Job Description

We are Malaysia\'s leading Credit Reporting Agency (CRA) and we are aggressively expanding our business, and looking for dynamic, driven and motivated individuals to join our team. Our Direct-To-Consumer segment (D2C), is one of our fastest growing product areas in the market, with an abundance of expansion plans and innovative ideas on hand.This role will support the Manager in creating and maintaining robust cyber recovery frameworks and overseeing third-party (e.g., vendors and partners) security measures. This role involves close collaboration with cross-functional teams to ensure effective incident response, continuous monitoring, and compliance with industry standards.Assist in Framework Development:

• Support the creation and maintenance of comprehensive frameworks for cyber recovery and third-party security, including drafting policies, procedures, and guidelines.
• Help ensure these frameworks are up-to-date and effective.

Cyber Recovery Support:

• Assist in overseeing the cyber recovery process, including timely response and recovery from security incidents.
• Support the implementation of effective backup and disaster recovery strategies.

Third-Party Security Monitoring:

• Help monitor and assess the security posture of third-party vendors and partners.
• Assist in evaluating the connections between third-party vendors and the organization to ensure security.

Cross-Functional Coordination:

• Collaborate with cross-functional teams to facilitate effective communication and decision-making during cyber recovery and third-party security assessments.
• Support coordination efforts to ensure seamless integration of security measures.

Training and Awareness:

• Assist in developing and coordinating training programs to educate employees on cyber recovery and third-party security best practices.
• Help maintain training materials and documentation.

Regular Cyber Simulations:

• Support the planning and coordination of regular incident response and recovery simulations, such as tabletop exercises and cyber drills.
• Help ensure the organization is prepared for various cyber incidents and effective recovery.

Assessment and Compliance:

• Assist in developing and implementing risk-based security assessment plans to evaluate the effectiveness of third-party controls.
• Help ensure compliance with relevant regulations and standards.

Stakeholder Collaboration:

• Work with internal and external stakeholders to share best practices, threat intelligence, and lessons learned.
• Support fostering a culture of continuous improvement in cyber security practices.

Documentation and Reporting:

• Create and maintain detailed documentation related to cyber recovery and third-party security efforts.
• Assist in preparation of updates to senior management and relevant committees.

• Bachelor\'s degree in Cyber Security, Information Technology, Computer Science or a related field.
• 2-4 years of experience in cyber security, IT risk management, or a related field.
• Experience with cyber incident response and recovery simulations is a plus.
• Relevant certification (e.g., CISA, CRISC, CompTIA) is a plus.
• Knowledge of cyber recovery processes (ransomware protection, immutable backup, air-gapped backup).
• Knowledge of third-party security practices and cyber supply chain risks.
• Knowledge and awareness of ISO 27001 is a plus.

Employment Type: PermanentMin. Education: DegreeSpoken Language: Malay, EnglishWritten Language: Malay, English

CTOS