Job Description

It\'s never been a more exciting time to join Vistra.At Vistra our purpose is progress. We believe that our clients have the power to change the world and to do great things for global progress, and we exist to remove the friction that comes from the complexity of global business - to help our clients achieve progress without friction.But progress only happens when people come together and take action. And we\'re absolutely committed to building a culture where our people can do just that.We have an exciting opportunity for you to join our team as Information Security Officer. Reporting to Information Security Manager, this full-time and permanent position is based in Bangsar South, Kuala Lumpur and offers regional coverage, allowing you to make a significant impact to our IT and its\' growth.Key responsibilities:

• Adhere, prioritize, plan, and execute risk and control assessment roadmaps through collaboration with technology, cybersecurity, legal, compliance, including the on-going resequencing of projects and assessments in the portfolio roadmap as priorities shift.
• Ensure that necessary security due diligence/risk assessment of our vendor/third-party portfolio is maintained.
• Act as the focal point for external auditor activity/assessments; customer security reviews
• Provide leadership and guidance on compliance with cybersecurity frameworks including NIST, ISO 27001/2, ISAE and experience with regulations like China CSL, GDPR, PDPA etc. an advantage.
• Facilitates the processes necessary to ensure that we have effective disaster recovery (DR) & business continuity (BCP) to overcome technology disruptions.
• Update our security risk register reflecting learnings and opportunities identified
• Continuously evaluate the organization\'s existing security and compliance practices, define and measure security-related activities, and demonstrating concrete improvements to the application assurance program within the organization
• Plan and facilitate testing of our business continuity, incident response, and disaster recovery plans with appropriate business and technology stakeholders

Key requirements:

• 5+ years of experience in information security, GRC, BCP/DR, and/or risk management
• exposure in participation/implementing security compliance programs.
• Good understanding of security testing for web applications, mobile applications, and corporate systems
• Good experience of relevant control frameworks such as ISO, NIST, CIS etc.
• Ability to work both independently and collaboratively with peers, across virtual teams, and with management across different countries and cultures.
• Bachelor\'s degree in information technology

Company Benefits:

• Opportunity for career advancement and regional working exposure
• Training and development
• Hybrid working arrangement.

If you are excited about working with us, we encourage you to apply or have a confidential chat with one of our Talent Acquisition team members. Our goal is to make this a great place to work where all our people can thrive. We hope you join us on this exciting journey!Location:MY

Vistra