IT Security Officer - MARC

Menu

Employment Types

Full Time

Job Location

Malaysian Rating Corporation Berhad 19-07, Level 19, Q Sentral, 2A Jalan Stesen Sentral 2, Kuala Lumpur, 50470 Kuala Lumpur Sentral, Malaysia.

Date Posted

12 Apr 2023

Valid Through

12 Jun 2023

IT Security Officer

Description

We are a credit reporting agency and data-driven business information and business-decisioning solutions company. Our mission is to help businesses make informed and verified decisions to drive business growth by leveraging on data analysis. We are a fast-paced, growing start-up and are looking for a Data Architect who has experience with designing, building, and managing enterprise data and reporting platforms from scratch. You will have the opportunity to be part of a dynamic team and take ownership of the data architecture for our company. With a unique opportunity to shape our data infrastructure from the ground up, we need someone who is excited about the challenge of building something new and has a proven track record of success in similar roles.

Responsibilities

Lead and manage IT Security operations and its security technologies at MARC.

Develop and implement IT security procedures for MARC that includes a well-defined and documented plan of action to mitigate security incident occurrence.

Ensure information security strategies, plans, and action plans are implemented to meet the IT Group's requirements.

Establish and continuously gather IT security reporting metrics and prepare IT security reports.

Ensure IT risk and policies are operated within the IT security framework and comply with internal and external regulations and policy compliance.

Monitor the remediation status of all identified IT Security issues and ensure the timely escalation of the high-risk threat to Management.

Ensure remedial actions are attended to if there is anything that needs improving or quickly fixed.

Propose continuous improvement of IT security controls and processes to ensure the quality and relevance of information security practices are meeting the enterprise and technology risks.
Help implement security controls on IT systems maintained/managed by other teams/departments.

Perform compliance checks across enterprise information assets and regularly audit the policies and controls that are in place.

Ensure cyber security stays on the organisational radar.

Provide guidance to team members on security aspects of the IT systems and applications operated/managed by them.

Perform risk assessment on IT infrastructure including servers, applications, and network security devices on a periodic basis.

Manage and drive IT security IT-related projects.

Provide independent views to Management on third-party assessments, where necessary.

Qualifications

Candidate must possess at least a Bachelor’s/ Professional Certificate in computer science or any other related field of study or equivalent.

Preferably a minimum of 5 years of relevant working experience.

Must have Cybersecurity certifications in either CISSP / CCSP / CISA / SSCP / CISM / ISO27001 Lead Auditor, etc.

Strong understanding of information security & regulatory standards/ frameworks, e.g., ISO/IEC27001, COBIT, ITIL, PCI-DSS, NIST Cyber Security Framework, BNM RMiT, MAS TRM Guidelines, etc.

Familiarity and experience with security standards and regulatory frameworks (e.g., ISO/IEC 27001, ITIL, BNM RMiT, MAS TRM Guidelines, PCI-DSS, etc.

Good communication and presentation in English.

Familiarity with various operating systems

Ability to conduct penetration testing and vulnerability assessment is a plus