Overview

• Salary

  7,000 MYR ~ 12,000 MYR

• Industry

  Finance(Other)

• Job Description

  • Lead the IT Security team in IT System/Infrastructure Security; implement and monitor security measures for the protection of business application systems, networks and information to ensure that all IT related security components are implemented in accordance with the compliance against Global Information Security Group Guideline/Standards, Statutory Legal and Regulatory requirements.
  • Lead & participate together with the team responsible on patch & vulnerability management. To monitor, analyse and response to daily system alerts/logs from various internal/external source/soc; conduct correlation/forensic analysis, determine possible causes of such alerts, flag suspicious events, identify abnormalities and report violations; resolve internal/external escalation within agreed SLA, provide technical supports, lead the Security Incident Response Team, develop counter measure/strategies to respond to and recover from security breach, document the incident & take appropriate action accordingly.
  • Lead & conduct regular self-assessment to assess company’s IT security maturity levels, analyze security threat landscape & future requirement by working with relevant party to establish short/long term IT Security Strategy that is aligned with company, IT and/or Global Information Security Group strategic, goals, direction and budgetary considerations. Accountable to lead, evaluate, implement, maintain and support IT Security related systems/devices/projects, minimize IT security risks exposure and enforce IT Security related control, compliance & governance across the company.
  • Serve & being the in-house technical/security subject matter expert to assess, advice and discuss with relevant business system owners/users, IT team, vendor and/or regional team to ensure IT Security related control requirements on the new/enhance system are well-designed and implement according to Global
  • Information Security Group Standards/baseline, local regulatory and best practices. Manage exceptional request. Coordinate with vendor on 3rd part Penetration Testing, Source Code Scanning for new and/or major enhanced system/projects and ensure highlighted issues/gaps are closed prior to system/project go-live.
  • Oversee, facilitate and interacts with internal and external audit engagement, facilitate remediation based on agreed recommendation and associated risks pertaining to Global Information Security Group and/or any others local regulatory requirement. Periodical tracking and follow-up with relevant party to ensure Audit and compliance gaps are address and rectify according to committed timeline.
  • Establish, maintains IT Security Awareness &Training. Review and ensure IT security related policies, procedures and guidelines are up to date. Keep abreast of industry standards, frameworks, technologies & recommend improvements wherever is necessary. Take the lead to plan and conduct monthly, quarterly IT Security related reporting & meeting with management and/or Regional CISO.