GoKardz
IT Security
Kuala Lumpur, Kuala Lumpur, Malaysia
Full Time/Permanent
Onsite
Oct 04, 2024
IT Security
Kuala Lumpur, Kuala Lumpur, Malaysia
Full Time/Permanent
Onsite
Sep 30, 2024
Engineering
Kuala Lumpur, Kuala Lumpur, Malaysia
Full Time/Permanent
Hybrid
Sep 11, 2024
IT Security
Kuala Lumpur, Kuala Lumpur, Malaysia
Full Time/Permanent
Onsite
Aug 29, 2024
Software & Web Development
Kuala Lumpur, Kuala Lumpur, Malaysia
Full Time/Permanent
Onsite
Oct 17, 2024
Bank Operation
Kuala Lumpur, Kuala Lumpur, Malaysia
Full Time/Permanent
Onsite
Oct 09, 2024
Bank Operation
Kuala Lumpur, Kuala Lumpur, Malaysia
Full Time/Permanent
Onsite
Oct 09, 2024
Bank Operation
Kuala Lumpur, Kuala Lumpur, Malaysia
Full Time/Permanent
Onsite
Oct 09, 2024
Bank Operation
Kuala Lumpur, Kuala Lumpur, Malaysia
Full Time/Permanent
Onsite
Oct 09, 2024
Engineering
Kuala Lumpur, Kuala Lumpur, Malaysia
Full Time/Permanent
Hybrid
Oct 09, 2024
Full Time/Permanent
Onsite
Oct 04, 2024
Bank Operation
Kuala Lumpur, Kuala Lumpur, Malaysia
Full Time/Permanent
Onsite
Oct 04, 2024
Bank Operation
Kuala Lumpur, Kuala Lumpur, Malaysia
Full Time/Permanent
Onsite
Oct 04, 2024
Bank Operation
Kuala Lumpur, Kuala Lumpur, Malaysia
Full Time/Permanent
Onsite
Oct 04, 2024
Engineering
Kuala Lumpur, Kuala Lumpur, Malaysia
Contract
Onsite
Sep 27, 2024
Engineering
Kuala Lumpur, Kuala Lumpur, Malaysia
Contract
Onsite
Sep 27, 2024
Sales & Business Development
Kuala Lumpur, Kuala Lumpur, Malaysia
Full Time/Permanent
Onsite
Sep 25, 2024
Bank Operation
Kuala Lumpur, Kuala Lumpur, Malaysia
Full Time/Permanent
Onsite
Sep 25, 2024
Head, IT Security Governance And Assurance
IT Security (1)
Kuala Lumpur, Kuala Lumpur, Malaysia
Full Time/Permanent
First Shift (morning)
Onsite
Posted on Aug 12, 2024
Qualifications Required
Diploma
Experience Required
10 - 18 years
Description

JOB PURPOSE :

  1. Provide thought leadership and direction for IT Security team to effectively manage team work load, quality deliverables, performance and talent in delivering a systematic, proactive, approach that balances IT risk and business objectives and align with the Bank’s strategy
  2. Develop, maintain and champion IT Security Program, including strategy, framework, Group/Regional policies, process, and metrics by identifying and assess the emerging IT risk and security threats
  3. Identify, evaluate, protect against and report on IT Security risk in a manner that meets regional compliance and regulatory requirements and align with and support the risk posture of the Bank
  4. Driver to provide the appropriate access, protection, confidentiality, integrity and availability of enterprise system and data through effective security controls
  5. Key point of contact and subject matter expert for issues and projects related to IT Security
  6. Advocate, lead and drive the Enterprises IT Security Awareness programmes via Process clinics, workshops, email communications, security bulletins and e-learning activities Group-wide and across the region to instil a compliance culture from a business and information security perspective
  7. Provide security architectural vision, roadmap and standards for Bank
  8. Ensure Processes are in place to ensure that our security architecture remains current and aligns with industry best practices.

PART 3: KEY ACCOUNTABILITIES & OUTCOMES

It pertains to what are the main areas in which a job must achieve end-results to achieve the purpose. Maximum of 8 Key Accountabilities only.

Principal Accountabilities

Describe the key activities that you are expected to achieve. Start with the most important

Outcomes/ deliverables targeted

Major Challenges in achieving the outputs

 

Accountability

 

Supporting Activities

Outcome/ deliverables

Challenges

Provide thought leadership and direction for IT Security team to effectively manage team work load, quality deliverables, performance and talent in delivering a systematic, proactive, approach that balances IT risk and business objectives and align with the Bank’s strategy

1.     Ensure sufficient trained/skilled resources for new initiatives as well as existing  workload

2.     Supervise, mentor, coach and provide feedback  to staff on their performance and deliveries

3.     Encourage staff for professional certification , training or external conference/ program to upkeep skills

1.     To build internal capabilities

2.     To reduce staff turnover

·     Build a team of skilled certified Security and Quality professionals with the up-to-date IT knowledge to meet the business demand. 

·     Continuously supervise/motivate/mentor/retain IT Security staff on their performance and deliveries

·     Shortage of resources

Develop, maintain and champion IT Security Program, including strategy, framework, Group/Regional policies, process, and metrics by identifying and assess the emerging IT risk and security threats

1.     Develop strong collaborative relationships within MSS and with business customers to understand long term business strategy and prepare appropriate IT Security recommendation and solution

2.     Working closely with regional IT Security Head in defining objectives and policies and standards

3.     Monitor IT Security trends and evolving technologies and assess against the current security posture and implication for the Bank

4.     Define security strategies, metrics, reporting mechanisms and program services

5.     Design and implement mechanism for education and governance, ensuring organizational and technical compliance with policies and requirements

6.     Proactively provides IT security consultancy/ advisory services  on policies, standards and best practices across the Group

7.     Make recommendations for new security controls based on the assessment performed

 

1.     To secure sensitive data and ensure information security and compliance with relevant legislation and regulatory requirements

2.     Enforcement of standard suite of policies, processes & solution across Group to address and mitigate security risk

 

 

·       Managing, communicating and understanding of regional & overseas units IT and  regulatory requirements as part of regionalization of bank Shared Services IT Security for the Bank’s regional operations and future aspirations

·       Alignment and comprehensive-ness of IT Security policies based on regulatory requirements from various countries

Identify, evaluate, protect against and report on IT Security risk in a manner that meets regional compliance and regulatory requirements and align with and support the risk posture of the Bank

1.     Work with business and across technology to identify current and/or potential security risk

2.     Prioritize and implement security controls to enable or improve security capabilities

3.     Conduct regular and on-going security health checks and reporting on Group wide compliance with IT Security Policies and Standards

1.     Mitigate the risk exposure of the Bank while aligning with business and Bank’s strategy

2.     Compliance with regional regulatory requirements

3.     Safeguard and protect the banks compliance rating among regulatory bodies

 

·       Enforcement of IT Security policies and controls internally and externally requires urgent syndication and escalation.

·        

Driver to provide the appropriate access, protection on  confidentiality, integrity and availability of enterprise system and data through effective security controls

1.     Stay abreast of latest IT leading practices and methodology, regulatory & compliance issues and industry risk trends

2.     Manage, plan and coordinate activities to protect the Bank

3.     Advice departments and project teams on the viability of new and liability of existing IT Security technologies or security practise in supporting mid and long term facilities and operational planning

 

1.     Promote security relationships between internal resources and external entities, including security solution providers, and partner organizations

2.     Safeguard the Bank enterprise system and data

·    Key driver to manage  a unified and flexible control framework to integrate and normalize the wide variety and ever-changing requirements resulting from global laws, standards and regulation

 

Key point of contact and subject matter expert for issues and projects related to IT Security

1.     Collaborate with internal and external team to ensure IT Security issues are responded in a timely manner

2.     Lead efforts to internally assess, evaluate and make recommendations to management and project team regarding the adequacy of the risk, security, compliance and system change controls for the enterprise

3.     Examine impacts of new technologies implementation on the overall enterprise information security

 

1.     To ensure the best balance between security strategies and business alignment

2.     To determine acceptable levels of risk for the organization

3.     To achieve a common goal in information security

4.     Implement secured infrastructure and operational efficiency

·     Continuously assess security and compliance posture of the Bank to ensure the risk exposure are mitigated to an acceptable level

·     Strong commitment and active involvement of management and relevant stakeholders are required for the success of enforcement

·     Dealing, liaising and managing staff complexity due to resistance in complying with

 

Advocates, lead and drive the Enterprises IT Security Awareness programmes via Process clinics, workshops, email communications, security bulletins and e-learning activities Group-wide and across the region to instil a compliance culture from a business and information security perspective

 

1.     Develop awareness strategy and communication plan for various channels i.e. e-learning, portal, workshops, training and IT events

2.     Drive and conduct Information Security Management communication and awareness programmes for the  entire IT Enterprise

3.     Conduct dip stick tests / feedback assessments to identify awareness levels and develop improvement plans

4.     Extend the IT Security eLearning module to cover regional offices

 

1.     Instill a compliance culture amongst staff

2.     Foster with effective IT Security awareness to all staff

3.     Reduced threats of security breaches through high staff awareness

4.     Reduction in  internal IT non –compliance

5.     Reduction in recurring audit issues and shortcomings

·     Constantly drive the effectiveness programs to create IT security awareness in bank Group

Maintain consistent relationship and engagement with Security solution providers and partners for latest security technology updates and market trend

1.     Continuously engagement with external security solution principals, distributors, vendors, and partner for latest security technology architecture updates and market trend

1.     Foster closer relationship with security solution providers, distributors and solution integrator to have fast track escalation and immediate response as and when the Bank requires

2.     Stay informed with the latest security threats and mitigation actions that available in the market to be implemented whenever necessary

 

 

EDUCATION :

Possess a professional qualification with a recognised Master/ Degree in Computer Science, IT or a related discipline.

EXPERIENCE :

IT Security related working experience in Financial Services Industry (FSI) - More than 10 years

Leadership or managerial experience - 6 to 10 years

CERTIFICATIONS/REGULATORY CERTIFICATIONS :

Possess professional certifications such as ITIL, COBIT, CISM, Six Sigma, CISA, CRISC & ISO 27001: 2005 Lead Auditor/Implementer or other related professional IT certifications will be an added advantage

JOB SPECIFIC SKILLS & COMPETENCIES REQUIRED :

  • Proven ability in security process and enterprise level security solution design, implementation and management experiences on security solutions
  • Ability to develop and guide the team to achieve high levels of performance
  • Highly self-motivated and directed
  • Experienced, energetic, engaging and visionary leader with sound knowledge of business management and a working knowledge of information security technologies to support enterprise mission
  • Knowledgeable leader to provide vision, strategy, broad-based planning and hands-on responsibility
  • Ability to act calmly and competently in high-pressure, high-stress situations
  • Strong presentation skills with proven ability to successfully interface with and influence at all levels (management, executive, technical staff and end user)
  • Excellent written and verbal communication skills with an emphasis on confidentiality, tact and diplomacy
  • Thorough understanding of security risk with the ability to make pragmatic business-focussed decisions
  • Strong focus on architectural governance and its implementation
  • Technical knowledge of security, with the ability to demonstrate practical application of controls

 

Required Skills
IT Security
IT Governance and Assurance
Leadership
IT Audit
IT Risk
English
Malay
Salary Range
Upto RM 30,000.00 Per Month
*GoKardz is recruiting on behalf of our client in the Banking sector. Powered by our cutting-edge digital identity platform, this opportunity is part of our platform-driven services that streamline and optimise talent acquisition for leading companies.
Back to Company
One card, Infinite Opportunities
Internet
4.33