This role will focus to protect the bank's IT assets and IT Data, adhering to security best practices, compliance and regulatory requirements.
The role duties will include but not necessarily be limited to the following:
Key Responsibilities:
- Manage development, publication, and maintenance of Information Security Policies, Standards and Procedures
- Implement Information Security Risk Management Framework based on industry cybersecurity frameworks & standards, such as NIST, ISO27001, to help identify, assess, and manage risk across the organisation.
- Manage on-going security assessment program in compliance to the MAS Technology Risk Management & outsourcing guidelines
- Collaborate with teams within and outside of Information Security to assess, monitor, and reduce security risk within the organisation.
- Enhance and manage InfoSec risk management processes; including risk identification, assessment, monitoring, remediation, and acceptance.
- Responsible for ensuring IT systems and applications within our organization meet the needs of the business while adhering to security best-practices, compliance and regulatory requirements
- Provide expert advice and support to the Bank in relation to IT Security & Regulatory changes
- Lead and manage Third-Party / Vendor audits
Key Dimension of Impact
- Maximize cybersecurity resilience.
- Minimize cybersecurity risks.