Senior Principal - Information Security Specialist

Senior Principal - Information Security Specialist Join to apply for the Senior Principal - Information Security Specialist role at PayNet (Payments Network Malaysia).

Summary Of Responsibilities

• Enhance governance of processes and systems through data and analytics and automation;
• Assess and manage cyber security risks both current, emerging, and unknown;

Monitor and ensure compliance with cyber security policies and regulatory requirements; and

Transform the overall tech and cyber risk management processes by automation, integration and data-driven approach.

This role is essential in protecting the country's payments ecosystem against evolving cyber threats. In executing this role, you will lead a diverse team and collaborate with the broader departments and divisions in PayNet. You will also take a leading role in elevating the payments ecosystem through implementation of collaborative initiatives.

Key Requirements

Understanding of cyber security risks covering both PayNet and the payments ecosystem

Understanding of international, regional, and local regulatory requirements and guidelines and standards for cyber security, data protection, and privacy specifically for the financial industry

Experience and familiarity in implementing leading practices, standards, frameworks, and guidelines for managing cyber security risks

Experience related to information and cyber security strategy planning, security architecture design and review

Experience and understanding of security operations, security management, IT and network infrastructure, IT operations, technology and solution architecture, cloud architecture, and overall IT operations and IT service management

Familiarity and experience with security technology and solution design and implementation, especially in the areas of security monitoring and detection such as SIEM, SOAR, and overall security operations centre’s operations and management

Experience in managing and leading a team, and ability to work cross-function and cross-domains

Experience in AI / ML, GenAI and LLM, and data analytics will be an added advantage

Additional Requirements

Excellent interpersonal, facilitation, and management skills, along with effective communication (both written and verbal) skills

Strong history of external engagement with industry peers, working groups, and cybersecurity communities

Strong analytical and problem-solving skills

Possess critical and creative thinking skills and a growth mindset

Key Areas Of Responsibilities

Cyber Risk – Enablement and Tooling

Enhance governance processes and systems, leveraging automation, data, analytics and AI

Establish and implement risk-based and threat-based monitoring and reporting utilizing automation and data collection and analysis

Prepare and update information security policies, architectures, standards, and technical documents

Improve cyber security risk management and overall Cyber and Technology Risk operations through process improvements, data analytics, automation and AI

Collaborate with internal teams from various divisions and departments to improve governance and enhance cyber resiliency

Cyber Risk Management

Develop and provide input into cybersecurity risk management strategies aligning to corporate strategy and goals

Enhance cyber risk assessment processes

Perform cyber risk assessment and assist and provide advice on mitigation measures

Participate in other periodic assessments and thematic reviews and provide practical recommendation

Develop and maintain cyber risk monitoring for PayNet’s ecosystem (participants and critical service providers)

Monitor, report, and recommend improvements for cyber security operations

Provide advisory in the areas of cybersecurity to various stakeholders including in forums / committees

Execute business-as-usual activities such as awareness, cyber drills and crisis simulation, and others

Responsible and accountable for implementing strategic cybersecurity initiatives

Collaborate with internal teams from various divisions and departments to cyber risk management – this includes, but not limited to :

Enhancing cloud security posture

Implementing strategies for API security

Automating BAU processes and regulatory requirements such as red teaming, purple teaming, vulnerability assessment, etc.

Compliance

Assess compliance against legal and regulator requirements using modern approaches such as data analytics, automation, and AI

Monitor laws, regulations, industry standards, and ethical requirements related to information security and privacy, and ensure PayNet's compliance

Collaborate with internal teams from various divisions and departments to enhance compliance to legal and regulatory requirements

Payments Ecosystem Cybersecurity Collaboration

Establish collaboration with the payments ecosystem (banks, third party acquires, e-wallets, fintechs and other entities) in the areas of cyber risk management, AI governance, and research and development

Establish collaboration with other internal organisation such as research institution

Qualifications

Degree in Information Technology (IT), Computer Science or other related discipline with relevant experience in managing cyber risk in financial market infrastructures, critical national infrastructure, or other industries

10-15 years or more of experience in cybersecurity, IT, or a combination of both

Experience in managing and leading teams of various sizes

Demonstrated experience in providing security advice to a wide range of stakeholders

Strong project management skills

Seniority level

Mid-Senior level

Employment type

Full-time

Job function

Engineering and Information Technology

#J-18808-Ljbffr