Search by job, company or skills

Bank Negara Malaysia

Manager, Data Protection (SPSU), Cyber Security

Save
  • Posted 3 days ago
  • Be among the first 10 applicants
Early Applicant

Job Description

Job Description

To drive and coordinate the execution of the technical new data protection tasks as well as oversee the existing tasks carried out by the operational team.

Responsibilities

  • Data Protection Strategy Implementation: Implement and continuously improve the data protection strategy, including new projects and initiatives. This particularly involves defining requirements for data protection technology upliftment to address ongoing changes in the threat landscape, as well as external and internal factors such as the new PDPA, upcoming data sharing laws, and regulations.
  • Risk Analysis and Mitigation: Periodically review and analyse business process/data flow diagrams, data lineage and outcome of automated data discoveries to continuously identify risk profiles, threats, blind spots, and controls to mitigate these identified risks.
  • Business Rules Management: Manage business rules and exception requests from data owners for data protection tools. Conduct periodic health checks of these tools to identify unnoticed system issues and explore ways to stay clean.
  • Event Analysis: Analyse events, identify trends, and detect correlations from data protection tools across Data at Rest, Data in Motion, and Data in Use. Develop action plans based on insights gained from the analysis to strengthen data protection measures.
  • Stakeholder Collaboration: Collaborate with stakeholders across the Bank, including data owners and the DPO, to review and enhance the DPP Methodology. This includes updating policies, standards, procedures, and the operating model for continuous improvement, and acting as a point of contact for data protection-related matters ensuring alignment and communication across all relevant parties.
  • Responding to data security protection requirement and enablement arising from new data privacy, data protection and data sharing law and regulations.
  • Mapping of compliance requirement of related data protection laws with current technical controls, assess effectiveness and identify new initiatives to close any gaps encountered.

Nature of Accountabilities and Competencies

Job Complexity & Problem Solving

  • Data Protection Technical Knowledge: Technical knowledge and expertise in data protection tools, technologies, and capabilities that are available and relevant to the Bank to effectively mitigate data protection risks and threats such as data lost preventions, database encryption, anonymisation, tokenisation etc.
  • Maintaining and Enforcing Policies and Standards: Ability to update, and enforce data protection methodology, policies and standards with the technical knowledge of data protection and information security.
  • Risk and Controls Assessment: Ability to perform comprehensive risk assessments impacting data protection, prioritise risks based on potential impact, and identify appropriate data protection controls. This includes reviewing and analysing data flow diagrams to understand risk profiles, assess threats, and determine effective data protection controls to mitigate those risks.

Leadership & Stakeholder Management

Collaborate with executive stakeholders across the Bank to communicate the data protection element DPP Methodology including key details such as program mission, vision, objectives, roadmap of the activities, structure and roles required for the ownership, oversight, management and operations.

Qualifications

Academic Qualifications: Degree in Computer Science / Data Science or its equivalent. Must possessed professional certification related to data protection or information security like CISM, CRISC, ISO/IEC 27001 and ISO/IEC 27701 Lead Implementer, CISSP, CISA or CIPT, is an added advantage.

Experience and Skills: At least 5+ years in IT and Data Analytics.

Only shortlisted candidate will be notified

More Info

Job Type:
Industry:
Employment Type:

Job ID: 151121037

Similar Jobs

Malaysia, Kuala Lumpur

Skills:

Presentation SkillsRisk AssessmentPolicy DraftingAnti-Bribery and Corruption legislationDue DiligenceReport Writing

Malaysia, Kuala Lumpur

Skills:

integrating technology in Governance Risk and Compliance frameworkconducting compliance benchmarkingpolicy formulation and analysisRisk Assessmentregulatory surveyscompliance work

Kuala Lumpur

Skills:

"Reporting & Analytics"TrainerCall CentreMandarinCantoneseManagement Skill"Contact Center Operations""BPO Operations""Team Management""People Leadership""Operations Management""Voice Support""Chat Support""Email Support""Customer Service""Service Delivery""Service Level Management""SLA Management""KPI Management""Queue Management""Real-Time Management""Workforce Management""WFM""Roster Management""Intraday Management""Schedule Adherence""Occupancy Management""Shrinkage Management""AHT""Average Handle Time""FCR""First Contact Resolution""CSAT""Customer Satisfaction""NPS""Quality Management""Abandonment Rate""Contact Center Metrics""Performance Management""Coaching""Mentoring""Team Development""Performance Appraisal""Escalation Management""Incident Management""Root Cause Analysis""RCA""CAPA""Kaizen""Continuous Improvement""Process Improvement""SOP Development""Operational Governance""Stakeholder Management""Client Management""MIS Reporting""Data Analysis""CRM""Telephony Systems""Workforce Planning""Conflict Resolution""Hiring Management""Attrition Management""Absenteeism Management""Information Security""Data Privacy""Audit Compliance""Risk Management""Microsoft Office""Google Workspace""Leadership""Operational Excellence""Customer Experience Management""24/7 Operations Management"

Malaysia, Kuala Lumpur

Skills:

Statistical Analysisstochastic calculusCapital management allocation conceptsRegulatory Risk Based Capital RegimeFinancial insurance actuarial risk assessmentActuarial practiceSCR calculationTime series modellingRisk management

Malaysia, Kuala Lumpur

Skills:

business impact analysis business continuity management Information SecurityIncident ManagementInformation TechnologyOperational resilienceBCM exercisesRisk frameworks and policiesRisk appetite and tolerance statementRisk managementRisk Analysis