About the Team: Are you eager to elevate your career to new heights?
Join us for an exhilarating opportunity to pioneer our groundbreaking digital bank project, where boundless possibilities await!
We're thrilled to extend an invitation for you to join our vibrant team of visionaries, innovators, and trailblazers.
As a Security Governance & Assurance Lead of our digital bank project, we're not just offering a job; we're presenting an opportunity to be part of something extraordinary.
You'll collaborate closely with some of the sharpest minds in the industry, operating within a supportive and collaborative environment that fosters creativity and exploration.
Your next thrilling adventure awaits with our digital bank project.
Join us in shaping the future, today!
About the Role: Responsible for advising internal stakeholders on cyber risk universe, including but not limited to Confidentiality, Integrity, Availability risk dimensions.
Implement Key Control Indicators (KCIs) to actively monitor and track non-compliance in cyber security areas.
Escalate and track to closure identified non-compliances.
What You'll Do: Develop and maintain relevant cyber resilience standards, guidelines and procedures to meet regulatory and corporate compliance requirements.
Continuously monitor, track and ensure closure of technology and cyber security events, requests and submissions from generated tools, systems and users.
Conduct regular effectiveness testing of technology controls.
Track identified gaps and ensure that remediation meet internal compliance requirements or industry best practices.
Communicate regularly with business users and other lines of defense (within the enterprise risk framework) to better understand latest cyber compliance requirements.
Plan, control, review, allocate appropriate resources and ensure appropriate and comprehensive coverage of review.
Develop security baselines for the cloud technologies and infrastructure.
Identify key technology and cyber risks to the business operations, evaluate and test controls in place and identify areas for improvement to mitigate technology control issue/risk.
Collaborate to manage internal cyber risk events raised and corrective risk remediation plan.
Partner with cross-business/ functions teams as needed to identify and evaluate the non-compliance in the bank's digital processes, applications and outsourcing.
Lead, direct and assist with local information security and cyber security controls/compliance projects implementation, as required.
Establish cyber risk and compliance monitoring responsibilities and capabilities.
Support internal/external technology audits, and ensure timely audit and compliance reporting.
Plan, control, review, allocate appropriate resources and ensure appropriate and comprehensive coverage of review.
Develop security baselines for the cloud technologies and infrastructure.
Identify key technology and cyber risks to the business operations, evaluate and test controls in place and identify areas for improvement to mitigate technology control issue/risk.
Liaise with various level of management in the planning and conducting the security control reviews.
Manage and coordinate cyber related audits or inspections by internal audits, external audits and regulators.
Engage stakeholders to understand, manage and address risk incidents and operation, technology & cyber risks indicators.
Prepare periodic analysis and consolidated reports including security incident reporting to senior management.
What We're Seeking: Preferably with one or more of the related certifications in the areas of Cyber Security/Information Security – CISSP, CEH, CISM, Comptia CYSA+, GIAC GCFA, GCTI, GCIH and GREM or other relevant certifications Familiarity with industry cybersecurity frameworks and standards, such as NIST Cybersecurity Framework, ISO 27001, and CIS Controls, is necessary.
Understand the requirements and best practices outlined by these frameworks and be able to align security programs and practices accordingly.
Familiar with local regulatory requirements such as BNM RMIT, Paynet, PCI-DSS In-depth knowledge and understanding of cybersecurity principles, best practices, and technologies are necessary.
Have expertise in threat intelligence analysis, incident response, vulnerability management, and security operations.
Stay abreast with the latest cyber threats, attack vectors, and mitigation techniques.
Excellent communication and leadership skills are vital.
Able to effectively communicate complex technical concepts to both technical and non-technical stakeholders.
Have the ability to lead and motivate a team, collaborate with cross-functional teams, and provide guidance during security incidents.
Strong analytical skills and the ability to think critically.
Able to analyze and interpret security data, identify patterns, and make informed decisions.
Possess excellent problem-solving skills to address complex security challenges and incidents.
Given the rapidly evolving cybersecurity threat landscape, continuous learning and staying updated with emerging threats and technologies is crucial.
What We Value: Open-mindedness and constructive communication, fostering an environment of mutual support and growth.
Responsibility and ownership, with a strong sense of accountability.
Commitment to teamwork and achieving shared goals.
Customer focus and dedication to delivering results.
A proactive approach to leading change and innovation.
