Responsible for both information security & cybersecurity of the organization.
Assist the Head, Information Security & Data Governance to drive and implement the organization's internal cybersecurity plan / roadmap.
Assist in developing, updating and direct implementation of security standards and best practices for the organization.
Day-to-day IT Security operations: Implementing and overseeing strategies to assess and mitigate security risk, thus safeguarding the organization and its information assets.
Ensuring the organization's compliance and adherence with regulatory, internal, national regulations in areas of information security & cybersecurity.
Respond, resolve, follow-up & report on all IT Security related incidents.
Maintenance of accurate security records, by ensuring Regular & ad-hoc review and analysis of log files of critical systems, to audit user access & activities.
Maintains, retrieves, compiles relevant IT Security related documentations, and further assist interna l requests from regulators, auditors, management etc.
Participation, involvement, overall support & coordination in annual cybersecurity simulation activities.
Review and manages security updates, patches, policies & vulnerabilities assessment on systems managed.
Provide regular updates, alerts and sharing through internal channels on IT Security updates, awareness, best practices, security risks & incidences to internal Management & supported user groups.
Maintains & responsible for IT Security hardening guidelines, security compliance & assessment checklist.
Engage & work with Group Information Security & Data Governance on security best practices, policies, processes, governance & strategy alignment.
Assist the Head, Information Security & Data Governance in preparing regular and ad-hoc reporting, or presentation to Management, on matters of IT & Cybersecurity updates, gaps, recommendation, and awareness.
Years of Relevant Experience:
Minimum 5 years and above working experience in IT Audit / IT Security or Information Security.
Education Qualification(s):
Bachelor's degree in IT or related field.
Professional qualifications such as CISA, CISM, CISSP or equivalent are preferred.
Personal attributes:
Ability to grasp and follow set procedures in a meticulous manner.
Demonstrate high motivational levels, trustworthiness and professionalism.
High degree of initiative, dependability and ability to work with little supervision.
Excellent verbal and written communication skills in English.
Engage other teams/units to share information and solve issues and problems jointly.
