Security Operations Lead

Security Operations Lead

AXA Group Operations Malaysia Sdn Bhd
Kuala Lumpur
7 - 10 Years
Not Specified

Job Description

Job purpose:
  • Drive effective teamwork, communication, collaboration and commitment to deliver application and infrastructure vulnerability remediation’s across regional and local applications
  • Manage a consolidated view of security issues and remediation plans and report on this
  • Support remediation activities for major security incidents
  • Ensure Security Compliance and effective processes across application and infrastructure
  • Enhance Security Capabilities and tooling which enables operational efficiency for all relevant Information Security areas applicable
  • Act as single point of contact within Service Delivery organization for security related activities, collaborate across organizational boundaries (e.g. Solution Delivery, Regional & local CISO’s, vendors, etc.)
  • Participate and support Security Programs/Projects
  • Contribute to Audit relevant investigations and their management action plans to remediate the discovered risks
Key responsibilities – accountabilities
Job Description

  • Security Risk & Issue Tracking & Resolution
  • Work in a Security function, have oversight of, and drive improvements, in the AXA GO Asia control environment.
  • Act as subject matter expert to the business and to other members of the Security team as required.
  • Proactively investigate new threats to the business and propose solutions to address them.
  • Provide oversight of, and drive Security improvements in, internal service providers and critical third-party suppliers’ control environments.
  • Assist the rest of AXA GO Asia producing risk assessments as required.
  • Ensure AXA Security policies are met and maintained.
  • Provide Security requirements, and input, into projects.
  • Liaise with the Global/Regional Security Teams and/or Group Security and/or the other AXA GO ASIA Chapters (e.g. Risk/Compliance Team, Networks, End User Services, Distributed, etc.) to support assurance of
  • Security Frameworks and Security Baseline control effectiveness.
  • Support audit activity.
  • Collaborate with GO and local entities security and engage with Solution Delivery & Service Delivery teams to walkthrough the security vulnerabilities and seek mitigation action plans with timelines for each of security vulnerability in line with the defined SLA
  • Ensure all committed security vulnerabilities mitigation plans are recorded and captured accurately in the agreed and defined management tools.
  • Ensure a consolidated security vulnerability report is published
  • Ensue regular security vulnerability remediation follow-ups are done to capture and report the progress of the remediation plans.
  • Publish regular monthly status reports on all security vulnerability items and the status of the remediation to stakeholders.
  • Collaborate with Group Operational risk team to share all security vulnerabilities that have potential for Group wide impact.
  • Participate as required in security programs and project to deliver local & regional objectives
  • Contribute to Information Security Audits and drive remediation of identified risks in line with management action plans
  • Ensure and enforce Information Security relevant controls and process across the Asian region
Qualifications :

Education

  • Bachelor’s degree in computer science, Engineering, or related field.
  • An MSc Information Security would be desirable but is not essential

Certification

  • In depth experience of Security domains, architectures and issues.
  • Information Security and/or Information Technology industry certification like CISSP, CISM, CISA, CEH, GCIH, GCIA, OSCP, etc.
  • Overall work experience in the field
  • Experience in Information Security field > 4 years
  • Experience in security architecture > 2 years
  • Experienced in developing information security remediation requirements for vulnerabilities
  • Experience in delivering messages to technical teams and CISO and business audiences
  • Sensible to the risks associated with identified security vulnerabilities and their required timing for remediation
  • Strong focus on delivery
  • Experienced with Security Information and Event Management (SIEM) tools like ArcSight, CyberArc, QRadar, Splunk, X-Ray, etc.
  • Familiar with IS 27001 and sub sequential ISO definitions and standards applicable to information security
  • Familiar with DLP and relevant data classification frameworks
  • Experienced in working with project and program teams
  • Knowledge and experience with administration of UNIX/LINUX operating systems
  • Knowledge of Microsoft Windows Server operating system
  • Programming and scripting skills

Skills / abilities

  • Cross cultural sensitivity, flexibility
  • Organized with a proven ability to prioritize workload, meet deadlines, and utilize time effectively
  • Good interpersonal and communication skills, works effectively as a team player
  • Ability to function effectively in a matrix structure
  • Good analytical skills
  • Good English communication skills (written and oral)
  • Ability to manage multiple tasks

AXA Group Operations Malaysia Sdn Bhd

About Recruiter

10

Followers

12

Active jobs

Functions : IT

Industries : Insurance, IT/Computers - Software

Skills/Roles I hire for: IT

level Hiring For: High Level

Similar Jobs

People Also Considered

Career Advice to Find Better