Job Description

Our client is the Industry Leader in Cyber Security services and solutions. Established in 2008, the company is CREST Accredited for the provision of Penetration Testing (Pentest) services and also a been awarded with Malaysia Digital (MD) Status company Position: Manager - Information Security Reports to: CTO Location: Kuala Lumpur Responsibilities: . Lead and implement information / IT security engagements for clients. . Provide expert advice, guidance and support on information security. This could be on technical or process aspects (such as Information Security Management Systems (ISMS) or ISO 27001, Business Continuity Management / IT Disaster Recovery Management or ISO 22301/ ISO 27301, Data Loss Prevention (DLP), Identity and Access Management (IAM), cloud security, cyber security design, tools and solutions, security strategy and security project management). . Provide experience and advice in the identification, assessment, mitigation and management of information security risks and issues across the information security spectrum. . Identify, translate and capture business requirements and best practices for Information Security into technically feasible and user friendly deliverables and communicate to clients and their information security staff or regulators to achieve strategic alignment from internal and external stakeholders. . Conduct training on information security solutions when required. . Gain understanding of key customer and market issues, build opportunities, create proposals and make presentations to clients as required. . Lead and manage teams, prioritize responsibilities and tasks in order to deliver quality and timely results and coach & motivate employees. Requirements: . Degree in any discipline and/or MBA from a recognised institution IT Degree preferred. . Minimum 8 years of working experiences in Information Security or IT security and IT systems and / or industry knowledge. Working experience in big 4 companies or multinationals is preferred. . Experience in leading a team and in project management. . Familiarity and experience with security standards and regulatory frameworks (e.g. ISO/IEC 27001, ITIL, BNM RMiT, MAS TRM Guidelines, PCI-DSS, etc.) . Proven track record of delivering security projects on ISMS / BCP / IT DR / DLP / GRC / IAM. . Proven experience in a particular industry such as financial services, telecom, government etc. Skills: . Must have at least two of the following security certifications CISSP, CCSP, SSCP, GSLC, GISP, CISM, CRISC, CGEIT, CISA, ISO 27001 Lead Auditor, etc. . Any additional security certifications Related certifications are a plus e.g. CISSP, CCSP, SSCP, GSLC, GISP, CISM, CRISC, CGEIT, CISA, CCSK, CEH, CCNA, ISO 27001 Lead Auditor, etc. . Good overall understanding of the information security roles and activities. . Strong understanding of information security & regulatory standards/ frameworks e.g. ISO/IEC27001, . COBIT, ITIL, PCI-DSS, NIST Cyber Security Framework, BNM RMiT, MAS TRM Guidelines, etc. . Good technical knowledge on at least five of the following areas: o Data Security, Privacy, Classification and Data Loss Protection. o IT Disaster Recovery Planning and Business Continuity Management. o Network security architecture, management and controls including firewall, routers, IPS etc. o Threat Intelligence & Advanced Persistent Threats (APT). o Security Strategy and Roadmaps. o Security Policy, Standard and Framework. o Information Security Management Systems. o Log Management and SIEM. o Identity and access management solutions and implementation. o Cloud security. o Governance, Risk and Compliance (GRC). . Good project management skills.

foundit