IT Security Manager (Banking)

An ideal candidate with PRINCE2 Practitioner or PMP certified will oversee the organization's data protection strategies and compliance programs, focus on ensuring the protection of sensitive robust data loss prevention policies, have a strong domain knowledge in governance frameworks, data protection laws, and compliance management.

Responsibilities:

• Will be responsible for building and leading team specialized in Security and Data Governance, as well as cryptography, and Authentication.
• Will lead the implementation of Data Loss Prevention (DLP) and data protection strategies.
• Ensure with internal and external audits, adherence to policies across all departments with the latest legal and regulatory standards are followed.
• Malaysian regulatory as well as industry standards such as PCI-DSS and Data Protection Acts.
• Lead initiatives in Identity and Access Management (IAM), focusing on process design, technology acquisition.
• Ensure that the organization follows established procedures for data protection internal and external audits, and remediation.
• Stay updated with industry trends and regulatory changes.

Requirements:

• Extensive experience in Cyber Security Frameworks, Authentication, Data Loss Prevention and Data Protection standards.
• Bachelor Degree in Cybersecurity, Information Security, or related field.
• Proven leadership in managing teams in governance and compliance functions, with an in-depth understanding of the regulatory landscape.
• Strong experience in compliance risk management and implementation of governance frameworks.
• Strong leadership skills, with the ability to manage cross-functional teams focused on compliance and data protection, excellent communication and stakeholder management skills
• Minimum 15 years working experience in Cybersecurity or IT Security project management /or risk and compliance roles within the banking or financial domain.
• Strong understanding of banking regulations, cyber security frameworks, and IT governance (e.g. NIST, COBIT, ISO 27001, FFIEC).
• Certifications such as CISA, CISSP, CISM, or other governance and compliance- related certifications,