Epicareer Might not Working Properly
Learn More

Manager, Security Practice and Awareness

  • Full Time, onsite
  • Bank Negara Malaysia
  • Wilayah Persekutuan Kuala Lumpur, Malaysia
Salary undisclosed

Apply on


Original
Simplified

ROLE PURPOSE

Plan, develop, manage, coordinate and monitor security awareness strategy and cyber security practice management to ensure cyber aware culture is effectively inculcated through people awareness and effective policies, standards and procedures and implementation of action plans.

PRINCIPAL ACCOUNTABILITIES

  • Responsible to plan, develop security training and awareness strategy and plan to meet yearly theme and focus in alignment Bank's needs and stakeholder expectations in order to instil cyber-aware cultural in the Bank in mitigating evolving threats affecting people as weakest link and vector to cyber attacks (including to employees of the Bank, 3rd party and vendors
  • Responsible to plan, strategise and management the development of security contents and contribute security awareness contents, tips and tricks in various bank’s communication platform and media in alignment with Bank’s overall communication guidelines and standards and also DTS digital engagement
  • Responsible to plan, manage, organise and administer security awareness and delivery platforms and security awareness communication channels, its budget and financial planning and also monitor the execution and launch and progress of security training and awareness session and launches
  • Responsible to plan, manage, organise, coordinate and execute ISMS (and/or other best practices) implementation and maintenance to ensure it is sustainable to meet certification requirement ISO27001 and NIST and aligned with other best practice standards. These include standards in emerging technologies such as cloud related standards or practices i.e. CSA, ICS standards IEC62443
  • Responsible to plan, manage, and coordinate the development, communication and enforcement cyber security policies, standards, guidelines, checklist and procedures with various subject matter experts in CSD and including collaborate with DTS-wide technology governance. May also require research on latest cyber security practices and improvement to mitigate ever changing cyber risks/threats
  • Responsible to review and prepare security awareness and cyber security practices related reports, risk score
  • Responsible to review and prepare security awareness and cyber security practices related reports, risk score profiling, performance metrics i.e. KPI, KRI, KCI for periodic reporting to management and identify action plans to improve gaps

QUALIFICATION / EXPERIENCE

  • Academic qualifications: Degree in Computer Science / Information Technology or its equivalent. Any related cybersecurity certifications like CISSP, CISM, CRISC, CISA, SSCP, GIAC, CCNA, and others, is an added advantage.
  • Knowledge in cybersecurity standards ISO27001, CSA and also industry control system (ICS) standards.
  • Knowledge in security awareness topics, approaches, delivery mechanism and communication skills.
  • Knoweledge in ITIL and SANS/NIST/COBIT/ISO security Controls
  • Experience: At least 7+ years working experience with strong knowledge of security practices and governance and also security awareness and training.
  • A Malaysian citizen.

ONLY SHORTLISTED CANDIDATES WILL BE NOTIFIED