Information Security Risk and Compliance Officer

Celcom Axiata
ashley-avatar-image

AI-generated summary

beta
speech-bubble-tail-image

Oops, looks like Ashley forgot to summarize this job! We apologize for the inconvenience. Please read the complete Job Description for full details and additional information.

Undisclosed

Kuala Lumpur

Full-Time

Job Description

  1. Responsible for maintaining and continuously improving Celcom risk compliance policies, procedures, and guidelines.  
  2. To Maintain internal Celcom compliance program against Celcom Information Security Policy and Procedures and to ensure proper tracking and reporting are in place for internal control reviews and risk assessments.
  3. Assess, identify, select and use various compliance tools to facilitate and automate the compliance program monitoring progress (driving efficiency and effectiveness of compliance process via automation) Develop scripts and automated tools for testing compliance (e.g. access review scripts, minimum baseline compliance scripts, etc.)
  4. Support Information Security and Compliance Manager to perform periodic assessment of the company’s IT / Technology and relevant cyber regulatory compliance, and work with selected Cyber / IT and Technology Controls to document inherent and residual IT compliance risks.
  5. Maintain the maturity level of cyber risk level and ensure proper tracking is in place to improve the maturity level.
  6. Assist with the development and direct Cyber, IT and Technology controls monitoring programs to ensure overall IT / Technology compliance-related risks are managed to the appropriate level of acceptable residual risk.
  7. Support Information Security and Compliance Manager to report the levels of overall compliance risk and control effectiveness to the Cyber Risk & Compliance Lead and Cyber Strategy & Governance Leads.
  8. Collaborate with project planning team to ensure that overall Celcom Information Security governance is achieved in the areas of the Celcom Group IT and Telco Infrastructure and business solutions.
  9. Ability to provide complete and accurate Celcom Information Infrastructure security knowledge with emphasis on the data / information flows and data handling.
  10. Protect company assets by helping to develop security strategies; directing system control development and access management, monitoring, control, and evaluation. Perform other duties as assigned.
  11. Assist in identifying the information security risks and evaluating the potential gaps
  12. Conduct risk assessments of third parties as part of the Vendor Risk Management program
  13. Sustain awareness of external regulations for new or changed requirements (e.g., ISO27001, PCIDSS, etc)
  14. Responsible for maintaining and continuously enhancing Celcom’s compliance and risk management programs
  15. Accountable and being involve with various Celcom Information Security compliance and Risk Management initiatives

Job Requirements

Education Qualification: 
Bachelor degree holder (IT or related technical preferred) with Information Security knowledge 
  • Knowledgeable with following information security risk frameworks: ISO 27001, 27002, NIST 800, COBIT 
  • Knowledgeable with following regulatory compliance: GDPR, SOC 1/2/3, PCIDSS, NIST, PDPA 
  • Following certifications would be added advantage: CRISC, CISA/ CISM/ CISSP 
  • Good understanding of Cyber Risk and Risk Assessment requirements 

Years of Experience: 
At least 3-5 years working experience in IT/ Information Security and or related fields. 
  • At least 2 years of Information Risk Management
  • At least 2 Years in Information Security GRC 

Additional Info

Experience Level

0 - 7 Years of Experience

Job Specialisation

General IT


Company Profile

Celcom Axiata-logo-image

Celcom Axiata

Creating awesome moments for YOU!

Some say we are in the business of telecommunications. We prefer to say we are in a ‘Business to deliver awesome customer experience by opening up your worlds’. Because at Celcom, we don’t just connect people to products and services, instead we help people connect with their world of possibilities.

Our purpose? We want to give you awesomeness at every point in your life, be it at home with your loved ones, to build collaboration at work or even reach out to the community as acorporate citizen. 

Information Security Risk and Compliance Officer

Celcom Axiata

Undisclosed

Kuala Lumpur

Full-Time

This job is no longer available