Job Description

POSITION GENERAL SUMMARY

• Directs strategy, operations and the budget for the protection of the enterprise information assets and     manages that program. Driving the cybersecurity strategy and implementation forward whilst protecting the business from security threats and cyber-hacking.
• Responsible for establishing and maintaining a corporate-wide information security management program to ensure that information assets are adequately protected. Working with executive management to determine acceptable levels of risk for the organization. The process owner of all assurance activities related to the availability, integrity and confidentiality of customer, business partner, employee and business information in compliance with the organization's information security policies.

ESSENTIAL POSITION FUNCTIONS

• Direct and approve the design of security systems;
• Ensure that disaster recovery and business continuity plans are in place and tested;
• Review and approve security policies, controls and cyber incident response planning;
• Approve identity and access policies;
• Review investigations after breaches or incidents, including impact analysis and recommendations for avoiding similar vulnerabilities;
• Maintain a current understanding the IT threat landscape for the industry;
• Ensure compliance with the changing laws and applicable regulations;
• Translate that knowledge to identification of risks and actionable plans to protect the business;
• Schedule periodic security audits;
• Oversee identity and access management;
• Make sure that cyber security policies and procedures are communicated to all personnel and that compliance is enforced;
• Manage all teams, employees, contractors and vendors involved in IT security, which may include hiring;
• Provide training and mentoring to security team members;
• Constantly update the cyber security strategy to leverage new technology and threat information;
• Brief the executive team on status and risks, including taking the role of champion for the overall strategy and necessary budget; and
• Communicate best practices and risks to all parts of the business, outside IT.

Key Challenges

• To ensure understanding and involvement from all level of management and employees
• To get top management commitment in compliance activities
• To get all staff and management to adhere to policies, procedures and internal control

Education

External        

• Degree preferably with specialization in computer science related discipline and equivalent work experience required. Industry certification such as CISM, CISSP, GCIH and or any other industry certification preferred.

Relevant Industries

External        

• Degree holder with minimum 3.0 CGPA or equivalent with minimum 7 years relevant experience in Management role.
• Minimum 5 years of managing of cybersecurity and risk management

Additional Information

Open for Malaysian citizens only.
Please be reminded that only online applications will be entertained.
Applications should reach us by 28 January 2025.
Only the shortlisted will be notified.