IT Security Governance Specialist

• Attractive Remuneration Package
• Enhance your Development Skills

About Our Client

Our client holds the position of being the leading provider of financial services in Malaysia and maintains significant operations across Southeast Asia.

Job Description

• Propose and revise Group IT Security Policies and Standards for Regional & Overseas Units to ensure adherence to local regulations and industry standards.
• Establish Regional IT Security Governance processes that align with the Bank's strategic direction.
• Assess and mitigate IT risks associated with projects to maintain desired levels of Confidentiality, Integrity, and Availability.
• Offer proactive IT security consultancy and guidance on policies, standards, and best practices across the Group.
• Interpret and enforce regional regulatory compliance within Maybank Group based on Intra-Outsourcing agreements.
• Facilitate timely execution and resolution of security assessment exercises.
• Raise awareness of IT Security Processes through educational programs for project teams and MSS team.
• Review change and firewall requests to verify compliance with the Bank's policies and standards.
• Detect and address potential and actual security issues to protect information system assets.

The Successful Applicant

• Hold a professional qualification, preferably a Bachelor's Degree in Computer Science with a focus on Security, Network, or Computer Systems.
• Possess expertise in information security, encompassing compliance assessment, policy development, and industry standard frameworks like ISO 27001, PCI-DSS, NIST, CIS, etc., ideally within the Financial Services sector, with additional experience in service continuity.
• Have knowledge of regulatory requirements and guidelines from regional Financial Services Institution (FSI) regulators such as MAS, BI, BSP, BNM RMIT, PBOC, HKMA, etc.
• Demonstrate proficiency in network components, related protocols, security products/solutions/concepts, and have a deep understanding of vulnerabilities in operating systems, databases, and major applications, along with the ability to address these vulnerabilities.
• Possess experience in crafting enterprise and operational-level security policies, standards, and processes, including email & internet policy, password management processes, etc.
• Skilled in delivering training sessions, with strong presentation and negotiation skills.
• Exhibit excellent written and verbal communication abilities in English, essential for effectively communicating security messages and practices, contributing to security documentation, and presenting ideas in a business-friendly manner.
• Have experience in engaging with various stakeholders.

What's on Offer

Attractive Remuneration Package, Cutting-Edge Technology Exposure, Collaborative Team Environment

Contact

Ee Lynn Cheah

Quote job ref

JN-042024-6401161

Phone number