If you are looking to excel and make a difference, take a closer look at us...
Overview:
As a member of the Security Governance, your primary responsibility will be to ensure the security & resilience of the organization's digital assets & information systems. You will play a crucial role in defending against cyber threats and safeguarding our critical data/system.
Key Responsibilities:
- Establishing security measures around an organization's key assets
- Conduct intelligence / threat-based security assessments on critical systems / major applications / networks to identify security risks to brief systems owners of the potential impacts of those risks on their mission.
- Security Posture Assessment
- Identification and Validation of Security Flaws
- Firewall config / policies assessment.
- Stay up-to-date with the latest cyber threats, attack vectors, and industry best practices to continuously improve the organization's security posture.
- Collaborate with other teams to design and implement security solutions that align with the organization's overall security strategy.
- Prepare detailed reports and documentation related to cyber incidents, investigations, and security measures taken.
- Risk and Control Self-Assessment (RCSA)- for whole GITS department
- Each item needs to be assessed by weekly, monthly, quarterly, half yearly and yearly basis
- Reconstruct RCSA Template
- OSP Review - Ensign
- Required to be reviewed on a yearly basis
- SOP & Policy Review
- All related SOP and policy need to be reviewed on a yearly basis
- PWC Audit request
- CRMA BNM review
- BNM KRI Reports
Jobholder Requirements- A Diploma/Bachelor's degree in IT or Information/Cyber Security
Experience- Minimum 3 - 5 years working experience in Information/Network/Cyber Security with project experience
- Understanding of cybersecurity concepts, principles, and best practices
- Knowledge of network security protocols and systems
- Familiarity with firewalls, intrusion prevention systems, and other security tools
Good to have:- Specialized experience in Blue Teaming or experience working within a Security Operations Center performing a variety of the services listed above in the job responsibilities.
- Possess a broad knowledge of security methodologies, solutions and best practices
- Experience with multiple open source and commercial testing tools; a non-comprehensive list includes Nessus, App Detective, Metasploit, Burp Suite, and nmap
- Possess advanced understanding of the strengths and weaknesses of security tools with the ability to select the right tool for the job; ability to configure and troubleshoot tools if necessary
- Ability to analyze network traffic and identify potential threats
- Knowledge of malware analysis and remediation techniques
- Understanding of risk management and compliance requirements
- Good communication and problem-solving skills
- Attention to detail and the ability to work under pressure
About Hong Leong BankWe are a leading financial institution in Malaysia backed by a century of entrepreneurial heritage. Providing comprehensive financial services guided by a Digital-at-the-Core ethos has earned us industry recognition and accolades for our innovative approach in making banking simpler and more effortless for our customers. Our digital and physical offerings span across a vast nationwide network in Malaysia, strengthened with an expanding regional presence in Singapore, Hong Kong, Vietnam, Cambodia, and China.
We seek to strike a balance between diversity, inclusion and merit to achieve our mission of infusing diversity in thinking and skillsets into our organisation. Candidates are assessed based on merit and potential, in line with our mission to attract and recruit the best talent available. Expanding on our "Digital at the Core" ethos, we are progressively digitising the employee journey and experience to provide a strong foundation for our people to drive life-long learning, achieve their career aspirations and grow talent from within our organisation.
Realise your full potential at Hong Leong Bank by applying now.