Head of Security Governance and Data Protection

An ideal candidate will oversee the organization's data protection strategies and compliance programs. Will be reporting to the CISO, this leadership role will focus on ensuring the protection of sensitive robust data loss prevention policies. The ideal candidate will have a strong domain knowledge in  governance frameworks, data protection laws, and compliance management.

Responsibilities:

• Will be responsible for building and leading team specialized in Security and Data Governance, as well as cryptography, and Authentication.
• Will lead the implementation of Data Loss Prevention (DLP) and data protection strategies.
• Ensure with internal and external audits, adherence to policies across all departments with the latest legal and regulatory standards are followed.
• Malaysian regulatory as well as industry standards such as PCI-DSS and Data Protection Acts.
• Lead initiatives in Identity and Access Management (IAM), focusing on process design, technology acquisition.
• Ensure that the organization follows established procedures for data protection internal and external audits, and remediation.
• Stay updated with industry trends and regulatory changes.

Requirements:

• Extensive experience in Cyber Security Frameworks, Authentication, Data Loss Prevention and Data Protection standards.
• Proven leadership in managing teams in governance and compliance functions, with an in-depth understanding of the regulatory landscape.
• Strong experience in compliance risk management and implementation of governance frameworks.
• Strong leadership skills, with the ability to manage cross-functional teams focused on compliance and data protection, excellent communication and stakeholder management skills
• 10+ years of proven experience in information security and/or risk and compliance roles within the banking or financial domain.
• Strong understanding of banking regulations, cyber security frameworks, and IT governance (e.g. NIST, COBIT, ISO 27001, FFIEC).
• Degree in Cybersecurity, Information Security, or related field.
• Certifications such as CISA, CISSP, CISM, or other governance and compliance- related certifications.