Management Manager

KKCompany Technologies

Office

Taipei, Taipei, Taiwan

Full Time

Team Segment : Corporate

KKCompany Technologies, Asias leading AI multimedia technology group is dedicated to creating values for customers with core businesses of multimedia technologies, digital cloud, and AI applications.

At KKCompany, we believe in Innovation Made Simple, and technology is the answer to the struggles faced by every industry. Since its establishment two decades ago, KKCompany has expanded its portfolio, including KKBOX, BlendVision and Going Cloud. KKBOX is the worlds first platform bringing legal music streaming service to the public. It utilizes state-of-the-art streaming technology to enable excellent user experience. Our flagship brands and a base of international clients enable us to accumulate extensive data and advance analytical capabilities. The strengths along with our abundant experience in brand management help businesses achieve digital transformation successfully. We serve over tens of millions of consumers and enterprise clients in Asia cross a broad spectrum of industries such as telecommunication, multimedia, online education, fitness, smart retail and more.

KKCompany now has nearly 500 employees across offices in Tokyo, Singapore, Taipei, Kaohsiung, and Hong Kong.

Overview: 

We are seeking an experienced Information Security Management Manager to lead KKCompany's information security and privacy compliance initiatives. You will be responsible for the development, maintenance, and enhancement of the company's ISMS and PIMS, ensuring continual alignment with international standards such as ISO 27001 and ISO 27701, as well as regulations including GDPR and PDPA. In this role, you will drive strategic risk management, oversee internal and external audits, develop comprehensive policies, and foster a security- and privacy-first culture across the organization. Working closely with leadership, global stakeholders, and cross-functional teams, you will play a key role in safeguarding KKCompany's information assets and reputation.

Responsibilities:

    • Lead and continuously improve the ISMS and PIMS, ensuring compliance with ISO 27001, ISO 27701, GDPR, PDPA, and related regulatory requirements
    • Track regulatory updates, manage internal and external audits (including third-party assessments), and coordinate remediation plans through completion
    • Conduct enterprise-wide security and privacy risk assessments, including Business Impact Analyses (BIA), Privacy Impact Assessments (PIA), and oversee mitigation actions
    • Develop, update, and enforce information security and privacy policies, standards, and procedures, managing the full lifecycle of documentation
    • Work closely with engineering, product, and business teams to implement policies into effective controls and processes, guiding and supporting the implementation of ISMS and PIMS requirements across the organization
    • Design and deliver effective security and privacy awareness training, executive briefings, and incident-response exercises
    • Coordinate incident-response readiness, including tabletop drills, escalation workflows, and post-incident reviews
    • Provide strong leadership to your team, including setting objectives, coaching professional development, and managing performance

    Requirements:

    • Minimum five years of experience in information security, privacy, or compliance, including two years in a leadership capacity
    • ISO 27001 Lead Auditor or Lead Implementer certification and ISO 27701 Lead Auditor certification (or an equivalent privacy qualification)
    • Strong knowledge of ISMS and PIMS frameworks, as well as global privacy laws and regulations such as GDPR and PDPA
    • Demonstrated experience leading enterprise-level risk assessments, managing audits, and developing policy frameworks
    • Excellent cross-functional communication and presentation skills, with the ability to produce clear, concise documentation
    • Proficiency with collaboration and tracking tools such as GitLab or Jira, and solid project-management fundamentals

    Nice to Have:

    • Managerial experience from a leading global professional services firm (e.g., Deloitte, EY, KPMG, PwC)
    • Experience in software, internet services, or cloud-based business environments
    • Certifications such as CISM, CISA, or CISSP
    • Foundational cloud certification or hands-on experience with major cloud platforms (e.g., AWS, Azure, GCP)
    • Practical experience in supply-chain security assessments
    • Proven capability leading multi-jurisdiction compliance programs and collaborating effectively across diverse teams

    Information Security Management Manager

    Office

    Taipei, Taipei, Taiwan

    Full Time

    August 3, 2025

    company logo

    KKCompany Technologies