Develop and enhance IT security governance processes aligned with organizational strategy and long-term objectives.
Enforce and provide proactive IT security consultancy and advisory services on policies, standards, and best practices across the organization.
Ensure security assessment exercises are conducted effectively and remediation actions are completed within defined timelines.
Review and evaluate change and firewall requests to ensure compliance with established security policies and standards.
Protect information system assets by identifying, analyzing, and resolving potential and actual security risks and vulnerabilities.
Job Requirements
Bachelor's degree in Computer Science or a related field, with specialization in Security, Networking, or Computer Systems.
Minimum of 8 years of experience in IT security within the financial services sector or a similar regulated environment.
Strong knowledge of information security practices, including compliance assessments, policy development, and frameworks such as ISO 27001, PCI-DSS, etc.; experience within highly regulated industries is preferred.
Familiarity with regional regulatory requirements and guidelines (e.g., MAS, BI, BSP, BNM, PBOC, HKMA).
Solid understanding of network components, protocols, and security solutions, along with awareness of vulnerabilities across operating systems, databases, and enterprise applications, and how to mitigate them.
Excellent written and verbal communication skills in English, with the ability to convey security concepts clearly, contribute to policy documentation, and present ideas in a business-friendly manner.
Proven experience working with and managing multiple stakeholders.
