Mission
The role will require in-depth understanding of information security, technology architecture and business security. Successful candidates will be expected to demonstrate relevant experience working in a dynamic environment dealing with complex challenges and communicating to all levels of the business.
Business continuity management by fully implement and testing the disaster recovery process & business continuity plan.
Profile
RESPONSIBILITIES/DUTIES
SUPERVISION
• Supervise information security policy exceptions & change management requests assessments.
• Develop a culture of in-depth understanding as to why security testing is required at both business and internal team level and external with technology partners and client.
• Analysis of information protection technologies and processes to identify technology security weaknesses.
• Lead ongoing assessments of data processing systems to confirm the design of logical controls are effective and meet regulatory and legal requirements; and Provide quality reports to summarize test activities, including objectives, planning, methodology, results, analysis, and recommendations to both technical and non-technical audiences. From the output of the reports provide suggested approaches to enhance further.
• Take the ownership and ensure Governance, Policy and Procedures in relation to Management of Information.
OPERATIONS
• Provide information protection reports to summarize test activities, including objectives, planning, methodology, results, analysis, and recommendations to both technical and non-technical audiences. From the output of the reports provide suggested approaches to enhance further.
• Coordinate with Infrastructure and business systems Teams to implement identified controls, policies, and procedures.
CONTINUOUS IMPROVEMENT
• To lead the identification of opportunities for continuous improvement of systems, processes and practices considering ‘National / international best practice’, improvement of business processes, cost reduction and productivity improvement
• Meetings or workshops or participating in professional organizations or conferences.
REPORTING
• To prepare reports timely and accurately to meet department requirements, policies, and standards
HEALTH, SAFETY & ENVIRONMENT
• To monitor the adherence to all relevant safety and environmental management procedures and controls to guarantee employee safety, legislative compliance, delivery of high-quality products/service and a responsible environmental attitude
RELATED ASSIGNMENTS
• To perform other related duties or assignments as directed
• To participate in any enhancement project to ensure company infrastructure reliability
QUALIFICATIONS:
• Broad knowledge of a wide range of Information Technology systems and a deep understanding of the inherent security risks associated with these technologies.
• Information security principles and best practice (e.g., ISO27001)
• Excellent interpersonal skills with the ability to build and influence teams; and self-motivated
KNOWLEDGE:
• Strong technical abilities, combined with business acumen.
• Ability to present security topics to a non-technical audience and presenting the business value of
• security.
• A good understanding of IT networking and access management concepts.
• Ability to understand and assess technology systems and applications from both a technical and business function perspective.
• Ability to communicate business and technical risk to all levels of audience.
EXPERIENCE:
• Strong engineering academics.
• Preferred industry qualifications - CISSP / CISA / CISM
• Project management professional is plus.