We are in need of an enthusiastic Information Security Manager to join our vibrant team at EUROFINS GSC IT MALAYSIA SDN. BHD. in George Town, Penang.
Growing your career as a Full time Information Security Manager is a promising opportunity to develop essential skills.
If you are strong in teamwork, negotiation and have the right aptitude for the job, then apply for the position of Information Security Manager at EUROFINS GSC IT MALAYSIA SDN. BHD. today!
Specific Assignments:
- Lead local Information Security Function individually.
- Ensure consistent, high-quality information security management aligned with business goals and Group Security Standards.
- Collaborate with Group Information Security team, Regional Information Security Officer, Local IT Infrastructure, and IT Solution teams for IT 2020 vision implementation.
- Manage security projects and run Program Management & Reporting initiatives.
- Collaborate with Group IT Security team and Regional Information Security Officer to define/review/apply standards and drive local action plans.
- Contribute to security programs, serve as local IT Security point of contact.
- Ensure consistency, foster collaboration, promote synergies, and share best practices across the local environment.
- Ensure compliance with data privacy laws and global regulatory requirements.
- Perform internal and external information security risk assessments, reporting, and oversight of treatment efforts.
- Embed security in project delivery, providing appropriate information security policies, practices, and guidelines.
- Ensure Group IT (Infra and Security) standards are implemented and adhered to.
- Consult with IT and Business Lines staff to integrate security controls into evaluations, selections, installations, and configurations.
- Collaborate with Group & Regional Security teams for integrating newly acquired companies.
- Execute internal and external risk assessment activities, analyze results, and produce risk mitigation strategies.
- Manage incidents in the region, providing timely solutions and communication to stakeholders.
- Provide consultations and best practices with business owners, interacting on IT Security needs.
- Conduct or support regular penetration tests, vulnerability assessments, or application security assessments.
- Perform day-to-day delivery of IT Security Operations and projects, continuously improving posture, operations, and services.
- Periodically review IT Infra & Security postures in cooperation with Group IT 3rd line of defense team.
Required Profile:
- Security professional with 8-10 years of experience, including 2-3 years in a managerial role.
- Bachelor’s degree in Computer Science or related field, advanced degree preferred.
- Experience in Project Management/Program Management.
- Preferred certifications: CISM, CISSP, or PMP.
- Practical hands-on experience in various security programs.
- Knowledge of ITIL with respect to security administration in a multiplatform environment.
- Experience with on-premise, hybrid, and cloud data center and application hosting strategies.
- Strong Emotional Intelligence and sustained leadership in a large organization.
- Effective communication skills, fluency in local language and English.
- Good understanding of IT technology for overseeing cybersecurity and risk management activities.
- Ability to work with Infrastructure team for changes and upgrades.
- Knowledgeable about internal and external business environments, ensuring compliance with legal, regulatory, and contractual obligations.
- Comfortable managing multiple priorities, ambiguity, and a rapidly changing business environment.
- Strong understanding of the business impact of security tools, technologies, and policies.
- Experience in working with legal, audit, operations, and compliance staff.
- Experienced in developing and maintaining policies, procedures, standards, and guidelines.
- Familiarity with common information security management frameworks, such as ISO 2700x, ITIL, COBIT, Sarbanes-Oxley Act, HIPAA, EU Privacy Directives, J-SOX, and GxP standards.
- Experience working in strong governance-driven industries and knowledge of ISO 27000.
Benefits of working as a Information Security Manager in George Town, Penang:
● Unlimited Growth Potential
● Professional Development Opportunities
● Competitive salary