Lead Specialist, Third Party Security Risk

Details of the offer

Lead Specialist, Third Party Security RiskGX Bank Berhad - the Grab-led Digital Bank - is the FIRST digital bank in Malaysia, approved by BNM to commence operations. We aim to leverage technology and innovation to serve the financial needs of the unserved and underserved individuals, and micro and small medium enterprises.
We are driven by our shared purpose and passion to bring positive transformation to the banking industry, starting with solutions that address the financial struggles of Malaysians and businesses.
Get to know the Role:
As a cyber security engineer, you will find issues before an attacker does and recommend how to fix them to avoid future vulnerabilities. You may also perform social-engineering and client-side attacks involving simulating real attacks to assess the risk associated with the potential security breaches.
The Day-to-Day Activities:
Lead the Third Party Security Risk workstream within the 2nd line of defence under Technology & Cyber Risk team.
Work with procurement and contract owners to clarify the inherent risks posed by service providers to the bank based on technology service engagement.
Maintain and update third party security questionnaires based on prevailing regulatory requirements and industry best practices.
Take part in contract negotiation and clarify these mandatory requirements where needed, balancing between business and security requirements.
Document and track ongoing third party security assessments results until closure and report or escalate promptly on high risk gaps.
Deliver the agreed KPI related to the role and responsibilities.
The Must Haves:
5+ years of experience, preferably in risk management, IT audit, information security and IT related roles in technology and/or finance.
Knowledge of cloud environments or prior experience working with public cloud services (e.g., AWS).
Advanced understanding of:Cyber and IT security risk, threat, and prevention measures.
Security incident management, malware management and vulnerability management processes.
Network security technologies, networking principles and common internet protocols.
Data security.Prior experience in reviewing SAS70, ISO27001, SOC 1/2, ISAE 3000, OSPAR framework, BNM RMiT, or MAS TRM.
Proficiency in English.
Self-starter with the ability to work under pressure and minimal supervision.#J-18808-Ljbffr


Nominal Salary: To be agreed

Source: Whatjobs_Ppc

Requirements

My - System Support Specialist (Risk Management)

Key Responsibilities: Liaise with various departments on all aspects of client trading Performing settings in MT4 Administrator and relevant systems Preparin...


Zeal Group - Kuala Lumpur

Published 21 days ago

Filenet Developer

Job Description: Job Title: FileNet Developer Job Mode: Contract Key Responsibilities: Design, develop, and implement custom FileNet applications and soluti...


Vdart Software Services Pvt. Ltd. - Kuala Lumpur

Published 21 days ago

Master Data Management Specialist

We never ask for payment as part of our selection process, and we always contact candidates via our corporate accounts and platforms. If you are approached f...


Tmf Group - Kuala Lumpur

Published 21 days ago

Ai Filmmaker (100% Remote - Apac)

Join Tether and Shape the Future of Digital FinanceAt Tether, we're not just building products, we're pioneering a global financial revolution. Our cutting-e...


Tether Operations Limited - Kuala Lumpur

Published 21 days ago

Built at: 2024-12-23T20:28:27.812Z