Technology Information Security Office (TISO) - Team Lead

  • Competitive
  • Cyberjaya, Selangor, Malaysien Cyberjaya Selangor MY
  • Festanstellung, Vollzeit
  • OCBC Bank (Malaysia) Berhad
  • 17 Jul 18 2018-07-17

Technology Information Security Office (TISO) - Team Lead

TISO serves as an independent IT security function under the Operations and Technology Division responsible for overseeing the overall IT security strategy and security functions.

There are three (3) main functions within TISO Malaysia.

  1. Information Systems Security (ISS)
  2. Security Monitoring (SMU)
  3. Cyber Defense (CD)
Responsibilities
  • Attend regional TISO and IT management meeting
  • Provide technical security advisory and recommend industry good practices to the team members and other internal users
  • Assist and manage cyber security incident handling and response
  • Alternate CSIRT commander
  • Functional specialist for TISO in various risk committees.
  • Able to understand technical reports e.g. vulnerability assessment, technical advisory from vendors and some forensic and investigation reports
  • Provide management and regulatory reporting
  • Coordinator for department regulatory risk assessment and internal control risk assessment, business continuity & disaster recovery plan
  • Familiar with financial and managing budget for department
  • Assist business to attend BNM presentation and meetings when requested (e.g. product presentation and cyber risk meeting)


Qualifications
  • Degree in Computer Science, Information Security, Information Systems, or related field, or equivalent professional experience required
  • Relevant technical/professional security certifications (such as: Security+, SANS GIAC, CISSP, CRISC, CISA, CEH or vendor-specific) required
  • 5 years of professional experience in leading Information Security, Cyber security, outsourcing, cloud, risk assessment and management functions
  • Strong research, analysis and problem-solving skills required
  • Solid knowledge of information security principles and practices.
  • Good knowledge of security management and technology security risk assessment is required
  • Familiarity with security controls in the banking environment.
  • Familiarity in assessing the threat landscape against emerging and prevailing security threats.
  • Experience in cyber security incident handling
  • Familiarity with the MAS TRM, BNM, guidelines and others will be an added advantage.
  • Excellent communication and interpersonal skills with good command of English
  • Good communication (spoken and written) skills
  • Some experience leading small teams is helpful