Ciso, Cc and Dcda

**Job**: Technology

**Primary Location**: Asia-Malaysia-Bukit Jalil KL

**Schedule**: Full-time

**Employee Status**: Permanent

**Posting Date**: 31/Mar/2024, 10:57:29 PM

**Unposting Date**: Ongoing

**Role Responsibilities**

**Strategy**
- Accountable for the Client Coverage (CC) and Digital Channels and Data Analytics (DCDA) Information and Cyber Security Strategy
- Responsible to socialize the strategy within the CC and DCDA platform and liaise with the CC and DCDA CIO and COO Teams
- Supporting the business achieving its outcome considering ICS journey
- Determining in collaboration with the Head of ICS Risk and Threats key ICS threats and risks to CC and DCDA businesses and their mitigation plans
- Track and align ICS adoption and execution to the ICS risk reduction initiatives with key enterprise programmes (Obsolescence remediation, Cloud Adoption etc.)
- Provide deep consulting expertise on complex projects, delivering workable and risk/threat-driven solutions
- Provide thought leadership on emerging technologies and how they can be secured

**Business**
- CISO, CCIB, Core Technology and Functions delegate within the CC and DCDA businesses
- Be the focal point for ICS across CC and DCDA businesses. Drive to a strong engagement both with businesses CIOs and COOs
- Identify and manage ICS risk within the CC and DCDA businesses and represent ICS risk to CCIB Risk Committee, key in scope regulators and industry bodies
- Establish communication channels and information flows with Business, Regional and Country MTs, various first and second-line teams mobilised to deliver ICS risk reduction for CC and DCDA
- Educate Senior executives regarding ICS Risks to drive accountability across the business
- Address GIA queries for CC and DCDA related to ICS and address GIA RFIs for CC and DCDA ICS strategy, standards, controls and ICS tools

**Processes**
- Proven ability to lead highly complex, global, pan-bank, multi-year programmes by driving collaboration and participation by functions, Regions and countries.

**People & Talent**
- Excellent organisation and leadership skills with ability to manage multiple deadlines and effectively prioritise, including strong collaboration with peers

**Risk Management**
- Responsible for monitoring and managing ICS Incidents for CC and DCDA
- Responsible to represent CISO, CCIB, Core Technology and Functions in the CC and DCDA Governance Forums and Risk Committees
- Responsible to remediate Audit/Regulator ICS Issues for CC and DCDA
- Responsible for the CC and DCDA ICS Risk Profiles, working in collaboration to the CCIB, Core Technology and Functions Head of ICS Risk and Threat in executing the TSRA framework
- Support the management of the programme professionally and efficiently, closely tracking timeline commitments for provision of information and action plans, and for validation of actions taken
- Drive the adoption of “lessons learnt” driving consistency and efficiency.

**Governance**
- Ensure key ICS risk and issues are monitored and appropriately addressed by key stakeholders
- Ensure adoption of the ICS controls across CC and DCDA
- Ensure ICS Controls are being adopted in new technologies and projects

**Regulatory & Business Conduct**
- Display exemplary conduct and live by the Group's Values, Valued Behaviours, and Code of Conduct
- Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across the Bank.
- Effectively and collaboratively identify, escalate, mitigate, and resolve risk, conduct and compliance matters.

**Key stakeholders**
- Global CISO and ICS MT
- CISO, CCIB, Core Technology and Functions
- CC and DCDA Tech MT
- CC and DCDA COOs
- CC and DCDA Business owners
- ICS Control owners
- Global Head, Business Risk Management, CCIB COO
- Education - Bachelor’s degree (Economics, Management, IT, added advantage)
- Training - At least 5 years’ experience in banking industry - Advantage
- Experience in IT and ICS operations execution and management - MUST
- Experience in securing Cloud Infrastructure and Network Security - MUST
- Experience securing Software/Code - MUST
- Experience in ICS Risk Framework within banking industry - MUST
- Experience managing global Transformational Programs - MUST
- Certifications - CISSP, Risk and Information Systems Control Certificates - Advantage
- Languages - English

**Role Specific Competencies**
- Understanding of the Cyber landscape and ICS Controls within the CCIB environment
- Excellent organisation and leadership skills with ability to manage multiple deadlines and effectively prioritise
- Proven ability to lead highly complex, global, pan-bank, multi-year programmes by driving collaboration and participation by functions, Regions and countries.
- Extensive change and programme management experience, ideally gained in the financial industry
- Ability to foster positive relationships with internal and external stakeholders at appropriate