Jobs

About your New Employer:

Our client is one of the leading Life Insurance & Investment companies in Malaysia. As part of an international financial services group, the client offers a range of life insurance products in Malaysia including endowment plans, investment-linked plans, term life plans, and medical plans.

Your New Roles & Responsibilities:

You will play a role of a Manager of IT Governance, Risk & Compliance

Governance

• Provide advisory relating to Information Security-related risks to the business heads and stakeholders including developments in the company’s technology security risk profile in relation to its business and operations.
• Perform independent risk assessments and develop mitigation strategies relevant to information security risk including initiatives, processes, outsourcing arrangements, system designs or architecture etc.
• Timely reporting to the Information Security Governance Committee
• Contact point with the BNM & LIAM regulators pertaining to information security-related programs, and act as the communicator between the regulator and organization to ensure a smooth implementation of the acts & procedure

Risk

• Review, Revise and Implement frameworks, policies and procedure standards of the information governance, security, risk and compliance
• Attend and resolve risk and non-compliance in accordance to the organizations’ defined risk management methodologies and within defined risk appetites
• Act as the 2nd Line Function, work collaboratively with the Head of Information Technology (1st Line Function) and the independent auditors (3rd Line Function) to identify key risk areas for mitigation, areas of improvement and derive value from IT initiatives and investments
• Manage and oversee the security assessments by the independent auditors including vulnerabilities & penetration tests, compromise assessment, and internal Red-Team exercises.
• Work in coordination with the IT team to resolve any potential issues that arise.
• Work closely with the SEM counterparts to align the organization’s risk management strategies pertaining to information security risks with the business direction
• Collaborate with multiple business units to ensure information security-related risks are updated, and correctly tracked in accordance with defined methodologies
• Promote information security awareness, ensure good governance and good practices across all functional departments
• Keep abreast of the current and emerging technology risk that might potentially affect the company’s risk profile
• Ensure the company’s information assets and technologies are properly maintained and secured

Compliance

• Monitor and review all legal & regulatory frameworks, guidelines, circulars and memos from the BNM & LIAM pertaining to Information Security
• Develop compliance roadmaps to ensure adherence to the regulations and
• Address breaches and non-compliance to the senior management and develop compliance roadmaps to address the issues
• Manage any non-compliance in the business units
• Promote a strong and healthy compliance culture in the company by creating awareness of cyber threats

Criteria to Meet:

• Candidate must possess at least one or more of the following qualifications/certifications: PMP, ITIL, COBIT, CISA, CISSP, CISM, CRISC, CDPSE or CGEIT
• Has at least 7-8 years working experience in total, with a minimum of 2-3 years experience working in a financial service in a management/managerial/advisory capacity
• Profound understanding of the BNM’s information security regulations such as RMiT, PDPA, and all relevant IT requirements and frameworks
• Expertise in ISO27001, 27002, PCIDS, Technology Risk Management/ Resilience Framework and other industry best practices will be an added advantage

Interested candidates kindly send your updated CV to info@sixdegreeconsulting.com.

For more updates on job opportunities:

Like us at our Facebook Page https://www.facebook.com/SixDegreeConsulting.

Follow our LinkedIn Page: LinkedIn – Six Degree Consulting (Executive Search & Payroll)