KAF Investment Bank Bhd WP.
Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia
Senior Manager, Group HR, Recruitment & TrainingThe Information Security Manager is responsible for the oversight of the Information Security aspect for the digital bank, and responsible for the execution of the Bank's Information Security, Data Governance and Business Continuity Programs.
Responsibilities
Develop, implement and monitor a strategic, comprehensive enterprises information security program to ensure the integrity, confidentiality and availability of data
Document and maintain a risk assessment framework covering information security, data governance and business continuity
Develop and maintain information security policies, standards and guidelines
Oversee the approval, training and dissemination of information security policies, standards and guidelines
Monitor the external threat environment for emerging threats, and advise relevant stakeholders on the appropriate courses of action
Manage security incidents and events to protect corporate assets, including intellectual property, regulated data and the Bank's reputation
Partner with the Enterprise Risk Management to define standards and processes and provide subject-matter expert to oversee vendor information security risk and periodic audits of third-party service providers' information security and business continuity controls
Provide regular and consistent reporting on the current status of the information security program to enterprise risk teams, senior business leaders and the board of directors as part of the strategic enterprise program
Provide strategic risk guidance for IT projects, including the evaluation and recommendation of technical controls
Define and facilitate the information security risk assessment process, including the reporting and oversight of treatment efforts to address findings
Develop and manage information security budgets, and monitor for variances
Responsible and accountable for the day-to-day implementation and management of the Information Security Program
Promote awareness of applicable regulatory standards, upstream risks and industry best practices across the Bank
Lead information security awareness and training initiatives to educate workforce about information risks
Lead an incident response team to contain, investigate and prevent future IT security breaches
Review and verify on a daily, weekly and monthly basis user access to applications and systems
Develop and oversee effective business continuity and disaster recovery policies and standards to align with enterprise business continuity management programs goals.
Coordinate the development of implementation plans and procedures to ensure systems are recovered in the event of a security event
Serve on and support the efforts of the IT Steering Committee
Address questions from internal and external audits and examinations
Analyse and track reports of inappropriate use of the technology and institutional/personal information, including IT security incidents, and guide the investigation and resolution of such incidents
Responsible for the direction, coordination, implementation, executive, control and completion of strategic projects, while remaining aligned with strategy, commitments and goals of the organization
Qualifications
Must have 10+ years' experience in banking information security with 5 years in a leadership role
Must have 10+ years' experience in IT
Must have extensive knowledge in RMiT, CTRAG or privacy and data protection laws, related BNM regulation and requirements, and industry best practices
Strong presentation and written communication skills and the ability to analyse and make effective, business-centric recommendations to senior management and Board of Directors
Experienced developing a comprehensive security program including risk assessment framework
Working experience in project management
Must have security certification such as CISM, CISSP, CCISO or equivalent
Seniority levelMid-Senior level
Employment typeFull-time
Job functionInformation Technology and Finance
IndustriesFinancial Services and Banking#J-18808-Ljbffr