The role will require in-depth understanding of information security, technology architecture and business security. Successful candidates will be expected to demonstrate relevant experience working in a dynamic environment dealing with complex challenges and communicating to all levels of the business.

Business continuity management by fully implement and testing the disaster recovery process & business continuity plan.

RESPONSIBILITIES/DUTIES

SUPERVISION

• Supervise information security policy exceptions & change management requests assessments.

• Develop a culture of in-depth understanding as to why security testing is required at both business and internal team level and external with technology partners and client.

• Analysis of information protection technologies and processes to identify technology security weaknesses.

• Lead ongoing assessments of data processing systems to confirm the design of logical controls are effective and meet regulatory and legal requirements; and Provide quality reports to summarize test activities, including objectives, planning, methodology, results, analysis, and recommendations to both technical and non-technical audiences. From the output of the reports provide suggested approaches to enhance further.

• Take the ownership and ensure Governance, Policy and Procedures in relation to Management of Information.

OPERATIONS

• Provide information protection reports to summarize test activities, including objectives, planning, methodology, results, analysis, and recommendations to both technical and non-technical audiences. From the output of the reports provide suggested approaches to enhance further.

• Coordinate with Infrastructure and business systems Teams to implement identified controls, policies, and procedures.

CONTINUOUS IMPROVEMENT

• To lead the identification of opportunities for continuous improvement of systems, processes and practices considering ‘National / international best practice’, improvement of business processes, cost reduction and productivity improvement

• Meetings or workshops or participating in professional organizations or conferences.

REPORTING

• To prepare reports timely and accurately to meet department requirements, policies, and standards

HEALTH, SAFETY & ENVIRONMENT

• To monitor the adherence to all relevant safety and environmental management procedures and controls to guarantee employee safety, legislative compliance, delivery of high-quality products/service and a responsible environmental attitude

RELATED ASSIGNMENTS

• To perform other related duties or assignments as directed

• To participate in any enhancement project to ensure company infrastructure reliability

QUALIFICATIONS:

• Broad knowledge of a wide range of Information Technology systems and a deep understanding of the inherent security risks associated with these technologies.

• Information security principles and best practice (e.g., ISO27001)

• Excellent interpersonal skills with the ability to build and influence teams; and self-motivated

KNOWLEDGE:

• Strong technical abilities, combined with business acumen.

• Ability to present security topics to a non-technical audience and presenting the business value of

• security.

• A good understanding of IT networking and access management concepts.

• Ability to understand and assess technology systems and applications from both a technical and business function perspective.

• Ability to communicate business and technical risk to all levels of audience.

EXPERIENCE:

• Strong engineering academics.

• Preferred industry qualifications - CISSP / CISA / CISM

• Project management professional is plus.