SM/AD - IT Assurance (Investment Banking)

Job Duties

• Perform thorough security and assurance assessments on technology systems, infrastructure, and processes.
• Develop and implement security controls and measures to protect our organization's data and assets.
• Analyze security risks, identify vulnerabilities, and propose effective mitigation strategies.
• Manage external parties to perform information security assessment including but not limited to; vulnerability scanning, penetration test, technical security architecture assessment, etc.
• Propose, review and validate security architecture, designs and changes to ensure security is an integral part of the project delivery teams without compromising business objectives
• Conduct third-party cyber risk assessment to ensure security of organization systems and data in third-party environment.
• Engage in daily tasks required to execute the controls, policies, and procedures on security and compliance initiatives
• Maintain relevant Cybersecurity / Technology risk policies and procedures
• Collaborate with cross-functional teams to ensure compliance with Group security standards, policies, and regulations.
• Stay up-to-date with the latest security threats, trends, and best practices, to provide expert guidance and support to Group and regional teams on security matters.
• Foster strong relationships with stakeholders, including Group/regional teams, vendors, and external partners, to promote a secure and collaborative environment.
• Perform other duties as assigned by the supervisor.

Job Requirements

• 7+ years of relevant experience in IT Security/Security Assurance Testing
• Knowledge of security frameworks such as ISO 27001, NIST, CIS.
• Experience in conducting security control assessments and risk analysis. 
• Familiar with security tools and technologies suych as SIEM, Intrusion detection systems etc.
• Plus if knowledgeable on cloud technologies such as AWS.
• CISA/CISSP/CCSP holder