Job Description

JOB PURPOSE:

The position is responsible for defining, implementing, and continuously improving enterprise-wide cybersecurity requirements and governance. This role is responsible for leading and enabling risk-informed decision making for the overall cybersecurity landscape by utilising a risk-led and threat-informed approach. It is expected that all definitions and communication of cybersecurity governance across the enterprise should include timely management reports on security posture and controls applied.

PRINCIPAL ACCOUNTABILITIES:

1)?Implementation of cybersecurity framework in accordance with industry standards and best practices to ensure they are up to acceptable industry standards and reasonable assurance of security of the computing environment. This encompasses the entire enterprise ecosystem, which is made up of IT, OT, and IoT.

2) Manage and direct cybersecurity operations, including internal and external stakeholders. Produce and give cybersecurity governance reports as necessary.

3) Consistently monitoring and being aware of industry standard best practices, such as NIST, and conducting gap analysis on current governance are necessary.

4) ?Maintain and enforce IT-related corporate policies and SOPs to ensure proper governance and compliance.

5)?Liaise with other departments such as risk management, quality management, administration, SHE and external parties such as external auditors, security solution providers and industry practitioners to carry out the relevant governance and security activities.

6)?Develop soft skills and technical competencies required for team members for them to perform current tasks for sustainable capabilities and continuous improvement.

7)?Manage periodic security activities such as awareness & training program and vulnerability management.

8)?Provide consultancy or advisory services to other business units pertaining to IT governance, policy, standards, SOPs and security considerations when required.

9)?Develop and maintain the DRP / BCP together with other relevant business units and coordinate the periodic testing in order to be prepared if actual recovery activities need to be carried out.

QUALIFICATIONS, EXPERIENCE, SKILLS AND COMPETENCY:

- ?Previously held a role in cybersecurity with proven track record in cyber risk management and governance.

-?Bachelor Degree in IT, ICT, MIS, Computer Engineering or related with minimum of seven (7) years related working experience.

- ?Excellent written and verbal communication abilities, capable of being comprehended by both technical and non-technical personnel.

-?Certifications such as CISSP, CISA, CISM or similar is advantageous

-?In-depth knowledge of relevant industry standards or frameworks such as NIST, CoBIT, ISO/IEC 27k, ITIL, etc.

-?Experience in security operations and/or IT/OT/IoT infrastructure.

- ?Able to manage stakeholders with the ability to influence at both technical and non-technical levels.

Job Types: Full-time, Contract
Contract length: 12 months

Pay: RM10,000.00 - RM12,000.00 per month

Application Question(s):

In depth knowledge of Frameworks such as NIST, CoBIT, ISO/IEC 27k, ITIL, etc. Experience in security operations and/or IT/OT/IoT infrastructure. Certifications such as CISSP, CISA, CISM or similar is advantageous
Experience:

Cyber Security: 7 years (Required)
Language:

English (Required)
Work Location: In person