Associate Risk Analyst, Cybersecurity RiskSkip to content
Contribute to the identification and mitigation of financial industry's cyber risks by undertaking continuous horizontal surveillance of cyber threat landscape and monitoring of financial institution (FI)'s technology adoption and utilisation strategy.
Conduct thematic review on the risk management practices of identified cyber risk areas and assist in providing technical risk assessment of financial institutions'/ fintech companies' technology adoption, as well as contribute to the development of cyber security policy requirements in order to strengthen the cyber resiliency of the financial industry.
PRINCIPAL ACCOUNTABILITIES
Assist in performing an industry horizontal assessment of adopted cyber risk management models, methodologies or practices with the aim to uncover common practices and potential gaps or issues;
Assist in facilitating an industry-wide cyber risks improvement programs that aims to continuously strengthen the robustness of FIs' risk cyber risk defenses;
Contribute to the development of effective advanced surveillance infrastructure and tools for early detection of emerging cyber risks to facilitate macro, as well as micro level monitoring;
Assist in the review and development of related cyber risks policy documents to ensure pragmatic implementation of regulatory policies;
Provide technical input on the cyber risk management in FIs' digitalisation strategy to adopt new, unfamiliar and emerging technologies or continued operation of their legacy solutions in order to ensure timely detection of potential cyber security risks;
Contribute to the preparation of training materials and training exercises for capacity building and strengthen supervisors' knowledge and competencies in cyber risk management;
Assist in establishing and maintaining strong collaboration with relevant stakeholders to strengthen cyber risk collaboration infrastructure and sharing of cyber threat intelligence and best practices;
Assist in building strong collaboration internally and externally in obtaining and providing information necessary to facilitate continuous surveillance and effective supervision of cyber risk;
Assists in providing feedback/inputs/expertise to other departments in the Bank on policy developments, projects, etc., whenever needed; and
Undertakes other ad-hoc assignments, when assigned.
CRITICAL SUCCESS FACTORS :
Knowledge of both Supervisory Risk-Based Framework (SuRF) and macro surveillance function;
Technical knowledge of current and emerging cyber security risks and their associated risk management best practices;
Knowledge of legal and regulatory requirements relating to cyber security;
Timely identification of potential vulnerabilities and emerging cyber risks affecting the financial industry and undertake timely and pre-emptive or corrective measures;
Effective internal and external stakeholders' collaboration;
Adequate and technically competent resources;
Effectiveness of surveillance tools.
SKILLS / KNOWLEDGE :
Candidate must obtain 5 credits in Sijil Pelajaran Malaysia (SPM) for subjects including Bahasa Melayu, English and Mathematics.
Academic Qualifications: A postgraduate/undergraduate degree in information technology related disciplines, with primary focus on IT security and/or cybersecurity. Professional certifications related to information systems security, auditing, control, assurance and risk management such as Certified Information System Auditor (CISA), Certified Information Security Manager (CISM), Certified Information System Security Professional (CISSP) or Certified Ethical Hacker (CEH) is also preferable and will be given due consideration.
Experience: 3 -5 years experience in IT security and/or auditing, within the context of the financial industry is preferable.
ONLY SHORTLISTED CANDIDATES WILL BE NOTIFIED
Your application will include the following questions:
Which of the following statements best describes your right to work in Malaysia?
Which of the following types of qualifications do you have?
How many years' experience do you have as a Cyber Security Associate?
What's your expected monthly basic salary?#J-18808-Ljbffr