Head, Regional IT Security IBG and International
Michael Page
- Kuala Lumpur
- RM 240,000-241,000 per year
- Permanent
- Full-time
- Offer guidance on IT Security issues, stepping in as the primary IT Security advisor in regions without a dedicated role, with support from Bank Group IT Security.
- Actively engage in IT Security affairs across Bank Securities and international branches, ensuring adherence to security protocols.
- Provide IT security consultations for IT projects, including monitoring and implementing enhancement measures.
- Implement and enforce Bank Group's IT Security policies and procedures across all regional entities.
- Drive the implementation of cyber security measures according to the IT roadmap in each country where Bank operates.
- Monitor compliance with Bank Group IT Security's target operating model, especially for support structures within Bank Securities.
- Serve as the main liaison for updates on security tools, ensuring that all Bank Securities and international branches address and rectify any non-compliance issues.
- Oversee the enforcement of security tool policies, including Data Loss Prevention, secure web gateways, and intrusion prevention systems, ensuring they meet local and Bank Group standards.
- Ensure that operational readiness review processes are in place and followed within Bank's security entities.
- Manage and oversee the remediation processes for security issues identified within Bank Securities and international branches by Bank Group IT Security.
- Collaborate closely with the infrastructure and application teams across Bank Securities and international entities to keep asset information current.
- Maintain and update security tool license information in alignment with Bank Group IT Security requirements.
- Act as the primary point of contact for addressing audit activities within Bank Securities and international entities, ensuring timely completion and closure of audit findings and remediation actions.
- A Bachelor's degree in Computer Science, Information Technology, or a closely related field is required. Possession of professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), or Certified Information Security Manager (CISM) is highly beneficial.
- A minimum of 8 years' experience in a relevant field is necessary for this role.
- Specialization in Cybersecurity, Information Security, IT Auditing, and IT Risk Management is essential.
- Proven capability in formulating and executing information security policies, standards, guidelines, and procedures.
- Experience coordinating with external consultants for independent security audits.
- Proficient in communicating complex information security principles to both technical and non-technical personnel.
- Strong background in business continuity planning, auditing, risk assessment, and management, coupled with a comprehensive knowledge of information technology and security practices.
- Attractive salary & Benefits
- Hybrid Environment
- Work-life balance