Job vacancy IT Security Governance Specialist

• Propose and revise Group IT Security Policies and Standards for Regional & Overseas Units to ensure adherence to local regulations and industry standards.
• Establish Regional IT Security Governance processes that align with the Bank's strategic direction.
• Assess and mitigate IT risks associated with projects to maintain desired levels of Confidentiality, Integrity, and Availability.
• Offer proactive IT security consultancy and guidance on policies, standards, and best practices across the Group.
• Interpret and enforce regional regulatory compliance within Maybank Group based on Intra-Outsourcing agreements.
• Facilitate timely execution and resolution of security assessment exercises.
• Raise awareness of IT Security Processes through educational programs for project teams and MSS team.
• Review change and firewall requests to verify compliance with the Bank's policies and standards.
• Detect and address potential and actual security issues to protect information system assets.

The Successful Applicant

• Hold a professional qualification, preferably a Bachelor's Degree in Computer Science with a focus on Security, Network, or Computer Systems.
• Possess expertise in information security, encompassing compliance assessment, policy development, and industry standard frameworks like ISO 27001, PCI-DSS, NIST, CIS, etc., ideally within the Financial Services sector, with additional experience in service continuity.
• Have knowledge of regulatory requirements and guidelines from regional Financial Services Institution (FSI) regulators such as MAS, BI, BSP, BNM RMIT, PBOC, HKMA, etc.
• Demonstrate proficiency in network components, related protocols, security products/solutions/concepts, and have a deep understanding of vulnerabilities in operating systems, databases, and major applications, along with the ability to address these vulnerabilities.
• Possess experience in crafting enterprise and operational-level security policies, standards, and processes, including email & internet policy, password management processes, etc.
• Skilled in delivering training sessions, with strong presentation and negotiation skills.
• Exhibit excellent written and verbal communication abilities in English, essential for effectively communicating security messages and practices, contributing to security documentation, and presenting ideas in a business-friendly manner.
• Have experience in engaging with various stakeholders.

What's on Offer

Attractive Remuneration Package, Cutting-Edge Technology Exposure, Collaborative Team Environment

ContactEe Lynn CheahQuote job refJN-042024-6401161Phone number+60 3 2302 4000

20 Jul, 2024 (77 days left)