Information Security Governance, Risk and Compliance

Celcom Axiata
ashley-avatar-image

AI-generated summary

beta
speech-bubble-tail-image

Oops, looks like Ashley forgot to summarize this job! We apologize for the inconvenience. Please read the complete Job Description for full details and additional information.

Undisclosed

Kuala Lumpur

Full-Time

Job Description

  1. Advice the Head of Information Security / Cyber Strategy and Governance in the development of all technology compliance policies.
  2. Collaborate with project planning team to ensure that overall Celcom Information Security governance is achieved in the areas of the Celcom Group IT and Telco Infrastructure and business solutions.
  3. Assess, identify, select and use various compliance tools to facilitate and automate the compliance program monitoring progress (driving efficiency and effectiveness of compliance process via automation).
  4. Act as SME in the periodic assessment of the company’s IT / Technology and relevant cyber regulatory compliance, and work with selected Cyber / IT and Technology Controls to document inherent and residual IT compliance risks.
  5. Provide an advice in relation to the convergence of networks and systems from a technical, product and process perspective
  6. Assist with the development and direct Cyber, IT and Technology controls monitoring programs to ensure overall IT / Technology compliance-related risks are managed to the appropriate level of acceptable residual risk.
  7. Lead the Report the levels of overall compliance risk and control effectiveness to the Cyber Risk & Compliance Lead and Cyber Strategy & Governance Leads.
  8. Develop and document root cause analysis for security incidents and control failures, including exception approvals and waivers.
  9. Ability to provide complete and accurate Celcom Information Infrastructure security knowledge with emphasis on the data / information flows and data handling.
  10. Contributes in preparing budgets for the solutions and provide inputs for the yearly organization budgets business plan.
  11. Protect company assets by helping to develop security strategies; directing system control development and access management, monitoring, control, and evaluation. Perform other duties as assigned.

Job Requirements

Education Qualification: 
Bachelor degree holder (IT or related technical preferred) with Information Security knowledge 
  • ISO 27001 Implementer / Lead Auditor 
  • CRISC (would be added advantage) 
  • CISA / CISM/ CISSP (would be an advantage) 
  • Good understanding of Information security related standards and best practices (these include ISO 27001, NIST, PDPA, PCI-DSS, Cybercrime act, CSA, IETF,TIA, ETSI etc.) 
  • Good understanding of Cyber laws and Law enforcement requirements. 
 
Years of Experience: 
At least 7-10 years working experience in IT Security and or related fields 
  • At least 7 years of Information Risk Management 
  • At least 4 years in Information Security GRC 

Additional Info

Experience Level

0 - 7 Years of Experience

Job Specialisation

General IT


Company Profile

Celcom Axiata-logo-image

Celcom Axiata

Creating awesome moments for YOU!

Some say we are in the business of telecommunications. We prefer to say we are in a ‘Business to deliver awesome customer experience by opening up your worlds’. Because at Celcom, we don’t just connect people to products and services, instead we help people connect with their world of possibilities.

Our purpose? We want to give you awesomeness at every point in your life, be it at home with your loved ones, to build collaboration at work or even reach out to the community as acorporate citizen. 

Information Security Governance, Risk and Compliance

Celcom Axiata

Undisclosed

Kuala Lumpur

Full-Time

This job is no longer available