We are looking for an experienced leader to provide the leadership to enhance, develop and implement the information security strategies and related policies within the financial services industry.
 

Mandatory Skill(s)

  • Degree in Computer Science, Information Systems, Engineering or equivalent professional qualifications;
  • 8 – 10 years of working experience in designing and implementation of information security, policies and procedures, protection and management framework;
  • Demonstrated working knowledge of technology processes, security policies, standards, controls, and risk measurements;
  • Proven track in identifying/tracking the risk on outsourcing mainly cloud arrangement (PaaS, Iaas, SaaS);
  • Experience in performing Vulnerability Assessment, Penetration Testing and mitigating controls;
  • Experienced in performing IT Audit and reviewing IT controls, framework, policies and standards;
  • Strong understanding and experience in end to end business system implementation;
  • Excellent communication skills and emotional intelligence to influence key decisions, mediate conflicts and build consensus;
  • Pre-empt any risks and mitigate any threats or problematic areas proactively;
  • Excellent communication, presentation, planning and organization skill.

Desirable Skill(s)

  • CISSP & CISM Certified;
  • CRISC Certified.

Responsibilities

  • Responsible to design information security, protection and management framework, guidelines and best practices for the organization;
  • Responsible to facilitate in the forum discussion to establish the information security goals and to develop appropriate cyber security risk assessment and risk acceptance;
  • Work closely with the various cross-functional teams to establish, formulate, institute and monitor the security policies, standards and procedures in line with the organization's cyber security directions;
  • Lead implementation of enterprise security improvement and compliance programs;
  • Review, endorse, align and ensure information security compliance with proper risk management and migration plans;
  • Involved in compliance and controls, self-assessment processes and documentation related tasks;
  • Provide advisory and technical consultancy on the appropriate cyber security solutions and technologies to be deployed;
  • Engagement with industry and conduct technology scans on the latest information security products and technologies.
Apply to this Job