- Participate in key strategic initiatives to transform the way we work, enhancing security
- processes and comply to policies, driving an increased maturity and effectiveness of
- security across organization.
- Roll out education program for security awareness across organization, including tracking
- of overall effectiveness and targeted training follow-ups to enhance learning success
- Lead the pro-active engagement and communication with the regulator on security
- questions, including gap analysis and tracking and managing all identified issues to closure
- Assist to drive security architecture and secure design
- Conduct IT security risk assessment for applications and IT infrastructure projects, against
- organization IT security policy & standards, and regulatory requirements.
- Ascertain appropriate security control measures are incorporated into the application
- systems to mitigate identified risk exposures.
- Conduct IT security risk review on proposed conceptual solutions based on business
- initiatives or new technology adoption
- Conduct ad-hoc and annual Information Security due diligent assessment for key
- outsourcing service providers.
- Ensure all assessments conducted are properly documented and with endorsement from
- organization security working committee.
- A Bachelor's Degree in Computer Science, Engineering, Information Systems or related discipline.
- Minimum 8 years of working experience with at least 5 years' experience in hands-on security governance, technical security risk assessment and IS due diligent assessment, in financial industry
- Broad understanding of the key aspects of IT which includes strategic planning, application implementation & support, IT Infrastructure, Vendor & Contract Management, Cyber Security, IT audit, IT governance, Risk management and business continuity planning.
- Familiar with security standards and best practice; regulatory requirement such as BNM RMiT, MAS TRM, PCI-DSS and etc.
- Industry certifications will be a plus e.g. ITIL, PMP, CRISC, CISSP, CEH, CISM and CISA.
- Highly result oriented and can work independently while handling multiple concurrent assignments.
- Ability to build relationship and interact effectively with internal and external parties.
- Strong engagement skills with stakeholders i.e. business and technology will be a plus.
- Strong analytical and critical thinking skills, able to conceptualize and frame problem statements and prioritise issues to enable a clear and effective path to resolution
- Good communication, writing and presentation skills.
- Ability to lead change, and to adapt quickly to changing priorities
- Ability to exercise discretion and independent judgment in applying established techniques, procedures or standards
VP2, Information Security Governance and Risk Advisory - Kuala Lumpur, Malaysia - United Overseas Bank
Description
VP2, Information Security Governance and Risk Advisory
Posting Date: 24-May-2023 Location:Kuala Lumpur, Wilayah Persekutuan, MY
Company: United Overseas Bank (Malaysia) BhdAbout UOB
United Overseas Bank Limited (UOB) is a leading bank in Asia with a global network of more than 500 branches and offices in 19 countries and territories in Asia Pacific, Europe and North America. In Asia, we operate through our head office in Singapore and banking subsidiaries in China, Indonesia, Malaysia and Thailand, as well as branches and offices.
Our history spans more than 80 years. Over this time, we have been guided by our values — Honorable, Enterprising, United and Committed. This means we always strive to do what is right, build for the future, work as one team and pursue long-term success. It is how we work, consistently, be it towards the company, our colleagues or our customers.
Job Responsibilities
Governance
Risk Assessment
Job Requirements