Job Description

\xef\xbb\xbf

Our client is the Industry Leader in Cyber Security services and solutions. Established in 2008, the company is CREST Accredited for the provision of Penetration Testing (Pentest) services and also a been awarded with Malaysia Digital (MD) Status company

Position: Manager - Information Security

Reports to: CTO

Location: Kuala Lumpur

Responsibilities:

\xc2\xb7 Lead and implement information / IT security engagements for clients.

\xc2\xb7 Provide expert advice, guidance and support on information security. This could be on technical or process aspects (such as Information Security Management Systems (ISMS) or ISO 27001, Business Continuity Management / IT Disaster Recovery Management or ISO 22301/ ISO 27301, Data Loss Prevention (DLP), Identity and Access Management (IAM), cloud security, cyber security design, tools and solutions, security strategy and security project management).

\xc2\xb7 Provide experience and advice in the identification, assessment, mitigation and management of information security risks and issues across the information security spectrum.

\xc2\xb7 Identify, translate and capture business requirements and best practices for Information Security into technically feasible and user friendly deliverables and communicate to clients and their information security staff or regulators to achieve strategic alignment from internal and external stakeholders.

\xc2\xb7 Conduct training on information security solutions when required.

\xc2\xb7 Gain understanding of key customer and market issues, build opportunities, create proposals and make presentations to clients as required.

\xc2\xb7 Lead and manage teams, prioritize responsibilities and tasks in order to deliver quality and timely results and coach & motivate employees.

Requirements:

\xc2\xb7 Degree in any discipline and/or MBA from a recognised institution; IT Degree preferred.

\xc2\xb7 Minimum 8 years of working experiences in Information Security or IT security and IT systems and / or industry knowledge. Working experience in big 4 companies or multinationals is preferred.

\xc2\xb7 Experience in leading a team and in project management.

\xc2\xb7 Familiarity and experience with security standards and regulatory frameworks (e.g. ISO/IEC 27001, ITIL, BNM RMiT, MAS TRM Guidelines, PCI-DSS, etc.)

\xc2\xb7 Proven track record of delivering security projects on ISMS / BCP / IT DR / DLP / GRC / IAM.

\xc2\xb7 Proven experience in a particular industry such as financial services, telecom, government etc.

Skills:

\xc2\xb7 Must have at least two of the following security certifications CISSP, CCSP, SSCP, GSLC, GISP,

CISM, CRISC, CGEIT, CISA, ISO 27001 Lead Auditor, etc.

\xc2\xb7 Any additional security certifications Related certifications are a plus e.g. CISSP, CCSP, SSCP,

GSLC, GISP, CISM, CRISC, CGEIT, CISA, CCSK, CEH, CCNA, ISO 27001 Lead Auditor, etc.

\xc2\xb7 Good overall understanding of the information security roles and activities.

\xc2\xb7 Strong understanding of information security & regulatory standards/ frameworks; e.g. ISO/IEC27001,

\xc2\xb7 COBIT, ITIL, PCI-DSS, NIST Cyber Security Framework, BNM RMiT, MAS TRM Guidelines, etc.

\xc2\xb7 Good technical knowledge on at least five of the following areas:

o Data Security, Privacy, Classification and Data Loss Protection.

o IT Disaster Recovery Planning and Business Continuity Management.

o Network security architecture, management and controls including firewall, routers, IPS etc.

o Threat Intelligence & Advanced Persistent Threats (APT).

o Security Strategy and Roadmaps.

o Security Policy, Standard and Framework.

o Information Security Management Systems.

o Log Management and SIEM.

o Identity and access management solutions and implementation.

o Cloud security.

o Governance, Risk and Compliance (GRC).

\xc2\xb7 Good project management skills.

Sub Specialization : Information Technology;IT Security
Type of Employment : Permanent
Minimum Experience : 8 Years
Work Location : Kuala Lumpur

EPS Consultants