Assistant Manager, Information Security GRC
Salary MYR84,000 - MYR120,000 per annum + Market Aligned
Location Kuala LumpurFULL_TIME
Consultant Pearly Toh
Job Ref 1854360/001
Date posted 20 September 2022kuala-lumpur tech-transformation/it-security 2022-09-20 2022-11-19 insurance Kuala Lumpur MY MYR 84000 120000 120000 YEAR Robert Walters https://www.robertwalters.com.my https://www.robertwalters.com.my/content/dam/robert-walters/global/images/logos/web-logos/square-logo.png
An exciting Assistant Manager, Information Security GRC job has just been made available at one of the one of the fastest growing general insurance companies in Malaysia. You will be ensuring the information security and technology risk governance within the business is operating effectively and provide assurance that the risk is appropriately managed.
About the Assistant Manager, Information Security GRC Role:
Reporting directly to the CISO, you will be shaping the security governance framework and facilitate adoption of security controls to ensures the business maintains its compliance with all applicable legal, regulatory, and contractual requirements.
- Ensure technology governance processes are properly designed, functioning effectively, and maintains its compliance with ISO27001, PCIDSS, and Bank Negara Malaysia (BNM)’s RMIT requirements
- Reviewing, testing and attestation of information security policies, documentations, and control libraries. Validate security baseline configurations of systems and infrastructure. Evaluate performance of Information and Cybersecurity management by assessing effectiveness of the controls implemented
- Act as lead contact for internal and external audits relates to technology governance. Oversee technology risk register and coordinate remediation activities
- Assist in development, maintenance and implementation of technology controls and processes to streamline IT compliance and continuous improvement activities
- Perform various type of security and risk assessment (IT control assessment, application security, maturity, compliance, and risk) for projects and third parties. Track and monitor risk exceptions to ensure control deviations are identified and mitigating controls are in place
- Manage ongoing assessment actives, including, but not limited to, external Penetration testing by third parties and external risk assessment
- Manage cybersecurity awareness programme, which may include, but is not limited to, annual employee training, ongoing awareness campaigns and phishing exercise
- Ensure incidents and vulnerabilities are escalated and resolved in a timely manner. Assist in performing security risk assessments and produce recommendation for risk mitigation
- Be responsible for user access provisioning compliance which includes access rights, user roles or profiles, authorising and approving authorities. Periodic review of user access matrix
- Ensure access controls to enterprise-wide systems are effectively managed and monitored. Ensure activity logs is maintained and available for audit and investigation.
The successful Assistant Manager, Information Security GRC is a high-potential and motivated individual who goes the extra miles to make a difference while working closely with the business.
- Degree in information technology/security or related discipline
- ISO 27001 Certified Lead Auditor or Implementer qualification is a must
- CISSP, CISA, CISM in Information Security is an advantage
- Five or more years of experience in an Information Security Management predominantly in Governance, Risk and Compliance role
- Experience in implementing security governance frameworks, control standards and architecture mainly NIST, ISO27001, PCIDSS, CIS, ITIL, COBIT and RMIT
- Knowledge of emerging technologies mainly Cloud, Big Data, AI and Third-Party Security Assurance is highly desired
- Knowledge of Information Security technologies (i.e. firewalls, IDS/IPS, DMZ, data protection controls ie. DLP, user access controls i.e. IAM, PUAM, Advanced Persistently Threat, Security Operations Centre (SOC), Security configuration review, penetration testing and vulnerability assessment
- Ability to appropriately balance Information Security needs with business impact and benefits. Ability to team well with others to facilitate and enhance the understanding and compliance to security policies
- Strong interpersonal, communication and influencing skills with the confidence and ability to operate effectively at all levels.
- Experience preparing and providing executive level statuses and presentations using MS PowerPoint, Visio and Excel. Experience producing reference documentation for technical or business reference
- Effective interpersonal skills and the ability to thrive in a team environment
- Analytical and programme management skills
This renowned general insurance company has an outstanding reputation in its field and great value is placed on training and development. The scope of the offer, the size of business, the freedom and autonomy to drive your career forward all add up to a great place to work.
If you have what it takes, is passionate and want to elevate yourself into senior management, this is an excellent opportunity to work with an industry leader that is constantly breaking new ground. Great career opportunities await the right person in this exciting Assistant Manager, Information Security GRC role.
Apply today or email me at firstname.lastname@example.org to discuss this new opportunity.
Do note that we will only be in touch if your application is shortlisted.
Agensi Pekerjaan Robert Walters Sdn Bhd
Business Registration Number : 729828-T
Licence Number : JTKSM 423C
Salary: MYR8,000 - MYR12,000 per month + Market AlignedLocation: Kuala LumpurDate posted: 26 September 2022An exciting in-house Database Administrator (Oracle/Mongo Server) job opportunity has just become available at one of the top financial services companies based in Kuala Lumpur.
Salary: Market AlignedLocation: Kuala LumpurDate posted: 25 September 2022A new IT Senior Executive (SAP) job has recently become available at a reputable conglomerate.
Salary: Market AlignedLocation: Kuala LumpurDate posted: 15 September 2022A start up is recrutiing for a Senior Software Tester job while building a IT centre that focuses on developing solutions for a better tomorrow, redefine financial inclusivity to serve the underserved in our society. The company's IT centre will comprise a team of software engineering and technology experts based in Kuala Lumpur and serve as a Centre of Excellence in the region.
Salary: MYR120,000 - MYR144,000 per annum + Market AlignedLocation: Kuala LumpurDate posted: 14 September 2022An exciting IT Security Specialist job has just become available at one of the largest Japanese multinational automotive manufacturers based in Malaysia. You will be responsible for implementing and monitoring security measures for the protection of the company’s computer systems, networks, and information.
Salary: MYR60,000 - MYR120,000 per annum + Market AlignedLocation: Kuala LumpurDate posted: 09 September 2022An exciting Senior Cybersecurity Consultant job has just become available at a global IT consulting and multi-product online trading service provider based in Malaysia.