- Petaling Petaling Selangor Malaysia
Working Location
Job Description
Responsibilities
We are seeking a highly experienced and strategic Head of Information Security to lead information security and cybersecurity agenda in line with Bank Negara Malaysia (BNM) regulatory requirements, including the Risk Management in Technology (RMiT) policy.
The incumbent will be responsible for establishing a robust security governance framework, safeguarding critical information assets, and ensuring compliance with regulatory expectations while enabling business growth and digital transformation. This role reports to Chief Risk Officer and works closely with the Board Risk Committee and Information Technology division.
Key ResponsibilitiesLead the development and implementation of enterprise-wide cybersecurity strategy, aligned with BNM RMiT and other regulatory requirements
Establish and maintain an effective information security governance framework, including policies, standards, and procedures
Drive cyber risk management practices, ensuring risks are identified, assessed, mitigated, and reported in accordance with BNM expectations
Ensure compliance with RMiT, PDPA, and other relevant regulatory and industry standards
Act as the primary point of contact with regulators (e.g., BNM) on cybersecurity and technology risk matters
Provide regular reporting and insights to the Board and Senior Management on cybersecurity posture, risks, and emerging threats
Lead cybersecurity incident management, including timely reporting to regulators as required under RMiT
Promote a strong cybersecurity awareness and culture across the organisation
Oversee third-party and outsourcing security risks in line with regulatory requirements
Build, lead, and develop a high-performing cybersecurity team
Ensure alignment with BNM RMiT policy document, including:
Technology risk governance and oversight
Cyber resilience and incident management
Third-party risk management
Data security and protection controls
Support the Board in fulfilling its oversight responsibilities on technology and cyber risk
Maintain clear segregation of duties and independence of the information security function
Bachelor’s degree in Information Security, Computer Science, IT, or related field
Minimum 8–12 years of experience in information security, with at least 3–5 years in a leadership role within financial services, insurance, or banking
Strong working knowledge of BNM regulations (RMiT) and Malaysian regulatory landscape
Proven experience in engaging with regulators and managing regulatory audits
Professional certifications such as CISSP, CISM, CISA, or CRISC
Strong understanding of cybersecurity frameworks
Demonstrated experience in incident response, cyber resilience, and risk management
Excellent leadership, stakeholder management, and communication skills, including Board-level engagement
Important Information
Never provide your bank or credit card details when applying for jobs. Do not transfer any money or complete unrelated online surveys. If you see something suspicious, Report this Job ad.