Job Listing

Back
Company

Anonymous

Industry

Building Materials

Location

Selangor

Company Description
Our Client is a leading manufacturer and supplier of gypsum-based wall and ceiling lining systems, mineral fibre acoustical ceiling systems, metal framing, joint compounds, high-performance panels and accessories throughout Asia, Australasia and the Middle East. Within this region, Our Client operates in 12 markets, 24 manufacturing plants, 3 gypsum mines, with 3200 employees and trusted for use in homes, offices, retail spaces and some of the world’s most iconic buildings.

Senior Manager, GDP & IT Security

Anonymous

Salary Budget: Please log into your account to check the details.
Job Type: Permanent
Location: Selangor
Special Requirements:

Rewards

Referral
CV Offer: USD420
Contact Offer: USD210
Placement
CV Offer: USD1400
Contact Offer: USD420
Posting Date: 06-28-2019
Expiry Date: 12-31-2019

JOB DESCRIPTION

Overview of the role

Senior Manager, Group Data Protection & IT Security

Implement and maintain an effective enterprise-wide corporate information security program designed to ensure the protection and privacy of information assets to include data, software and equipment. Primary areas of accountability include the following:

  • Oversee the tactical implementation of corporate-wide security principles, policies and practices related to but not limited to data loss prevention (DLP), data classification tool (DCT), enterprise digital rights management (EDRM);
  • Maintain responsibility and ownership for the implementation and maintenance of the security programs;
  • Ensure adherence to developed policies and standards or complete appropriate exception documentation through assessments and monitoring;
  • Provide the necessary subject matter expertise and coordinate efforts on a corporate level to identify key security risks, needs, and initiatives.
  • Work with consultants as needed, on independent security reviews, technology selection/deployment, and policies/standards/procedures development.

Key Role & Responsibilities

  • The following is a summary of the essential job functions for this job. Other duties may be performed, both major and minor, which are not mentioned below. Specific activities may change from time to time.
  • Privacy/Protection: Provide the necessary subject matter expertise and ensure the implementation of the DLP, DCT and EDRM architecture, risk management standards, best practices and systems/processes to ensure information privacy/protection.
  • Risk Management: Interact with management to determine acceptable levels of risks as the business model and risk profile changes and align the security program accordingly.
  • Monitoring of security procedures and practices: Review on a timely basis the various analyses of the reports and logs available. Review the recommendations for noted irregularities.
  • Security policies for the organisation: Be aware of and review the security features of new information security practices, systems and business services to ensure that they meet the security requirements of the existing policies. Review and propose changes to existing policies as external emerging issues and conditions warrant.
  • Ensure adequate security for new business services and systems: Assist in the development of scenarios of usage, test for abnormalities or exposures. Prepare documentation to augment vendor materials that include local enhancements and implementations.
  • Regulatory/Legal/Corporate Compliance: Stay abreast of all information security related laws and regulations to ensure compliance with them. Ensure compliance with corporate policies.
  • Support or direct enterprise level information security related functions such as: Firewall Administration, Intrusion Detection, Communications, Incident Response, RACF, Encryption, Access Control, Threat Management, Data Loss Prevention, Cyber Forensics, and other security-related functions as required. Make recommendations for improvements to the program, respond to alleged policy violations and act as a participant in event of a breach. Ensure communications to the IT Director, and other senior-level officers, are accurate and timely.
  • Plans and develop departmental budgets in accordance with established guidelines; administer compliance to meet budgetary goals and negotiates changes as required.
  • Maintain awareness of changes in the industry: Attend classes and seminars as required to maintain a high level of proficiency in the fields of information security and business resumption. Network with other information security professionals. Read about and be aware of the trends regarding BRP and Security in the industry.

Skills & Experience Required for this role

The requirements listed below are representative of the knowledge skill and or ability required.

  • Bachelor's degree in computer science, business, or related discipline, or equivalent education and related training
  • Relevant Information Security Certifications preferred (CISSP, CISM, GIAC, etc.)
  • Seven years of experience in IT, of which at least three years was in the information security field in a leadership/supervisory position
  • Demonstrated SME level knowledge in the Data Loss Prevention and EDRM security discipline
  • Strong oral and written communications skills
  • Highly adaptable to a constantly changing business and technology environment
  • Advanced knowledge of the use and management of DLP and EDRM technologies
  • Experience in the management of data loss/theft events and corresponding data privacy legislation (GLBA, HIPAA, PCI, etc.)

SHARE THIS JOB

Apply / Refer

New to Talentsbay?

Sign up now to apply or refer.