Job Listing
Company
Anonymous
Industry
Telecommunications
Location
Kuala Lumpur
Company Description
Our Client is one of the fastest growing full-fledged mobile operators in Malaysia that offers data, voice and messaging services to its customers via innovative prepaid, postpaid and broadband plansAssistant General Manager, IT Policy & Cyber Security
Anonymous
| Salary Budget: | Please log into your account to check the details. |
|---|---|
| Job Type: | Permanent |
| Location: | Kuala Lumpur |
| Special Requirements: |
Rewards
| Posting Date: | 11-19-2018 |
|---|---|
| Expiry Date: | 03-31-2019 |
JOB DESCRIPTION
Key Accountabilities
Team Management
· KPI (Key Performance Index) setting for direct reports, monitor and review periodically to ensure that the KPIs are met
· Overseeing the management of the IT security department, giving leadership to the team and developing staff
Budget
· Manage Capital Expenditure (CAPEX) and Operational Expenditure (OPEX) budget
IT Security
· Responsible for developing and implementing the Company's Cyber Security plan.
· Devising strategies and implementing IT solutions to minimize the risk of cyber-attacks
· Responsible for planning and monitoring of all activities related to IT security in the Company. The scope of work includes establishing of IT security policies, audit on the effectiveness of security measures implemented, ensuring users are in compliance of security policy, as well as refreshment and upgrade of IT security policy and systems from time to time
· Promotion of Cyber Security awareness
· Ensure that all remediation is implemented on risk determined by pen testing or annual audits.
· Constantly monitoring for attacks and intrusions
· Managing the daily operation and implementation of the IT security strategy
· Conducting a continuous assessment of current IT security practices and systems and identifying areas for improvement
· Delivering new security technology approaches and implementing next-generation solutions
· Driving change projects and building new security capabilities
· Developing and implementing business continuity plans to ensure service is continuous when a change programme is introduced or a security breach occurs or in the event that the disaster recovery plan needs to be triggered
· Protecting the intellectual property of the organization at all times
· Reporting to the Audit committee and being an active member of the senior management team
· Being an active member of the senior management team
IT Risk And Policy Management
· Responsible for management of all activities related to IT risks (beyond security, includes Business Continuity Plans).
· Work with the Enterprise Risk Management Department to ensure all works within IT Risk management are in–line with the direction and KPIs established at the enterprise level.
· Running security audits and risk assessments
· Documenting and “educating” of IT policy established to ensure the Company’s staff are aware and in compliance with IT policies
· Ensuring compliance and governance is met
· Ensure the internal audit plan identifies and tests areas that require focus and improvement.
Partners And Vendors Management
· Managing and monitoring of KPIs to ensure all IT partners’ deliveries are done according to contract specifications as well as T&C
Stakeholders Management
· Manage collaboration and relationship between different departments in delivering solutions to meet customers’ business needs
· Effectively communicate project expectations to team members and stakeholders in a timely and clear fashion.
· MCMC for all security-related policies and implementations
· Represent the Company at the industry Cybersecurity forums
· Auditors for the annual audits from E&Y and MCMC.
· Internal Audit for all investigations and annual audits
· Architecture and application development teams
· Reporting to the Audit Committee
Timely Reporting and Analysis
· Periodic reporting of project status and escalation of issues as and when required
· Conduct project post-mortems to identify successful project elements and improvement areas
· Quarterly reporting on security posture and incidents for the Audit Committee
· Responsible for reporting all Cyber Security related incidents
Key Experiences and Qualifications
· Degree in IT and minimum 18 years of working in IT technical field
· Digital leadership skills – capable of empowering and leading an IT team to meet business and IT security goals
· Ability to adapt to a fast-moving IT landscape and keep pace with the latest thinking and new security technologies
· A passion for technology and security safeguarding with a desire to deliver
· Thrives on change, showing an impressive ability to drive the IT security strategy forward
· Analytical mind capable of managing numerous information sources and providing data analysis reports to senior management
· Strong customer focus - being able to meet the demands of internal and external customers
· Excellent communication skills – providing verbal and written communication that is outstanding to both direct reports and senior management as well as other stakeholders
· Flexible and adaptable – capable of changing direction where required and showing flexibility to meet new demands
· Forms business partnerships that help drive the IT security strategy forward
· Creative thinking – able to look at alternatives and consider new ways of thinking to problem solve
· Multi-tasking – can manage several concurrent projects and prioritize demands
· Vendor Management- able to manage vendors and hold them to their contractual deliverables
· Managing departmental budget CAPEX and OPEX
· Presentation and communication skill
· Experience in Billing, CRM and other Telco Operations Systems
· Knowledge in Financial Services Regulations