Manage independent assessments and advisory relating to information security-related risks to management, MRC, BRMC, SCC, ITGAC, ITSC, PSC and functional heads of business
Manage an independent assessment on information security risks and mitigation strategies pertinent to projects, initiatives, operational processes, outsourcing arrangements and systems design/architecture
Manage reporting to SEM information security governance committee on information security related matters pertaining to MCIS
Support main liaison point with BNM and LIAM regulators on matters pertaining to information security
Support relationship and expectation with BNM and articulate to the company the intention of the BNM\xe2\x80\x99s rules and negotiate with BNM to apply the rule in the company practically
Risk
Manage implementation, review and revise frameworks, policies and standards on information governance, security, risk management, and compliance
Manage risks and non-compliance in accordance with MCIS Insurance\xe2\x80\x99s defined risk management methodologies, and within defined risk appetites
Support main liaison in the 2nd line function, work in close consultation with the Head of Information Technology (1st line function) and independent auditors (3rd line function) to identify key risk areas for mitigation, or opportunities for improvement and derive value from IT initiatives and investments
Support oversight for the execution of security assessments by independent consultants including vulnerabilities and penetration tests, compromise assessment, internal Red-Team exercises and coordinate with IT to resolve issues identified
Manage works in close consultation with SEM counterparts to align MCIS\xe2\x80\x99 risk management strategies pertaining to information security risks with Sanlam Group Strategy
Manage works with business functions to ensure information security-related risks are updated, and correctly tracked in accordance with defined methodologies
Manage promoting information security awareness, good governance and good practices across all functional departments
Manage keeping apprised of current and emerging technology risks which could potentially affect the company\xe2\x80\x99s risk profile
Manage assurance of the company\xe2\x80\x99s information assets and technologies are adequately protected
Support advising senior management on technology risk and security matters, including developments in the company\xe2\x80\x99s technology security risk profile in relation to its business and operations.
Compliance
Manage review and compliance with relevant legal & regulatory frameworks, guidelines, circulars and memos from BNM and LIAM
Manage highlighting areas of non-compliance to senior management and establish compliance roadmaps to address gaps in compliance
Manage identifying instances of non-compliance and breaches in regulatory requirements and support established policies with relevant business units. Support highlighting such instances to senior management and relevant HODs for appropriate action
Manage promoting a strong and healthy compliance culture in the company by raising employee awareness in cyber threat which arises from the latest technology development and changes
Qualification Candidates with the one of more following certifications or trainings: PMP, ITIL, COBIT, CISA, CISSP, CISM, CRISC, CDPSE or CGEIT is required Experience
Must have minimum 7 years working experience in information security, preferably with at least 3 years in the Financial Services or Insurance industry in a management or consultation capacity
Good working understanding of BNM regulatory requirements including (but not limited to) RMiT, PDPA 2012 and all relevant regulatory requirements and frameworks
Working experience with ISO27001, 27002, PCIDSS, Technology Risk Management/Cyber Security/Resilience Framework and other industry best practices
Interested candidates kindly send your updated CV to info@sixdegreeconsulting.com. For more updates on job opportunities: Like us at our Facebook Page https://www.facebook.com/SixDegreeConsulting. Follow our LinkedIn Page: LinkedIn \xe2\x80\x93 Six Degree Consulting (Executive Search & Payroll)
Beware of fraud agents! do not pay money to get a job
MNCJobz.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.