Senior Information Security Specialist

SUMMARY OF RESPONSIBILITIES

• Operationalize Data Security Posture Management (DSPM) tool and maintaining Data Loss Prevention (DLP) solutions
• Analyze data security risks and develop strategies to mitigate identified risks
• Identify gaps/vulnerabilities in relation to data security, ensure proper data security measures, and monitor compliance to local regulatory requirements
• Refine DSPM policy on a regular basis
• Stay up-to-date with the latest developments in data security and implement best practices to protect the organization's data

KEY REQUIREMENTS

1. Experience in operationalizing DSPM and DLP solutions and identifying security gaps
2. Knowledge of relevant data security related regulations and standards, such as FSA/iFSA, PDPA, MCIPD, etc.
3. Ability to stay current with the latest developments in data security
4. Good communication, collaboration, and presentation skills. Ability to explain complex concepts in plain language and graphics, and in business and layman terms

The following technical experience and understanding will be an added advantage:

1. Understanding and have experience in evaluating or implementing various data security related solutions and technologies, such as data vault
2. Familiar with the latest regulatory frameworks related to data security and cybersecurity
3. Familiar with the technology stack in data storage and repository architectures such as data lakes
4. Familiar with the design and implementation of data security controls such as tokenization

KEY AREAS OF RESPONSIBILITIES

1. Operationalize the DSPM and maintaining DLP solution to ensure continuous monitoring of data security posture across the organization
2. Identify and mitigate vulnerabilities and gaps in relation to data security measures
3. Regularly refine the DSPM and DLP policies based on evolving security needs and regulatory changes
4. Strategise and monitor the data security mitigating controls for the purpose of an independent assurance of its effectiveness in mitigating the risk of data breach
5. Develop, review and update data security related policies and procedures
6. Collaborate with other teams (i.e. Service Management, Risk and Controls) to ensure data security measures are integrated into all aspects of the organization's operations
7. Execute ad-hoc assignments as instructed by the CISO and Senior Director of Risk & Compliances

QUALIFICATIONS

TECHNICAL COMPETENCIES

• Practical experience in data security and protection
• Understanding of data security laws and regulations

MINIMUM QUALIFICATIONS

• Degree in Information Technology (IT), Computer Science or other related discipline with relevant experience in managing cyber risk in financial market infrastructures, critical national infrastructure, military, security intelligence or equivalent
• 2-5 years (or more) of working experience in information security or a related field

ADDITIONAL REQUIREMENTS

• Excellent interpersonal skills along with effective communication (both written and verbal) skills
• Strong analytical and problem-solving skills, with a critical and creative thinking mindset