About the Role:

As our Head of Information Security Officer, you'll be the architect of this fortress, safeguarding our customers' data and ensuring the resilience of our innovative platform. You'll be the vanguard against cyber threats, shaping the future of secure digital banking in Malaysia. Reporting directly to senior management and the board, you'll be a key player in driving our vision of a secure, trustworthy, and revolutionary financial ecosystem.

Your mission:

• Act as the Head of Information Security Officer of the Bank and responsible for the oversight and governance of technology, information, and cyber risks across the Bank, and to ensure that information and technology assets are adequately protected.
• Responsible for developing and implementing technology risk management, information security and cyber resilience policies and frameworks across the Bank.
• Report on and advise Senior Management and the Board regarding prevailing and emerging technology and cyber risks, cyber threat landscape and effectiveness of the Bank’s technology risk management and cyber resilience frameworks.
• Advise on the development and implementation of the Bank's information and cyber security strategies, which align with the Bank’s goals and objectives and relevant regulatory requirements i.e. RMiT.
• Ensure the security of customer data, which includes implementing appropriate control measures, and that these are supported with effective risk oversight and governance.
• Conduct security risk assessments across the Bank, identify gaps and vulnerabilities, and provide recommendations and areas for improvement, where required.
• Work with the First Line of Defense to advise on the resolution and/or remediation of cyber incidents, including responding to incidents, recovery and remediation actions, and communicating with relevant stakeholders and regulators.
• Build and lead a team of security and technology risk professionals, and ensure that they are trained, mentored, motivated, and aligned with the Bank's overall strategy and goals.
• Ensure that the Bank's information and cyber security practices comply with applicable regulatory requirements, including those related to data privacy, technology risk and information security.
• Collaborate with business and functional units across the Bank, understand their information security needs and provide advice, and facilitate technology risk management and risk assessment processes.
• Develop risk metrics to measure the effectiveness of the Bank’s information and cyber security programs, and support driving the maturity of the programs over time.
• Drive the information and cyber security awareness programs for the Bank’s employees.
• Ensure that data protection impact assessments (DPIAs) are conducted where necessary.
• Identify and mitigate data protection risks across the organization.
• Serve as the Data Protection Officer (DPO) as the primary point of contact for the Department of Personal Data Protection(JPDP).

What You'll Bring:

• A Visionary Security Mindset: A passion for pioneering security solutions in the ever-evolving digital banking landscape.
• Cybersecurity Mastery: Extensive experience in developing and implementing comprehensive security strategies.
• Strategic Leadership: Proven ability to lead and inspire high-performing security teams.
• Regulatory Acumen: A deep understanding of banking regulations and data privacy requirements.
• Exceptional Communication: The ability to articulate complex security concepts to diverse audiences.
• A Relentless Drive for Innovation: A commitment to staying ahead of the curve in the fight against cyber threats.
• A Bachelor’s or Master’s Degree: In Computer Science, Information Security, or a related field.