If you are looking to excel and make a difference, take a closer look at us…

Overview:

As a member of the Security Governance, your primary responsibility will be to ensure the security & resilience of the organization’s digital assets & information systems. You will play a crucial role in defending against cyber threats and safeguarding our critical data/system.

Key Responsibilities:

Establishing security measures around an organization's key assets
Conduct intelligence / threat-based security assessments on critical systems / major applications / networks to identify security risks to brief systems owners of the potential impacts of those risks on their mission.
Security Posture Assessment
- Identification and Validation of Security Flaws
- Firewall config / policies assessment.
Stay up-to-date with the latest cyber threats, attack vectors, and industry best practices to continuously improve the organization’s security posture.
Collaborate with other teams to design and implement security solutions that align with the organization’s overall security strategy.
Prepare detailed reports and documentation related to cyber incidents, investigations, and security measures taken.
Risk and Control Self-Assessment (RCSA)- for whole GITS department
- Each item needs to be assessed by weekly, monthly, quarterly, half yearly and yearly basis
- Reconstruct RCSA Template
OSP Review – Ensign
- Required to be review yearly basis
SOP & Policy Review
- All related SOP and policy need to be review by yearly
PWC Audit request
CRMA BNM review
BNM KRI Reports

Jobholder Requirements

A Diploma/Bachelors degree in IT or Information/Cyber Security

Experience

Minimum 3 - 5 years working experience in Information/Network/Cyber Security with project experience
Understanding of cybersecurity concepts, principles, and best practices
Knowledge of network security protocols and systems
Familiarity with firewalls, intrusion prevention systems, and other security tools

Good to have:

Specialized experience in Blue Teaming or experience working within a Security Operations Center performing a variety of the services listed above in the job responsibilities.
Possess a broad knowledge of security methodologies, solutions and best practices
Experience with multiple open source and commercial testing tools; a non-comprehensive list includes Nessus, App Detective, Metasploit, Burp Suite, and nmap
Possess advanced understanding of the strengths and weaknesses of security tools with the ability to select the right tool for the job; ability to configure and troubleshoot tools if necessary
Ability to analyze network traffic and identify potential threats
Knowledge of malware analysis and remediation techniques
Understanding of risk management and compliance requirements
Good communication and problem-solving skills
Attention to detail and the ability to work under pressure

About Hong Leong Bank

We are a leading financial institution in Malaysia backed by a century of entrepreneurial heritage. Providing comprehensive financial services guided by a Digital-at-the-Core ethos has earned us industry recognition and accolades for our innovative approach in making banking simpler and more effortless for our customers. Our digital and physical offerings span across a vast nationwide network in Malaysia, strengthened with an expanding regional presence in Singapore, Hong Kong, Vietnam, Cambodia, and China.

We seek to strike a balance between diversity, inclusion and merit to achieve our mission of infusing diversity in thinking and skillsets into our organisation. Candidates are assessed based on merit and potential, in line with our mission to attract and recruit the best talent available. Expanding on our “Digital at the Core” ethos, we are progressively digitising the employee journey and experience to provide a strong foundation for our people to drive life-long learning, achieve their career aspirations and grow talent from within our organisation.

Realise your full potential at Hong Leong Bank by applying now.