Job Categories: Technology and Security
Job Type: Full Time
Job Location: Bangsar
Our Head of IT Security & Infrastructure will be the process owner of all assurance activities related to the availability, integrity, and confidentiality of customer, business partner, employee, and business information in compliance with the Company’s information security policies. A key element of the Head of IT Security & Infrastructure’s role is working with KLDX’s management to determine acceptable levels of risk for the Company.
This position is responsible for establishing and maintaining a company-wide information security management program to ensure that all information assets are adequately protected. In addition, the Head of IT Security & Infrastructure is responsible for the Company’s resilience against cyber-attacks.
Head of IT Security & Infrastructure reports to the CTO.
- Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program;
- Develop, implement and continually improve the enterprise information security management framework and related systems;
- Work directly with all business units to facilitate risk assessment and risk management processes;
- Understand and interact with related disciplines through task forces to ensure the consistent application of policies and standards across all technology projects, systems, and services;
- Provide leadership to the Company’s information security organization;
- Partner with business stakeholders across the company to raise awareness of risk management concerns;
- Assist with the overall business technology planning, providing current knowledge and future vision of technology and systems;
- Planning and execution of periodic security education of staff;
- Responsible for the DRP (Disaster Recovery Plan); and
- Regulatory liaison for security issues and related areas.
- Conversant with security standards such as ISO 27001/2, NIST, etc;
- Conversant with DRP standards such as ISO 27031 and ISO 22301;
- Policy development and administration skills;
- Communication and presentation skills;
- Knowledge of industry regulation and standards compliance;
- Strategic management and planning skills;
- Supervisory and incident management skills; and
- Excellent collaboration skills.
Experience and Qualifications
- Experience in financial services (banking and/or capital markets) is preferable;
- Minimum of 8 to 12 years of experience in a combination of Information Security, Risk Management, and Compliance Management roles;
- Excellent written and verbal communication skills and a high level of personal integrity;
- Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams;
- Experience with contract and vendor negotiations and management including managed services;
- Specific experience in Agile-scaled software development or other best-in-class development practices;
- Experience with Cloud Computing across virtualized and containerized environments;
- Degree or masters’ in computer science or equivalent; and
- Professional security management certifications.