Cyber Assurance & Information Security Officer

Your Role

The Cyber Assurance & Information Security Officer provides supports to IT Risk Head on the following:

• Cyber Risk Assessment (CRA) – provides assessment on the cyber security practices of the Bank’s Outsourced Service Providers (OSPs) and mitigate potential risks that could be introduced to the Bank through their operations
• Information Security Risk Assessment (ISRA) – conducts a systematic process by which different units of the Bank identifies their information security risks, their likelihood, and their impact, so as to implement plans to mitigate them
• Technology Risk Management– assist in systematically identifying the causes of failure in the organization’s technology related functionalities, assessing the risk of impact to the business and taking the appropriate risk remediation action

How you can contribute

Cybersecurity risk management

• Plan, implement and monitor reporting mechanisms for governance, cyber security and risk management practices and monitor realistic plans to address areas requiring remediation
• Contribute to the development of organizational strategies to information security and ensure that IT and Business are compliant with agreed quality, performance and standards
• Collaborate with managers to establish channels and methods for collecting data and information to build compliance dashboard and Risk monitoring
• Position the IT Assurance & Cyber Security team as a change catalyst for operational excellence, improved accountability, effectiveness and efficiency

Technology Risk Management

• Reviews, analyses, reporting and governance activities to support the development and delivery of IT and Business operations, in line with established policies, procedures and standards to support, continuous improvement and performance of OCISO
• Manage, develop, implement, and review industry standard IT assurance frameworks, policies, procedures and standards; and build a tailored and dynamic assurance plan to establish minimum cyber security requirements
• Point of escalation for Third party due diligence and review process and ensure effective monitoring of resolution in compliance with MPI IT Security policy and standards

Your Profile

• Bachelor's degree in Computer Science, IT or a related discipline.
• Cybersecurity/IT Security/Information Security and Technology Risk Management related working experience in Financial Services Industry (FSI) is an advantage
• Has a related experience in an outsourced environment and supplier management
• Has banking experience in developing and implementing security and information assurance strategies, policies, standards, processes and procedures in Banking and Finance sectors
• IT Certification is an advantage such as CISA, CISM, and ISO 27001
• Knowledgeable of ISO27001, IT Services and operation, Risk, Audit and Compliance
• Good presentation skills and excellent oral and written communication skills