Job Summary

Job Type


Years of Experience
Information not provided

Tech Stacks

Job Description

The Information Security & Technology Risk (ISTR) is ultimately responsible for technology risk and compliance activities, including, but not limited to:

  • Responsible for the adoption from the Group on all Information Security related Policies, Standards, Procedures and Guidelines
  • Responsible for the rollout of the various Information Security related initiatives such as Puppet, CyberArk, ForcePoint, ForeScount, etc
  • Constantly review IT Security policies and procedures to identify vulnerabilities
  • Performing Technology Risk Assessments and Cyber Risk Assessment validation
  • Evaluating third party vendor’s environment for security exposures and providing security expertise for security decisions/risk mitigations
  • Maintain an effective and timely incident reporting
  • Conduct local annual Desktop cybersecurity exercises
  • Participate in Group’s annual CSIRT exercises
  • Responsible for Cortical Application identification process
  • Be part of the Regional Security Governance; attending meeting, Governance enforcement, supporting initiatives
  • Be the single point of contact for all IT audits both internal and external, and to provide Audit Management Actions and follow up on all Audit Items till closure

To be successful, candidate must have the following:
  • Knowledge of Information Security, IT Infrastructure, SDLC, MAS-TRM, Cyber Risk Framework
  • Possess professional security related qualification CISSP, CISA, CISM, CRISC, OSCP
  • Very strong, proven working knowledge of Risk Management, Information Security, Controls practices
  • Hands on experience with DLP tools, such as CyberArk, Splunk
  • Preferably with technical and hands-on background and experience working within a similar function
  • Effective communication skills to influence Business stake holders and senior management to achieve the desired outcome
  • At least 5 years working in a Financial Institution or Public Services in Singapore
  • Possess a broad base of Information Security operations and Compliance knowledge
  • A motivated individual with ability to work independently with minimal supervision
  • Be a team player who is willing to step forward to help other colleagues to achieve the common goals


There are no salaries from Maybank Kim Eng that are similar to this job

View more salaries from Maybank Kim Eng

NodeFlair Insights of Maybank Kim Eng