Closing Date : 01/11/2024

Section Head, IT Policy & Compliance   (Vacancy Closed)

** For registered candidates, please login to apply

Life at U Mobile

We are Passionate, Innovative, Trustworthy, Team-Oriented & Fun-Loving.

At U Mobile, we are always on the lookout for great talents and passionate individuals to join our growing team.
Let’s start your journey with an award-winning organization!

#UnbeatableCareerAwaits

Top Reasons To Join Us!
•  Awarded For
    o Most Preferred Employers in Telecommunication Industry (2022, 2023 & 2024)
    o Bronze Winner in Cross-Generational Workforce Engagement (2024)
    o Gold Winner for Excellence in Workplace Culture (2021)
•  Comprehensive medical, dental, optical and insurance benefits
•  Flexi working hours arrangements
•  Staff Line & Device Subsidy
•  Smart Casual Attire
•  Child Parental Care Leave
•  Convenient location with access to public transport (Imbi Monorail/Bukit Bintang MRT)
•  Special employee discounts for selected F&B Brands

Job Summary
Oversees IT Security governance, risk and compliance for UM Group. Ensure the organization has a strong security mindset and culture, follows and complies to required regulations, standards and leading practices. Collaborating across the divisions to educate, improve IT Security risk controls and enhancing policies for Information Systems, where needed.

Job Responsibilities :

  • Develop, implement and improve long-term cybersecurity governance programs aligned with company objectives, including dashboard for reporting metrics.
  • Lead IT cyber risk initiatives, ensuring all departments understand and address key risks.
  • Oversee IT Security compliance with regulations, develop policies, and conduct security assessments to ensure ongoing alignment.
  • Create and update cybersecurity policies to adapt to emerging threats and technologies.
  • Lead training and workshops to build a strong IT security culture across the organization.
  • Provide accurate and timely reports on the organization's IT security posture and improvements.
  • Manage Security risks related to third-party vendors, ensuring they adhere to IT security policies.
  • Stay updated on regulatory requirements and ensure the organization meets IT compliance standards.
  • Regularly assess and improve security monitoring, adapting to new threats and technologies.
  • Work with various departments to integrate cybersecurity measures into business processes, aligning them with overall goals.
  • Sets goals to enhance UM's IT security posture and maturity.
  • Identifies and manages cyber security and information risks related to governance, compliance, and cybersecurity.
  • Develops and implements IT policies and security procedures in these areas.
  • Ensure compliance to ISMS/ISO 27001, PCI DSS, regulatory requirements, etc.
  • Leads IT Security Awareness training programs for the organization.

About You

  • Degree in Computer Science, IT, Cybersecurity, Telecommunications, or a related field.
  • Minimum 6-8 years of experience in Security Governance, Compliance, and the Telecommunications industry.
  • ISMS and PCI DSS Lead Auditor certifications preferred.
  • Experience in the Telecommunications sector.
  • Effective communication of compliance policies and updates.
  • Strong risk assessment and compliance management abilities.
  • Expertise in policy development, enforcement, and security awareness training.
  • Proficient in security reporting and fostering a strong security culture.
  • Skilled in third-party risk management and problem-solving.
  • Knowledge of the latest regulations and laws in Information Security.
  • Strong presentation, leadership, and people management skills.
  • Analytical thinking and attention to detail.
  • Collaboration with cross-functional teams, including legal, finance, and IT.

What’s Next ?
Once you have applied online, our team will review your application and due to a high volume of applications, only shortlisted candidates will be notified.