Senior Info Security Manager

  • Competitive
  • Kuala Lumpur, Federal Territory, Malaysia
  • CDI, Plein-temps
  • Standard Chartered Global Business Services Sdn Bhd
  • 16 janv. 19

Senior Info Security Manager

Group Information Security - Technology & Operations

Business Title: Senior Info Security Manager
Function: Identity & Access - PID Management
Location: Kuala Lumpur
Job Grade: G

Security Technology Services (STS) is a critical function within Standard Chartered Bank. It is the STS mission to protect the Bank from information security threats by delivering effective information security services, responding to security incidents and educating staff. The STS team is instrumental in ensuring the Bank soundly meets its commitments to internal and external stakeholders and maintains an appropriate cyber security defence posture. Furthermore, the STS team plays a significant part in the Bank's 'Here for Good' vision and brand promise.

The importance of our mission has strengthened over time and is a principle concern for shareholders, clients, regulators and the communities we operate in. Our Banks success depends on the Group Information Security Function to maintain the correct balance of security capabilities and risk management across the all businesses and functions across our global footprint.

Main Purpose of Job:
The Senior Information Security Manager role sits within STS Identity Access- Privileged ID (PID) Management team. T he main responsibilities will be to support the Head/Senior Manager of PID Management in delivering a well controlled PID management service that is both compliant with industry security best practice standards and allowing for timely withdrawal of PID according to established process and procedure for authorized change implementation or service resumption. Also establish a robust process that will allow for timely vault back of PIDs upon expiry of usage period using the Bank's authorized Privilege ID Manager Tool. The person will also assist to ensure availability of a stable PID service and enhance security risk program on PID usage within the Bank through efficient resource planning and allocation, forward planning of periodical process reviews in ensuring currency with best practices, providing guidance to the team, and developing relationships with stakeholders and parties across the Bank in driving for a more controlled PID usage.

Key Roles & Responsibilities:

    Enhance PID management service to comply with industry security best practice standards and meets the Bank's requirement on timely availability of PIDs for authorized change implementation and/or service resumption. Interact with all levels of management within the Bank while providing security service to authorized support teams across all of the Bank's regions. Effectively communicate and manage relationships with stakeholders globally. Manage team members to effectively deliver secured & timely PID service which is fully compliant with established documented processes.
· Provide coaching, support and career development to team members.
· Assist in ensuring compliance with relevant regulations covering PID management and security access management.
    Assist in the development of new/amended processes, innovative ways of working and reviewing risk and control assessments. Assist in the forward planning of periodical process review to manage anticipated future growth in volume and resource allocations.
· Manage a register security risks related to Security PID management and ensure that deficiencies are mitigated.
· Monitor and report on PID management security risk compliance to stakeholders.
· Support any training and awareness initiatives relating to PID management security risk.

Qualifications & Skills:
· 6 - 10 years of relevant experience in IT; out of which at least 3 - 5 years experience in Identity & Access / IAM / Information Security, on large and complex projects/operations.
· 3 - 5 years of experience in Banking and Financial services sector.
· In-depth understanding of IAM and service management concepts.
· Detail oriented, highly organized and able to handle a variety of tasks in an efficient manner.
· Ability to collect and analyze data, establish facts and make recommendations in written and oral form
· Possess strong decision making, communication, interpersonal and leadership skills
· Ability to work well autonomously and within a team environment
· Strong business / client engagement skills
· Time management skills with the ability to effectively follow up and track information
· Experience working in a geographically dispersed team is an added advantage
· High level of competence with MS Office
· Having Diploma or Bachelor Degree in Engineering, Computer Science / Information Technology or its equivalent
· Having relevant certifications like CISSP, ITIL will be an added advantage