Manager – Information Security - Kuala Lumpur, Malaysia - MVC Resources

    MVC Resources
    MVC Resources Kuala Lumpur, Malaysia

    1 week ago

    MVC Resources background
    Description
    Working Arrangement: Hybrid

    The company seeks bright and talented individuals with strong Information Security and IT backgrounds and a desire to provide security consulting services for clients in various industries. You will provide consulting services focused on information and cyber security. Team members are provided with the opportunity to interact with senior management as well as the opportunity to enhance their skills in the areas of security knowledge, technical competency, business development, client service and people development.

    Key Responsibilities
    • Lead and implement information / IT security engagements for clients.
    • Provide expert advice, guidance and support on information security. This could be on technical on process aspects (such as Information Security Management Systems (ISMS) or ISO 27001, Business Continuity Management / IT Disaster Recovery Management or ISO 22301/ ISO 27301, Data Loss Prevention (DLP), Identity and Access Management (IAM), cloud security, cyber security design, tools and solutions, security strategy and security project management).
    • Provide experience and advice in the identification, assessment, mitigation and management of information security risks and issues across the information security spectrum.
    • Identify, translate and capture business requirements and best practices for Information Security into technically feasible and user-friendly deliverables and communicate to clients and their information security staff or regulators to achieve strategic alignment from internal and external stakeholders.
    • Conduct training on information security solutions when required.
    • Gain understanding of key customer and market issues, build opportunities, create proposals and make presentations to clients as required.
    • Lead and manage teams, prioritize responsibilities and tasks in order to deliver quality and timely results and coach & motivate employees.
    Main Working Relationships:
    • This position requires working closely with internal staff from across the affiliated entities and lines of service.
    • Key relationships will be with the CTO, Directors, Senior Managers and other team members within the company.
    Performance measures & targets
    • Delivery and Revenue targets.
    • Quality of Deliverables.
    • Quality of leadership.
    • Quality of feedback from clients and sell-on opportunities.
    • Full adherence to internal firm policies.
    • Documentation on knowledge repository kept up-to-date.


    Requirements

    Skills/Knowledge/Qualifications:
    • Degree in any discipline and/or MBA from a recognized institution; IT Degree preferred.
    • Must have at least two of the following security certifications CISSP, CCSP, SSCP, GSLC, GISP, CISM, CRISC, CGEIT, CISA, ISO 27001 Lead Auditor, etc.
    • Any additional security certifications Related certifications are a plus e.g. CISSP, CCSP, SSCP, GSLC, GISP, CISM, CRISC, CGEIT, CISA, CCSK, CEH, CCNA, ISO 27001 Lead Auditor, etc.
    • Good overall understanding of the information security roles and activities.
    • Strong understanding of information security & regulatory standards/ frameworks; e.g. ISO/IEC27001, COBIT, ITIL, PCI-DSS, NIST Cyber Security Framework, BNM RMiT, MAS TRM Guidelines, etc.
    • Good technical knowledge in at least five of the following areas:
    • Data Security, Privacy, Classification and Data Loss Protection.
    • IT Disaster Recovery Planning and Business Continuity Management.
    • Network security architecture, management and controls including firewall, routers, IPS etc.
    • Threat Intelligence & Advanced Persistent Threats (APT).
    • Security Strategy and Roadmaps.
    • Security Policy, Standard and Framework.
    • Information Security Management Systems.
    • Log Management and SIEM.
    • Identity and access management solutions and implementation.
    • Cloud security.
    • Governance, Risk and Compliance (GRC).
    • Good project management skills.
    Experience:
    • Minimum 8 years of working experience in Information Security or IT security and IT systems and / or industry knowledge. Working experience in big 4 companies or multinationals is preferred.
    • Experience in leading a team and in project management.
    • Familiarity and experience with security standards and regulatory frameworks (e.g. ISO/IEC 27001, ITIL, BNM RMiT, MAS TRM Guidelines, PCI-DSS, etc.)
    • Proven track record of delivering security projects on ISMS / BCP / IT DR / DLP / GRC / IAM.
    • Proven experience in a particular industry such as financial services, telecom, government etc.
    Personal Competencies & Qualities:
    • Strong problem solving ability.
    • Ability to learn on the fly.
    • Good written and verbal communication skills.
    • Good interpersonal skills.
    • Strong customer focus and client service.
    • Ability to work with a team.
    • Ability to develop self and others.
    • Good business acumen