Senior Executive of Network Security Management

Job Summary

Responsible for implementing regulatory frameworks and related instruments. This role is crucial for enhancing the security, resiliency, and reliability of network infrastructure and services, including Critical Network Information Infrastructure. The incumbent will also operationalize strategic initiatives to safeguard the nation's digital assets, protect consumer interests, and align with the National Policy Objectives outlined in the Communications and Multimedia Act 1998 (CMA98).

Job Responsibilities

1) Strategic Policy and Regulatory Framework Development:

Operationalize regulatory frameworks on information and network security that include the technical capabilities, aligning with national policy objectives of the CMA98, Malaysia Cyber Security Strategy, and other relevant national policies and directives.

2) Standards Development:

Establish and update/review information and network security regulatory instruments, including standards, codes, guidelines, and best practices, to enhance industry resiliency and readiness in the areas of information and network security. Ensure that these instruments remain relevant to evolving technologies and threats.

3) Industry Compliance:

Implement initiatives to promote compliance among industry players, ensuring adherence to established policies, regulatory frameworks, standards, codes, guidelines, and security best practices. Strengthen the security posture of the Communications and Multimedia industry.

4) Security Inspections and Assessments:

Plan and operationalize the implementation of security inspections and assessments on the industry and Malaysia's Critical National Information Infrastructure (CNII) to maintain continuous security preparedness

5) Strategic Monitoring and Threat Detection:

Explore, identify, establish and review suitable sectoral threat intelligence tools to identify emerging risks and vulnerabilities.

6) Threat Management and Incident Response:

Plan and implement the issuance of industry and public advisories addressing new and arising threats to network security. Serve as the designated sector lead for the C&M sector under Malaysia's national security framework. Identify and Implement proactive measures for the early detection of security incidents. Conduct in-depth analysis of security incidents to understand their nature and impact.

7) Strategic Project Management:

Manage and implement strategic projects in the areas of information and network security, including related stakeholder management, to ensure smooth project delivery.

8) Cybercrime Collaborations:

Collaborate with local and international law enforcement agencies, service providers, vendors, and other relevant parties to address and mitigate cyber-dependent crimes, cyber-enabled crimes.

9) International/National Collaborations:

Participate in domestic and international fora, such as ASEAN, ITU, APECTEL, to promote cooperation, information exchange, standards development, and collective security.

10) Security Simulations and Drills:

Manage and participate in security simulations and drills (cyber-drill) with the involvement of C&M industry where applicable, to strengthen Malaysia's network security readiness.

11) Network Security Expert Services:

To offer network security expert services to internal and external stakeholders in security incidents management, ensuring the security and resiliency of networks and systems.

12) DSA 1997, PSA 2012 and STA 2010:

Collaborate with key stakeholders to enhance the security of industries governed by the Digital Signature Act 1997, Postal Services Act 2012, and Strategic Trade Act 2010, ensuring collective resiliency and security.

13) Technology Risks:

Track the evolution and emergence of new technologies and risks (such as Al & machine learning, quantum computing, etc.) to manage the associated security risks arising from these technologies.

14) Capacity Development:

Plan and organised capacity development programs to address gaps within the department and within the C&M industry in the area of information and network security.

15) Financial Management:

Monitor the financial budget and costs to ensure effective and efficient utilization and management of funds

16) Performance Management:

• Comply with established department procedures to ensure accountability and effective performance management.
• Be on standby during specified periods to promptly address any ad-hoc cybersecurity incidents or issues outside regular working hour.
• Prepare relevant reports as required.
• Maintain accurate and updated records and information of the department.

17) Coaching, Guidance, and Mentoring:

Provide coaching to subordinates within the department to fulfil their self-actualization

18) Any other related ad-hoc task assigned by the supervisor from time to time.

Qualification & Work Experience

• Minimum Bachelor's Degree in Computer Science or Information Technology or other related disciplines with a minimum CGPA of 3.00 from a reputable University/College
• Minimum of 5-8 years of working experience in regulatory and/or information and cyber security domains would be an added advantage.
• Good command of Bahasa Malaysia and English.
• Problem-solving skills and out-of-the-box thinking.
• Multi-task, work independently, and work under pressure with minimum supervision.

Technical Competencies

• Proficiency in IT security project management.
• Familiarity with IT security technologies and solutions.
• Ability to analyze and interpret security trends and patterns.
• Understanding of network security protocols and technologies.
• Competence in implementing and maintaining IT security infrastructure.
• Skill in translating technical discussions into business terms.
• Ability to quickly adapt to and learn new IT security technologies

Behavioral Competencies

• Clear communication and collaboration.
• Adaptability and resilience.
• Proactive risk anticipation.
• Meticulous implementation.
• Integrity and ethics.
• Continuous learning attitude