Epicareer Might not Working Properly
Learn More

Information Security Manager

Salary undisclosed

Apply on

Availability Status

This job is expected to be in high demand and may close soon. We’ll remove this job ad once it's closed.


Original
Simplified

As the Information Security Officer (ISO), you will be responsible for leading the technology risk management function of Tranglo, ensuring that our information assets and technologies are adequately protected. You will play a pivotal role in formulating and implementing appropriate policies and frameworks to mitigate IT and cyber risks, while ensuring compliance with regulatory requirements, particularly those set forth by Bank Negara Malaysia (BNM).

Responsibilities:

  • Formulating Policies and Frameworks:
    • Develop and implement a robust Technology Risk Management Framework (TRMF) and Cyber Resilience Framework (CRF) tailored to the needs of the organization.
    • Ensure policies and frameworks are effectively communicated and enforced throughout the organization.
  • Compliance and Regulatory Oversight:
    • Enforce compliance with internal policies, frameworks, and regulatory requirements related to technology risk and security.
    • Ensure that risk assessments for material technology applications submitted to BNM are comprehensive and robust.
  • Advisory and Strategic Planning:
    • Provide expert advice and guidance to senior management on technology risk and security matters.
    • Oversee the formulation and effective implementation of the strategic technology plan and associated policies and procedures.
    • Provide timely updates to the board on key technology matters and seek approval for deviations from technology-related policies when necessary.
  • Infrastructure and Control Measures:
    • Implement cryptographic controls and other security measures to protect the confidentiality, integrity, authentication, authorization, and non-repudiation of information.
    • Safeguard the financial institution’s information infrastructure, systems, and data against unauthorized access.
    • Ensure that data loss prevention (DLP) measures are in place to prevent sensitive data breaches.
  • Business Continuity and Disaster Recovery:
    • Ensure business continuity in the delivery of financial services and internal operations.
    • Maintain concurrently maintainable recovery data centers and implement end-to-end backup storage and delivery management protocols.

Requirements:

  • Bachelor's degree in Computer Science, Information Technology, or a related field; advanced degree or relevant certifications (e.g., CISSP, CISM, CRISC) preferred.
  • Proven experience 10 years in a senior leadership role overseeing information security and technology risk management in the fintech or financial services industry.
  • In-depth knowledge of regulatory requirements, particularly in cyber and technology security.
  • Strong understanding of cryptographic controls, cloud security, access controls, and data loss prevention (DLP) technologies.
  • Excellent communication and interpersonal skills, with the ability to effectively advise senior management and collaborate with cross-functional teams.
  • Demonstrated ability to develop and implement robust technology risk management frameworks and policies.
  • Proven track record of managing and mitigating IT and cyber risks while ensuring business continuity and regulatory compliance.