Act as the Lead of IT Security, supporting business, technology, and security operational requirements, with a primary focus on network security and security risk management, including compliance with BNM RMiT, PayNet Cyber Resilience Guidelines, and other internal and external security regulatory requirements.
Plan, implement, update, and maintain security measures, defensive controls, and countermeasures to prevent and mitigate internal and external threats to computer systems.
Safeguard the Bank's computers, networks, software, hardware, and data against malware, cyber-attacks, and other security threats, whether on-premises or in remote environments.
Oversee the design, development, and enforcement of IT infrastructure security standards and information security processes.
Ensure the protection of data and information assets by strengthening the resilience of IT systems and network devices against all forms of cyber threats.
Manage and oversee security operations activities, including:
Penetration Testing
Vulnerability Assessment and Scanning
Patch and Vulnerability Management
Privileged Access Management (PAM)
Security Event Monitoring (SIEM)
Data Loss Prevention (DLP)
Assess the effectiveness of technical security controls and identify areas for continuous improvement.
Serve as the technical security lead for large and complex cross-functional projects, providing subject matter expertise and governance oversight.
Review, enhance, and enforce IT security policies and procedures governing corporate security, email and internet usage, access control, and incident response to ensure compliance with BNM, PayNet, and other regulatory requirements.
Participate in internal and external audits, articulating security controls and addressing audit findings or concerns effectively.
Collaborate closely with System, Network, and Application teams to remediate non-compliance issues identified through periodic IT security reviews, audits, and control assessments.
Promote IT security awareness locally through communications, awareness campaigns, posters, and onboarding sessions for new joiners.
Perform any other duties as assigned by Head of Division.
Job Requirements:
Minimum 12 years of working experience in IT Infrastructure, IT Security, and Applications support, preferably within the banking or financial services industry.
Proven experience in system maintenance and support within a banking environment.
Strong knowledge of relevant regulatory requirements applicable to financial institutions.
Well-versed in IT governance, IT security, IT controls, IT project management, and application management.
Preferably certified in, or with working knowledge of, ITIL processes, particularly Incident, Problem, and Change Management.
Strong analytical and problem-solving skills, with a process- and solution-oriented mindset.
Demonstrated teamwork, integrity, self-motivation, positive attitude, and proactive initiative in addressing challenges.
Ability to work independently with minimal supervision and guidance.
Excellent communication skills, including strong oral, written, and presentation abilities.
