Overall in charge of Information Security matters (i.e. development of policies, standards and procedures in accordance to head office and local regulatory requirements, periodic reviews of system configuration and user access and system security logs to identify potential threats)
Research and review the latest Information Security threats.
Plan, develop, test and implement security measures to protect the Branch\xe2\x80\x99s information residing in/transmitting through various media/channels, such as computer systems, networks and storage media etc, and to implement measures to prevent / detect unauthorized access.
Work closely with Head Office on various tasks as required and ensuring best practices for the local office.
Advice senior management and stakeholders periodically on the latest threat intelligence and trends.
Provide regular reporting and updates to department head of any abnormalities & lapses which are not in compliance with the Group and Local Regulatory requirements.
Work closely with the Infrastructure and Support team on resolving daily IS-related issues
Participate in the testing of disaster recovery plans
Review and conduct Threats/Vulnerabilities assessment when alerted by local authorities
Review and validate annual Technology Risk Assessments, Participant Security Program Assessment and other IS-related assessments performed by IT Infrastructure & Support team.
Ensure adherence to Information Security and Data Protection best practices and regulations as issued from time-to-time from competent authorities.
Perform periodic and ongoing reviews to assess the adequacy of IS-related tools / measures (e.g. end-point Data Leak Protection, Anti-virus) and provide recommendations for enhancement to senior management.
End-to-End investigation into Security Breaches/Major Incidents resulted from Internal or External Attacks/Data Leakage, and to file incident reports to local senior management, Head Office and local regulator as appropriate, within the timeframe in accordance with the Group / local regulator\'s incident reporting guidelines.
Coordinate and facilitate IS-related internal/external audits and ensure any IS-related audit findings are remediated timely by the relevant stakeholders.
Escalation and operational risk incident to the bank\'s Operational Risk Coordinator promptly and to provide remediation within the assigned timeline.
Prepare and conduct regular Information Security awareness training.
Carry out any other tasks in related to Information Security as assigned by Management.
KEY COMPETENCIES
A Bachelor\xe2\x80\x99s degree in Computer Science or its equivalent.
Minimum 5 years\xe2\x80\x99 of experience in the areas of Information Security.
Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or similar credentials is advantageous
Technical knowledge & skillsets
Familiar with the following technologies - Privileged Access Management - Data Loss Prevention Technologies - Security Incident and Event Management (SIEM) - Networking concepts and protocols - Firewalls, IDS/IPS - Web Content filtering tools
Knowledge of local regulations (i.e. MAS TRMG), industry standards (i.e. ISO 27001) and ethics as they relate to cyber security.
Problem solving and organizational skills.
Excellent written & verbal in both communication & presentation skills
Beware of fraud agents! do not pay money to get a job
MNCJobz.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.