Senior Specialist, Security Lab

Add expected salary to your profile for insights
Assist Head of Department in planning and implementing strategies for the existing and new products/services and any assigned task for new projects related to the development, enhancement, and implementation of PayNet Certify products/services.
KEY AREAS OF RESPONSIBILITIES
Evaluates, drives and facilitates the implementation of strategic business plan for new products/services.
Prepares project plans and proposals which would enhance the business process and operations for existing products/services.
Monitors the department's business performance on a regular basis in order to achieve the target as stipulated in the business plan.
Prepares management reports and analyses for monitoring of expenses and revenues.
Lead the presentation for matters related to product awareness e.g.
Product/Services briefing, training and etc.
Responsible to execute any task assigned by the Head of Department.
Responsible to establish the relationship, alliance and marketing management with new and existing stakeholders i.e.
Financial Institutions, BNM, Governmental agencies, solution provider, scheme owner and other relevant authorities.
Security Lab Operations
Ensure Security Lab process and responsible on the effectiveness of the Security Lab operations as well as to ensure compliance towards the Service Level Agreement (SLA).
Responsible to ensure the test laboratory equipment performance are being assessed and monitored at all times.
Responsible to ensure the quality check of any testing products are performed at all times.
Accountable on implementation, maintenance and improvement of the management system.
Accountable to identify any deviations from the management system or procedures related to laboratory activities and to take immediate actions to prevent or minimize such deviations.
Ensure compliance to the ISO17025 (general requirement for the competence of testing and calibration laboratories) and other related standards, regulations and requirements (e.g.
PayNet Information Security Policy) on matters related to test laboratory operation, processes and its systems;
Ensure the performance of management system and its improvement are reported to laboratory management;
Responsible to ensure the appropriate checklist is in accordance with the technical requirement and/or test plan.
Accountable in managing the test implementation plan as stipulated in the business plan.
Prepares and consolidates the progress update as well as to report any issue/problem on a regular basis;
Accountable to conduct research and development for test laboratory operation improvement and other relevant areas.
Accountable to ensure all test reports/results and other relevant documents are well kept and documented for easy retrieval by the team and as evidence for confidentiality, integrity and availability of archived information; and
Ensure all customer complaints and feedback are properly managed and recorded.
Assist supervisor in project management on the implementation of new and enhanced initiatives involving:
PayNet's internal and inter-departmental resources.
Financial Institutions through the formation of Business, Operations and Technical Steering/Working Committees; and
Progress updates to Management, Steering/Working Committees and relevant authorities.
Continuously assist in business support/ownership of existing products/services:
Conduct meetings and monitor the agreed requirements of service level agreements with participants.
Responsible in business support and certification services:
Perform technical acceptance test and prepare the certification in accordance to the established standards and procedures.
Perform technical feasibility study, evaluate and analyze user requirements.
Perform evaluating and reviewing vendor proposals and solutions proposed.
Ensure the implementation of projects and enhancements.
Ensure in planning, gathering, analyzing and managing user requirements to recommend solutions to business users; and
Ensure the reporting and escalations process during the testing cycles are adhered to i.e.
monitor the testing schedule.
Review performance of existing products and services
Review reports on product/service performance in a timely manner;
Investigate and resolve exceptional issues on product/service performance; and
Escalate in a timely manner unresolved issues with recommended solutions to superior.
Change Management
Prepare documentation for any change management required;
Assist to develop user/functional requirements;
Assist to develop and ensure the user acceptance test scripts and test results are consistent with expected results based on user requirements; and
Assist to respond to any raised Change Request/Service Request on new or enhanced product/services in accordance to the information technology standards;
Operations Manual / Rules and Regulations
Provide input for the development of any new or enhanced procedures for incorporation into the Operations Manual or Rules and Regulations; and
Ensure all relevant parties are updated of any changes to the Operations Manual/Rules and Regulations in a timely manner.
Research and Survey
Conduct independent and assigned research/survey to be aware of opportunities, challenges, risks and threats.
Technical consultation and advisory services
Assist to provide technical consultation services and support on financial smart card application and key management related areas;
Assist to provide advisory services to vendors on smart card application development.
Assist to resolve technical problems escalated by internal and external customers in a timely, effective and efficient manner.
Product and Market Knowledge
Knowledge of market trends (e.g.
payment industry landscape) and relevant guidelines (e.g.
technical standards, security standards).
Knowledge of stakeholders' (e.g.
participants, TPAs, card manufacturers, terminal manufacturers, solution providers and vendors) products and its structure (e.g.
product architecture).
Leverages on market intelligence (e.g.
industry landscape) and product knowledge (e.g.
innovative payment methods) to formulate/improve appropriate guidelines/enhancements (e.g.
operations manual).
Customer Relationship Management
Knowledge of stakeholders' (e.g.
participants, TPAs, card manufacturers, terminal manufacturers, solution providers and vendors) organization, industries and key developments (e.g.
new industry standards, new products).
Provides services (e.g.
certification services, technical advisory support and key management business) to stakeholders based on applicable guidelines.
Maintains customer relationships (e.g.
support, advisory and guidance, query handling) and identify potential business opportunities (e.g.
initiatives to expand market reach).
Anticipates difficult customer situations and handles them accordingly.
Laboratory Operations
Knowledge of company's certification lab operational procedures (e.g.
Quality Manual/Standard Operating Procedure).
Monitors the compliance of operational procedures (e.g.
technical standards, Certification requirement) in accordance to the applicable guidelines (e.g.
quality manuals, PURE Specification, MCCS Specification, EMV Specification, Lab SOPs).
Proposes and implements suggestions for the improvement of existing lab procedures (e.g.
Lab SOPs).
Possess knowledge of:
i. PCI Standards
ii.
Cryptography and key management concept
iii.
Information security and risk management concept
iv.
International security standard
Systems and Application Testing
Knowledge of testing concepts, methodology and know-hows (e.g.
test script methodologies).
Develops testing and evaluation methods (e.g.
automated scripts) for stakeholders' products.
Evaluates stakeholders' products (e.g.
acceptance devices, cards) against designated test tools and plans.
Proposes and implements suggestions for the development/improvement of new/existing testing methodologies (e.g.
new test cases & scenarios).
Technical Support & Advisory
Knowledge of technical specifications of industry standards (e.g.
EMV, Global Platform, PCI, ISO, PURE).
Advises relevant stakeholders (internal and external) on the technical aspects of stakeholders' products (e.g.
financial smart card application, key management business).
Develops and improves technical specifications for products (e.g.
user/functional requirements) in accordance to established industry standards (e.g.
EMV, Global Platform, PCI, ISO, PURE).
General
Understands and applies controls effectively to manage key risks and provides suggestions to improve the controls, wherever possible.
Promptly escalates risks and incidents to senior management in accordance to existing procedures.
Comply with relevant regulations, guidelines and procedures.
On appointment as Primary/Alternate RCO
Proactively support the development, management and prompt risk reporting of the Enterprise Risk Management and Business Continuity Management (BCM) Framework/Policy/Procedures for the department/function and sign off on all risk related documentation.
Proactively support the identification, monitoring, reporting and implementation for the compliance of relevant regulations and guidelines applicable to the department/function.
QUALIFICATIONS & EXPERIENCE
Degree in IT/Information System/Security or its equivalent.
Experience in field of security certifications i.e.
Common Criteria, EMVCo, Global Platform from the laboratory perspective.
A minimum of 2 years working experience in IT project, implementation in business strategies and experience in product development formulation.
Organized, structured and able to multitask.
Able to work independently.
Strong communication skills, written and verbal in English.
Other languages are an added advantage.
Possess leadership qualities, aggressive and result-oriented.#J-18808-Ljbffr