INFORMATION SECURITY MANAGEMENT SYSTEM EXECUTIVE
Apply on
Company Description
Airfoils Services Sdn Bhd is a center of excellence specializing in aftermarket repair services for High Pressure Compressor (HPC) Blades & Vanes and Low Pressure Turbine (LPT) Blades. The company, jointly owned by MTU Aero Engines AG and Lufthansa Technik AG, provides state-of-the-art and cost-efficient repairs with market benchmark turnaround times and quality. The portfolio includes repair services for all major civil aircraft engine types.
Role Description
This is a full-time on-site role for an Information Security Management System Executive at Airfoils Services Sdn Bhd located in Selangor, Malaysia.
Qualifications
· Bachelor Degree in Information Technology, Cybersecurity or a related field
· Minimum 3 years of working experience in similar capacity, Information Technology and Cybersecurity
· Working experience in aviation maintenance industry is an added advantage
· Relevant certifications e.g.ISO 27001 Lead Implementer, CISSP, CISM or its equivalent
· Experience in implementing ISMS and security frameworks
· Able to work in a fast-paced and dynamic environment
Responsibilities
- Design and implement an ISMS framework in accordance with recognized standards, e.g. ISO 27001
- Establish security policies, procedures and guidelines, ensuring integration with aviation safety requirements, such as EASA Part-IS
- Conduct risk assessments to identify vulnerabilities and implement control measures
- Maintain ISMS documentation to ensure compliance with regulatory standards
- Develop and deliver security awareness training programs for employees
- Ensure compliance with relevant laws, regulations, and standards, and prepare for audits
- Manage incident response plans, investigate security incidents, and recommend improvements.
- Monitor the effectiveness of security controls and report on ISMS performance using metrics and KPIs
- Collaborate with IT and other departments to integrate ISMS practices and promote security initiatives
- Continuously enhance the ISMS by staying updated on industry trends and best practices
- Ensure third-party vendors comply with ISMS requirements and manage vendor relationships
- Develop, test, and maintain business continuity and disaster recovery plans
- Evaluate and implement security technologies, ensuring secure system configurations