Manager/executive, IT Security Governance - Singapore - Maybank

Maybank

Verified Company

Singapore

2 weeks ago

Posted by:

Wei Jie

beBee Recruiter

Description

JOB DETAILS
Job Type
Permanent
Position Level
Senior Executive
Qualification
Degree
Discipline
Computer Science
Specialization
Technology
Sector
Group Technology
Experience

8 years

Salary
Up to
SGD 9000

BHD

BND

CNY

GBP

HKD

IDR

INR

KHR

LAK

MMK

MUR

MYR

PHP

PKR

SAR

SGD

THB

USD

UZS

VND

Development, Maintenance, Monitoring and Decommission of IT Security Standards (hardening) and Procedures
Compliance Management
Outreach and Advisory

JOB RESPONSIBILITIES

Development, Maintenance, Monitoring and Decommission of IT Security Standards (hardening) and Procedures
Develop, maintain, monitor and decommission of IT security standards and procedures to all relevant stakeholders;
Work with system custodians/owners on the testing and implementation of the IT security standards and procedures;
Ensure IT Security standards and procedures remain uptodate and in compliance with IT Security Policy, laws and regulations, accreditation requirements and industry best practices;
Ensure key changes (to industry best practices, security benchmarks, hardening checklists, laws and regulations (e.g. MAS, BNM), cyber risks, IT landscape) are monitored and assessed if any impact to IT security standards and procedures;
Define and compile metrics and dashboards relevant to the development, maintenance, decommission and compliance with IT security standards and procedures.
Compliance Management
Evaluate and make recommendation(s) on IT Security standards, procedures and waivers raised by stakeholders;
Manage audits and assessments relating to compliance with IT security standards and procedures;
Evaluate risk profiles of all hardware and software used by the Bank and identify those that require intervention (e.g. develop new or revise existing security standard(s)) in order to raise the compliance levels and security of all hardware and software used by the Bank;
Lead and manage projects/initiatives related to the development, maintenance, testing, implementation, monitoring and decommission of IT security standards and procedures.
Outreach and Advisory
Communicate and cascade matters relating to IT security standards and procedures to relevant stakeholders;
Plan and manage engagement with stakeholders to enhance their understanding on IT Security standards and procedures, and obtain feedback for improvement;
Ensure timely and useful policy advice/ clarification are provided to stakeholders, evaluate and make recommendation(s) on IT Security standards, procedures and waivers raised by stakeholders;
Ensure necessary processes are put in place, and revised in a timely and agile manner in anticipation of changes to landscape and priorities in order to improve the bank's alignment to central policy priorities, to allow exceptions to be handled expeditiously and reasonably, and to remove or contain potential harm arising from noncompliance and breaches.

JOB SKILLS
1)IT-risk-management-framework
2)Cyber-threats-&-sercurity

JOB REQUIREMENTS

Experienced in writing and maintaining IT security/hardening policies, procedures, and controls in one or more standards/frameworks;
Knowledge of Tripwire, Nessus, computer networking concepts and protocols and network security methodologies;
Knowledge of risk management processes;
Knowledge of cyber threats and vulnerabilities;
Experienced in Risk Management in both a compliance and security context;
Ability to work in a fastpaced environment and the skills to deal with ambiguity;
Ability to handle multiple competing priorities;