Enable job alerts via email!
Audit Lead, Cyber Security
RHB Banking Group
Selangor
On-site
MYR 120,000 - 180,000
Full time
4 days ago
Be an early applicant
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Start fresh or import an existing resume
Job summary
A leading banking institution is seeking a Cybersecurity Audit Leader to manage audit assignments, ensure compliance with cybersecurity frameworks, and lead a team in identifying vulnerabilities and improving controls. The ideal candidate will possess strong leadership skills, significant experience in cybersecurity audits, and certifications like CISSP or CISM.
Qualifications
- 7-10 years in cybersecurity audit, 3-5 in leadership.
- Proficiency in banking cybersecurity frameworks and practices.
- CISSP, CISM, CISA preferred.
Responsibilities
- Manage and execute audits according to the approved plan.
- Provide insights and recommendations on vulnerabilities.
- Coach team members and ensure quality audit documentation.
Skills
Leadership
Analytical skills
Communication
Problem solving
Education
Bachelor’s Degree in Computer Science
Master’s Degree (preferred)
Tools
Firewalls
SIEM
Intrusion detection/prevention systems
Encryption
Job description
Objective
- Assist the Functional Area Head in the execution of the approved audit plan / other assignments and in coaching team members.
- Develop audit plans to assess the adequacy of cybersecurity controls designed to protect sensitive data and systems from internal and external threat, identify gaps and provide recommendations for improvements.
- Perform cybersecurity audits including audits of security programs, vulnerability assessments, network security, incident response, access management and third party risk management.
- Provide insights into areas of potential vulnerability and recommend corrective action.
- Keep up to date with industry trends, regulatory changes and emerging cybersecurity threats.
- Plan, execute and manage the risk-based audit assignments as per the Audit Plan to ensure the audit fulfil the approved audit objectives and audit scope and the standards as prescribed in the Audit Methodology.
- Monitor audit assignment to ensure completion of each audit within the budgeted timeline, manpower resources and cost allocation.
- Review the draft audit findings, root causes and recommendations for each audit assignment to ensure that they are appropriate for discussion with the line management.
- Attend the end-of-audit discussion with the auditees to confirm the draft audit findings, root causes and recommendations.
- Review the draft audit reports to ensure that all significant audit findings with their risk /impact identified and the underlying root causes are reported with appropriate audit recommendations in order to strengthen the existing internal controls.
- Monitor and follow-up with auditees timely on the implementation status of the audit recommendations with regard to audit finding raised, and follow-up on matters arising from deliberation of the audit reports at the MAC meeting.
- Conduct special review, ad-hoc assignment and investigation as directed by superior within the allocated time, resources and cost.
- Review new/ updated policies, procedures and processes to ensure appropriate internal controls are incorporated.
- Perform timely review of the Electronic Working Paper (EWP) of subordinates and ensure proper completion of audit documentation in the Audit Management System (AMS) for every audit assignment.
- Review the Audit Programs and ensure timely updated with the relevant guidelines and changes in processes as well as adequacy of scope and coverage.
- Motivate, coach and provide on-the-job training to subordinates and to enhance the quality of work and deliverables by the staff.
- Attend the Group’s project meeting where required and provide recommendations on key controls to be considered upfront by Management.
- Assist the FA Head in the preparation of the Annual Audit Plan including carrying out risk assessment exercise on all the audit universe.
- Perform any other duties as assigned by the superior.
- Bachelor’s Degree in Computer Science, Information Security, or a related field. A master’s degree is a plus.
- Preferred professional accreditation: CISSP (Certified Information System Security Professional), CISM (Certified Information Security Manager), CISA (Certified Information System Auditor).
- Minimum 7-10 years of experience in cybersecurity audit or a mix of experiences in cybersecurity audit and CISO’s office with majority time spent in cybersecurity audit, with at least 3-5 years in a leadership or management role.
- Proven experience in cybersecurity audit role in financial services environment.
- In-depth knowledge of cybersecurity frameworks, risk management practices, and regulatory requirements specific to the banking industry.
- Strong leadership and team management capabilities.
- Advanced knowledge of cybersecurity tools, technologies, and methodologies (e.g. firewalls, intrusion detection/prevention systems, SIEM, encryption)
- Deep understanding of network architecture, encryption, access controls and identity management.
- Strong analytical, problem solving and decision making skills.
- Excellent communication and interpersonal skills, with the ability to convey technical information to non technical stakeholders.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
Land a better
job faster
job faster
Follow us
