Job Description

Information Security GRC Officer What\'s on offer: Job Type: Permanent Industry: Payments / Fintech Location: Kuala Lumpur, Malaysia Competitive Compensation and Attractive Benefits Job Details: We are looking for passionate technology cybersecurity professionals with Governance, Risk and Compliance (GRC) management experience to be part of the Information Security team. : Define, manage, and update company\'s information security policies, standards, and processes in coordination with different business functions to protect infrastructure, business-critical data, and customer information. Ensure policies are consistently applied across the company and monitor adherence to the defined governance principles to ensure expected value is delivered. Develop and maintain relationships with Business and Technology stakeholders to understand current challenges, establish a GRC framework to manage risk and compliance levels. Work closely with Compliance, Data Privacy and Legal team on new project security reviews, including cybersecurity risk evaluation, assessment, treatment, monitoring to assure high risks are mitigated to acceptable level, and help stakeholders make well-informed decisions. Liaise with Compliance and various Technology teams on regulator inspection, external audit, security certificate programs, and internal audit projects to assure compliance with financial regulations. Communicate and report to senior management, present security risks and recommendations in regional Risk Management Committees (RMC) and board meetings. Requirements: BS/MS in Computer Science / Cybersecurity with 5 years and above relevant experience in cyber security or information technology risk management in the financial industry. Demonstrable experience in security compliance programmes. Experience maintaining information security standards and regulations such as PCI DSS, ISO27001, GDPR, PSD2, SWIFT CSP, and MAS TRM guidelines. Excellent relationship building and communication skills with the ability to engage people from diverse cultures and different levels. Strong stakeholder management skills, working across the Southeast Asia business and China teams to leverage knowledge and resources from this network to get things done. Good knowledge of cloud computing, networking, OS, and its security aspects. Preferably with either CISSP, CISA, CRISC certification. Excellent command of both spoken and written English and Mandarin Chinese to communicate with our Mandarin speaking stakeholders. 2023 Basecamp. All rights reserved. Base Camp Recruitment PTE Ltd EA License: 19S9816 Reg No: R1986523

foundit