Technical Program Manager, Compliance - 349838
Kuala Lumpur, Kuala Lumpur
Created Wed, 5 Jan 2022
The job
The Technical Program Compliance team ensures the organization Solutions are always in compliance with the necessary security and compliance programs. We create, improve, and maintain security and compliance policies and processes, ensure such governing artefacts are communicated, and adhere to without compromise.
You will be directly lead and contribute to the continued building and managing of security and compliance artefacts. You will facilitate the planned security and compliance programs working closely with Product, Engineering and Infrastructure teams and be the liaison to the engaged lab assessor. You will establish the program plan, ensure transparency on the program status, risk and reporting to the relevant stakeholders.
Responsibilities
- Manage Security Audits, Compliance certification and/or attestation.
- Create and maintain security artefacts, including but not limited to information security policies, cybersecurity strategy, identity and access policies, and cyber incidents response process.
- Review investigations on breaches or cybersecurity incidents, including impact analysis and recommendations to avoid similar vulnerabilities.
- Ensure compliance in accordance with the changing of laws and applicable regulations.
- Make sure prompt training, updates, communications to all personnel to ensure compliance is enforced.
- Maintain up-to-date understanding of current Information Technology threats and translate that knowledge to the identification of risks and actionable plans.
Qualifications:
- Bachelor’s degree in Computer Science or equivalent experience.
- 5 years of experience managing security and compliance programs.
- Experience in information security, compliance and/or risk management.
- Experience with infrastructure systems, security assessments and security processes.
Preferred qualifications:
- Experience in information security, compliance, and/or risk management for payment and/or financial industry.
- Experience with security assessment for Payment Card Industry (PCI) programs including but not limited to PCI DSS and PCI PIN.
- Effective and fluent communication skill in relation to compliance.