Responsibilities Governance & Compliance:
- Develop, implement, and maintain security policies, procedures, and standards in line with industry best practices (ISO 27001, NIST, CIS, etc.).
- Ensure compliance with regulatory requirements (MAS TRMG, CCoP).
- Assist in internal audits and security assessments to identify gaps and recommend corrective actions.
- Support third-party risk assessments and vendor security compliance.
Risk Management:
- Conduct risk assessments and identify potential security threats, vulnerabilities, and mitigation strategies.
- Develop and maintain a security risk register, tracking risk treatment plans and progress.
- Monitor emerging security threats and ensure proactive risk management strategies.
- Assist in business continuity and disaster recovery planning related to security risks.
Security Awareness & Training: