Job Description

- Be the main point of contact for all issues pertaining to MoneyOwl CyberSecurity, Corporate IT and DevOps environment(s). 
- Design and lead the cyber security strategy, including but not limited to, Prevention (Firewall, DLP and etc), Threat Detection (internal sensors in place such as IDS, SIEM and etc) and Response (Incident response). 
- Provide advisory and solutioning on new security threats and vulnerabilities, including vulnerability assessments, security reviews of IT systems, network and core applications. 
- Develop, review and execute information security management framework and related IT Security policies within the company, including continuous assessment of IT security practices and policies to improve the security posture of the company. 
- Develop, review and update of the IT Business Continuity Plan. 
- Lead initiatives to assess the adequacy and effectiveness of IT controls and policies, ensuring that business users are compliant to the IS standards (ISO 27001, PDPA and etc). 
- Oversee the development and execution of corporate security awareness and training programs. 
- Lead a Cyber Security (external partners) team to manage end-to-end process across Cyber Security, IT Governance and IT Risk. 
- Enhance early detection capability through leveraging internal security data (Performing analysis of forensic evidence, log data, compromised hosts, and network traffic) and external sources (industry portals and etc) to identify existing gaps in security control and close the gaps. 
- Conduct information security incident investigations and propose relevant corrective and preventive measures. 

Job Requirements

- Diploma or professional certification in Information Technology, Computer Engineering, Computer Science or related fields. 
- At least 8 years’ experience in IT Governance/Compliance and/or IT Security & Operations, System Administration & Operations at least with 3 years of managing a team.  
- Experience in leading cross-functional teams in IT Governance and/or IT Security & Operations and/or System Administration & Operations will be an advantage. 
- Understanding of ITIL concepts, ISO 27001 concepts, MAS TRM and Outsourcing Guidelines. 
- Possess good people and collaboration skills. 
- Good presentation, verbal and written communications skills. 
- Proactive self-starter, resourceful and able to multitask in a dynamic work environment. 
- Meticulous in planning and tracking.