IT Security Operations

Job Purpose:

The Manager, Security Operations manages and executes the bank's daily IT security operational posture. This role ensures the continuous operation, compliance, and effective management of security controls and systems that safeguard Hong Leong Bank Berhad's critical IT infrastructure and data assets. The incumbent will lead a dedicated team to execute security operations tasks, drive tactical improvements, and ensure alignment with business and regulatory requirements.

Key Responsibilities:

The key responsibilities are focused on operational leadership, execution, and team supervision:

Security Operations Management:

o Manage the daily operations of all security appliances and equipment, including Firewalls, Web Application Firewalls (WAF), Endpoint Detection and Response (EDR) solutions (e.g., FireEye), Intrusion Prevention Systems (IPS), and Network Access Control (NAC) systems.

o Ensure optimal performance, availability, and configuration for all managed security components.

Compliance and Maintenance:

o Ensure adherence to internal policies, industry best practices, and regulatory guidelines, such as Bank Negara Malaysia's RMiT.

o Supervise and ensure the timely execution of patching, firmware upgrades, and vulnerability remediation across all security infrastructure.

Execution of Security Initiatives:

o Contribute to the execution of security technology refresh initiatives, ensuring systems remain secure and performant.

o Assist in the design and architecture of new security solutions and enhancements to existing controls.

Technology Evaluation:

o Support the evaluation and testing of new and emerging security technologies to enhance the bank's security posture.

Cross-Functional Collaboration:

o Collaborate closely with respective IT teams (e.g., Network, Database, Application, IT Risk) and business units to proactively identify and address security concerns.

Change Validation and Quality Assurance:

o Validate all security-related changes and configurations before deployment to production environments, ensuring minimal risk and adherence to change management policies.

Security Monitoring and Incident Response:

o Ensure that alerts generated from security components are promptly triaged, investigated, and acted upon, following established incident response procedures.

o Execute improvements to security monitoring and alerting capabilities.

Team Leadership and Development:

o Supervise, mentor, and develop a high-performing team of security operations professionals.

o Foster a culture of continuous learning and security awareness within the team. Reporting and Communication:

o Prepare and present regular performance reports and dashboards on security operations to senior management.

Service Improvement:

o Execute continuous service improvement initiatives, implementing automation and orchestration where feasible to streamline security processes

Qualifications & Experience:

Education: Bachelor's Degree in Computer Science, Information Technology, Cybersecurity, or a related field.

Certifications: Relevant professional certifications such as CISSP, CISM, GSEC, CCNP Security, Fortinet NSE 4+, Palo Alto PCNSE, or equivalent are highly desirable.

Experience:

o Minimum of 7-10 years of progressive experience in IT infrastructure and security roles.

o At least 3-5 years in a dedicated security operations supervisory or management capacity, preferably within the financial services industry.

o Proven hands-on experience and in-depth knowledge of managing and operating a wide range of security technologies (e.g., Firewalls, WAF, IPS/IDS, Endpoint Security, NAC, SIEM integration).

o Solid understanding of IT governance, risk management, and compliance frameworks (e.g., ISO 27001, NIST, BNM RMiT, PCI DSS).

o Experience contributing to the management of OPEX/CAPEX budgets

Skills & Attributes:

Leadership and Management: Strong leadership and people management skills, with the ability to motivate and supervise a team.

Problem-Solving: Strong analytical and problem-solving abilities, capable of dissecting complex security issues.

Communication: Excellent communication and presentation skills, with the ability to articulate technical concepts clearly to both technical and non-technical staff.

Work Ethic: Proactive, results-oriented, and able to thrive in a fast-paced environment

Job Type: Full-time

Pay: RM12, RM15,000.00 per month

Work Location: In person