Permodalan Nasional Berhad (PNB): 1) AVP, Governance & Business Security 2) AVP, Security Strategy, Architecture & Planning 3) Manager, Security Strategy, Architecture & Planning 4) AVP, Cyber Monitoring & Defense Centre 5) Manager, Cyber Monitoring & Defense Centre 6) AVP, Cyber Security Technology & Devices 7) Assc. Manager, Cyber Security Technology & Devices Management 8) Assc. Manager , Data Security and Protection

 


Hiring:

1) AVP, Governance & Business Security
2) AVP, Security Strategy, Architecture & Planning
3) Manager, Security Strategy, Architecture & Planning
4) AVP, Cyber Monitoring & Defense Centre
5) Manager, Cyber Monitoring & Defense Centre
6) AVP, Cyber Security Technology & Devices
7) Assc. Manager, Cyber Security Technology & Devices Management
8) Assc. Manager , Data Security and Protection

If you are interested in being part of our exciting journey and growing with #TeamPNB, please send your CV to:

recruit@pnb.com.my

by 27 September 2023 with the subject: AVP, Governance & Business Security / AVP, Security Strategy, Architecture & Planning / Manager, Security Strategy, Architecture & Planning / AVP, Cyber Monitoring & Defense Centre / Manager, Cyber Monitoring & Defense Centre / AVP, Cyber Security Technology & Devices / AM, Cyber Security Technology & Devices Management / AM, Data Security and Protection

(Source: Nazirah Khalid, 2023)

More info:
----------------------

1) AVP, Governance & Business Security

Job Responsibilities:

- Directly responsible for policies, procedures and controls to assure compliance with applicable regulatory, legal and audit requirements as well as good business practices.
- Develop and manage an information security risk management program including development, evaluation, and adherence to multiple areas of practice.
- Develop a risk strategy that identifies and classifies risks, defines appropriate tolerances, prioritizes mitigation activities, and measures risk levels using the CMMI Cyber Maturity / NIST CSF Framework.
- Establish and oversee formal risk analysis and self-assessments program for various information services, systems, processes and recognized industry standards.
- Identify, assess, manage, and track remediation of risks related to IT infrastructure, applications, platforms and suppliers and drive explicit requirements and timelines in all environments.
- Develop strong relationships with external audit and key stakeholders to ensure risk management oversight is understood, managed appropriately and current with all standards, guidelines, and regulations that are applicable.
- Liaise with all departments to identify, track and provide remediation guidance for new projects, services and/or third-party contracts in terms of information security assurance.
- Oversee highest risk initiatives and serve as a point of escalation for remediation/mitigation efforts
- Develop security compliance strategy and approach and ensure compliance with regulatory requirements, local laws, contractual requirements and globally-recognised standards and guidelines.
- Identify regulatory, legislative, and industry specific compliance requirements and define controls that can be used to meet those requirements.
- Oversee third party assessment standards and privileged user monitoring as a check on critical systems’ access.
- Build out and maintain current Governance Risk Compliance tools and processes within information security to provide visibility and transparency

Requirement:

- Applicants must possess at least a Bachelor’s Degree in Computer Science / Information Technology / Information Security or any related field
- Minimum of 10 years working experience in related field
- Strong knowledge of security frameworks such as ISO 27001, NIST, CIS and COBIT
- CISSP (Certified Information Systems Security Professional) qualification is key
- CISM (Certified Information Security Manager)
- CISA (Certified Information Systems Auditor)

----------------------

2) AVP, Security Strategy, Architecture & Planning

Job Responsibilities:

- Start all planning and architecture process with strict adherence to PNB principles.
- Responsible for pragmatically embedding PNB’s Information security Policies, guidelines and standards across all platforms and services.
- Engage with enterprise architecture team to ensure security is a part of all architectural standards and processes.
- Define methodology, conduct architecture security assessments, and address any findings by supporting solution implementation to produce DevSecOps platforms that includes people, process, and technology operating models.
- Take ownership of security issues cleanup within legacy application and achieve pragmatic and measurable objectives.
- Develop Project Initiation Document, requirements; collaborate with stakeholders and project resources and support vendor & equipment selection.
- Partner with relevant functions and pillars to develop and document security governance framework for projects and establish - Platform / infrastructure Threat modelling technology and processes.
- Coordinate and effectively communicate architectural vulnerabilities with supporting risk statements and realistic mitigation options to stakeholders.
- Work with the Information Security Team and other Technology / Business / Enabling Function pillars to improve efficiencies within security operations, monitoring, and governance by leveraging existing capabilities or by introducing new capabilities.
- Socialize security policy, standards, and guardrails across relevant areas of the organization - empowering and educating people to build secure and compliant systems.
- Support Cybersecurity operations team during and after security incidents and develop mitigation plan to avoid future occurrences.
- Assisting internal stakeholders to understand not just the technology aspects of security but to balance these with people and process aspects to create a coherent overall approach.

Requirement:

- Applicants must possess at least a Bachelor’s Degree in Computer Science / Information Technology / Information Security or any related field
- Minimum of 10 years working experience in related field
- CISSP (Certified Information Systems Security Professional) and CISM (Certified Information System Manager) qualification is key.
- Advanced understanding of security protocols, cryptography, and security.
- ITIL certification would be an added advantage.

----------------------

3) Manager, Security Strategy, Architecture & Planning.

Job Responsibilities:

- Lead a team of security professionals in developing and implementing security strategies, architectures, and plans to protect the organization's assets and data.
- Collaborate with other members of the security team, IT staff, and business stakeholders to understand security requirements and develop solutions to meet those requirements.
- Conduct security risk assessments and provide recommendations for mitigating risks.
- Develop and maintain security policies, standards, and procedures.
Participate in incident response activities and investigations as needed.
- Stay current with industry trends, emerging technologies, and new threats to ensure that the organization's security strategy remains up-to-date and effective.
- Work with third-party vendors to ensure that their products and services meet the organization's security requirements.

Requirement:

- Applicants must possess at least a Bachelor’s Degree in Computer Science / Information Technology / Information Security or any related field
- Minimum of 8 years working experience in related field
- CISSP (Certified Information Systems Security Professional) and CISM (Certified Information System Manager) qualification is key.
- Advanced understanding of security protocols, cryptography, and security.
- ITIL certification would be an added advantage.

----------------------

4) AVP, Cyber Monitoring & Defense Centre

Job Responsibilities:

- Alternate to Head and manage incident response by investigating and performing analysis on every aspect of an incident.
- Monitor and analyse issues. Escalate cases with a focus on alerting, reporting, and risk mitigation.
- Hands-on work on utilizing Threat Intelligence platforms and tooling within a Cyber Security or Cyber Defense function.
- Contribute with your knowledgeable of current tactics, techniques, and procedures (TTP) used by threat actors and practical application of the MITRE ATT&CK framework or similar.
- Proactively investigate, analyse, handle, and resolve security incidence using threat intelligence.
- Evaluate new security solution, and collaborate with other departments for deployment of new technologies.
- Provide actionable intelligence to drive threat hunting.
- Own the use of intelligence tooling to collect useable and actionable intelligence against specific requirements.
- Work cross-functionally to review existing policy and procedures, as well as developing new ones when appropriate.


Requirement:

- Applicants must possess at least a Bachelor’s Degree in Computer Science / Information Technology / Information Security or any related field
- Minimum of 10 years working experience in related field
- Have experience on Log Management or Incident Response Platform, OWASP top 10, malware, computer intrusion, identity theft, denial of services, and other potential security threats.
- Knowledge on threat intelligence, incident response in cloud and containers, security principles, techniques and technologies
- Well-developed analytical skills to understand security and intelligence threats.

----------------------

5) Manager, Cyber Monitoring & Defense Centre

Job Responsibilities:

- Collect, process, and disseminates cyber threat intelligence.
- Prepare and maintain the tools and security technologies to be incident respond ready.
- Preserve and collect digital evidence during an incident.
- Analyse digital evidence and investigate computer security incident to determine the scope of the incident, root cause, impact and mitigation plan.
- Develop and review, regularly test, rand update the identified use cases, security playbooks and response plan.
- Support the evaluation and acquisitions of information security system/tools/hardware as requested.
- Provide reports on the security posture of the enterprise using security analytics and information gathered from security monitoring.
- Research on current and high impact tracts to the enterprise and provide recommendation to close any security gaps.


Requirement:

- Applicants must possess at least a Bachelor’s Degree in Computer Science / Information Technology / Information Security or any related field
- Minimum of 8 years working experience in related field
- Have experience in Threat and vulnerability management, Incident response and handling, Security monitoring.

----------------------

6) AVP, Cyber Security Technology & Devices

Job Responsibilities:

- Develop and implement standard operating procedures (SOPs), processes, procedures, tools, and documents for security operations and Managed Security Services (MSS) to ensure streamlined workflow and adherence to best practices.
- Assist in managing and leading professional and administrative staff to process, formulate recommendations and to otherwise make decisions in respect of all types of new services.
- Assist in enhancing managed security services portfolio based on new and existing technologies (especially security solutions) and customer requests.
- Evaluate security technologies and third-party services that provide the most value and are best suited for the organization.
- Co-ordinate with the VP to manage the allocated staff, financial and other resources effectively.
- Address customer concerns in reference to products, services rendered, or employee interactions.
- Contribute to the strategic growth and development of the services within the organization, as well as exploring new areas for growth.
- Conduct research on requests for new cyber managed services and changes to existing services.
- Provide recommendations and/or alternatives to the requested service catalogue changes.
- Provide support and guidance to the operational teams to ensure compliance with the contract requirements.
- Propose new internal IT tools, initiatives, and processes to improve the efficiency and security of the organization's infrastructure.
- Assist in managing and enhancing the quality of project management (people, processes, and business environment).
- Assist in leading or managing complex engagements and mentoring less experienced teams.
- Maintain constant communication with management, service, project and operations delivery teams, and vendors to ensure proper operations of the organization.

Requirement:

- Applicants must possess at least a Bachelor’s Degree in Computer Science / Information Technology / Information Security or any related field
- Minimum of 10 years working experience in related field
- Endpoint Security training, such as courses on Endpoint Detection and Response (EDR) or Endpoint Protection Platform (EPP) tools, Infrastructure Security training, such as courses on secure network design and architecture, identity and access management (IAM), cloud security, and network security protocols.

----------------------

7) AM, Cyber Security Technology & Devices Management

Job Responsibilities:

- Assist in implementing standard operating procedures (SOPs), processes, procedures, tools, and documents for security operations and Managed Security Services (MSS) to ensure streamlined workflow and adherence to best practices.
- Assist in managing and leading professional and administrative staff to process, formulate recommendations and to otherwise make decisions in respect of all types of new services.
- Support in enhancing managed security services portfolio based on new and existing technologies (especially security solutions) and customer requests.
- Assist in evaluating security technologies and third-party services that provide the most value and are best suited for the organization.
- Collaborate with the Manager to manage the allocated staff, financial and other resources effectively.
- Address customer concerns in reference to products, services rendered, or employee interactions.
- Conduct research on requests for new cyber managed services and changes to existing services.
- Provide recommendations and/or alternatives to the requested service catalogue changes.

Requirement:

- Applicants must possess at least a Bachelor’s Degree in Computer Science / Information Technology / Information Security or any related field
- Minimum of 4 years working experience in related field
- Endpoint Security training, such as courses on Endpoint Detection and Response (EDR) or Endpoint Protection Platform (EPP) tools, Infrastructure Security training, such as courses on secure network design and architecture, identity and access management (IAM), cloud security, and network security protocols.

----------------------

8) AM, Data Security and Protection

Job Responsibilities:

- Collate and review data inventory with respective department data stewards/ 3rd parties to ensure risk areas are identified and mitigated. Ensure encryption controls are applied for sensitive data.
- Perform assessment/review/proof of concept of various encryption and key management technology including those related to endpoint, database, file/folder, tokenization, cloud and big data environments.
- Develops, tracks and analyses actionable metrics to continuously improve tooling and procedures and provide visibility of operations to management.
- Tracks, analyses and reports logs/alerts/escalations related to data usage/transfers/shares/violations.
- Documentation of security implementation/ operational manuals and developing configurations to meet business requests.
- Manages and continuously enhances the capabilities within Data Security and Protection service portfolio.
- Develop and ensure effective security communications with users, stakeholders and external parties (where required).
- Point of contact for resolutions on data security and protection issues with internal and external parties to PNB.


Requirement:

- Applicants must possess at least a Bachelor’s Degree in Computer Science / Information Technology / Information Security or any related field
- Minimum of 4 years working experience in related field

----------------------


Comments

Post a Comment

Popular posts from this blog

PETRONAS: Fresh Graduates: 1. Executive Electrical Eng.) 2. Executive (Instrument Eng.) 3. Execute(Mechanical Eng.) 4. Technician (MT - Civil Eng.) 5. Technician (MT - |Mechanical Eng.) 6. Technician (MT - Process Operation) 7. Technician (MT - Process Technology) 8. Technician (MT - Electrical Eng.) Experienced Hires: 1. Manager (Analytical Technology - U&T) 2. Executive (Civil & Structural) 3. Executive (DCS/PLC-MLNG Tiga & T9) 4. Executive (SE-Unfired) 5. Executive (Plant Inspection) 6. Executive (Process Engineer) 7. Executive (Protection & Control-P1&P2) 8. Technician (MT - Inspection) 9. Technician (MT - Instrument Eng.)

Image
  Hiring:  Fresh Graduates: 1. Executive Electrical Eng.) 2. Executive (Instrument Eng.)  3. Execute(Mechanical Eng.) 4. Technician (MT - Civil Eng.) 5. Technician (MT - |Mechanical Eng.) 6. Technician (MT - Process Operation) 7. Technician  (MT - Process Technology) 8. Technician (MT - Electrical Eng.) Experienced Hires: 1. Manager (Analytical Technology - U&T) 2. Executive (Civil & Structural) 3. Executive (DCS/PLC-MLNG Tiga & T9) 4. Executive (SE-Unfired) 5. Executive (Plant Inspection) 6. Executive (Process Engineer) 7. Executive (Protection & Control-P1&P2) 8. Technician (MT - Inspection) 9. Technician (MT - Instrument Eng.) Email to: mismawie.idris@petronas.com Deadline: 1st April 2023 (Source: Azril Hisham Kamal Bashah, 2023)
Read more

Maybank: Management Trainee (BMELP) Fresh Graduates

Image
Maybank (Perak Branch) is hiring for the following position: Branch Management Entry Level Program (BMELP) For fresh graduates This BMELP provides a structured development program to provide potential fresh graduate talents to meet the future demand for key roles at our Maybank branches especially in Region Perak.  About BMELP Program: -The BMELP is a talent management programme where fresh graduates are recruited and developed. -To build a bench strength of talent pool potential for Branch/Centre management key positions. -To equip them with a strong foundation of branch operations through classroom learning and on the job learning. -To prepare them to be accelerated in their first branch management role within the desired timeline.   Entry Requirements: -Candidates must possess at least a Bachelor’s Degree in any related Degree, preferably in Accounting/Finance/Banking/Commerce/Engineering or any Business related. -Candidates should have strong command of written and spoken English.
Read more

IJM Corporation: Contracts Exec & Manager (QS) / Engineer / Project Exec & Manager / Safety & Health / Architectural / Land Surveyor

Image
  IJM is hiring for the following positions (refer image below for details): Contracts Exec & Manager (QS) Engineer (C&S/M&E/Planning) Project Exec & Manager Safety & Health Environmental Construction Manager Land Surveyor Supervisor Architectural Apply here:  https://docs.google.com/forms/d/e/1FAIpQLSf6J0iRHWwNvvP5qzq1DRewqcIEfewOO8l5Uxq7nqW1jq_I6A/viewform More info and can apply here too:  https://careers.ijm.com/ (Source: IJM, 2022)
Read more

MARA: DG41 Pegawai Perkhidmatan Pendidikan (Pelbagai Subjek) Guru MRSM

Image
  MARA: DG41 Pegawai Perkhidmatan Pendidikan (Guru MRSM) Subjek: a. Bahasa Inggeris b. Bahasa Melayu c. Bimbingan & Kaunseling d. Biologi e. Fizik f. Kimia g. Geografi h. Logistik i. Matematik j. Media k. Pendidikan Islam l. Pendidikan Islam (Tahfiz) m. Pendidikan Jasmani & Pendidikan Kesihatan n. Pengajian Makanan / Bioteknologi Makanan o. Pengurusan Perniagaan p. Prinsip Akaun / Perakaunan  q. Reka Bentuk Teknologi r. Sains Komputer s. Seni Persembahan t. Seni Reka Grafik Mohon disini:  https://www.mara.gov.my/peluang-kerjaya-bersama-mara-dg41/ (Source: MARA, 2022)  
Read more

Sapura Energy Berhad: Graduate Engineer and Non Engineer Programme

Image
  Graduate Engineer and Non Engineer Programme with Sapura Energy Berhad. Criteria • Malaysian citizen not more than 26 years old. • Bachelor's Degree holder with minimum CGPA of 3.5 , recognized by Board of Engineer Malaysia (BEM) (Engineering) and recognized Higher Learning Institution (Non-Engineering) • Unemployed or under-employed in non-relevant areas of graduate's qualifications Meet the criteria?, drop your most updated CV and latest transcript to  graduate@sapuraenergy.com (Source: Najib Rahman, 2023)
Read more

Sime Darby Property: Procurement / Finance / Marketing / Graphic Designer / Leasing / MARCOM / Customer Service / Risk

Image
  1. Executive, Finance (Consolidation) - Preferably with an Audit background handling reporting and consolidation. Needs ACCA or ICAEW or CPA 2. Executive, Finance - Preferably with Property Development experiences. 3. Executive, Digital Marketing - Experiences in planning and executing digital advertising & marketing strategies for Marketing & Sales. Handle Social media. 4. Executive, Graphic Designer 5. Officer, Procurement 6. Officer, Finance 7. Officer, Finance (Account Payable) 8. Executive and Senior Executive, Leasing 9. Senior Executive, Risk 10. Assistant Manager, Risk - Experience in governance is preferred (Risk, Audit, and Internal Audit). Experience in ESG Risk Management and BCP is added advantage 11. Executive, MARCOM 12. Officer, Customer Service Before sending your resume do put the subject as " Application for (Job Position)" Interested qualified candidates may submit your applications to: careers@simedarbyproperty.com or you can apply through  http
Read more

SLB: 1) Fresh Graduates in Engineering (Petroleum/Mechanical/Chemical/Electronics/Civil/Equivalent)

Image
  SLB in Malaysia is actively hiring fresh graduate with a Diploma in Engineering. Interview date : 6th to 7th February 2024 Venue : Kuching, Sarawak To apply, candidates must submit their application via https://lnkd.in/g34TeVST no later than 4th February 2024, and email us at SEA-Recruitment@slb.com  Secure your seat and grab this opportunity to join our team! Warning on recruitment fraud – SLB never asks for payment to any reason. Please do not send money or pass any personal details to anyone suggesting they can provide employment with us. We will never ask potential job-seekers for any sort of advance payment as part of the recruiting or hiring process. For more information please visit: https://lnkd.in/gC5H2ZyT (Source: SLB, 2024)
Read more

Duopharma Berhad: ProGrad (Management Trainee) for Fresh Grads

Image
  **ProGrad**   is our accelerated career development programme designed to equip talented young graduates to become future business leaders. **Duration : ** ProGrad is a 24 months program **Area /Scope :** You have the option of joining either in the area of manufacturing, technical or commercial / Office Support. **Job Rotations** : You will be rotated to various departments in the 1st year. And in the second year, you will be placed in the department that you are most suitable in. **What will you get in your learning Journey** * On-the-job Training * Formal Training * Coaching / Mentoring * Real-life Business Case Challenge * Project Assignments * Job Rotations **What it takes to join us :** * Minimum degree with CGPA of 3.0 and above * Age 25 & below * Excellent communication & interpersonal skills “Make the smarter choice to have a better career”. (Source: Duopharma, 2022) Apply here: https://www.joincareerfair.com/job/duopharma-biotech-berhad-2112-prograd/ OR Submit your
Read more