Share this Job
Apply now »

FVP, Information Security Governance and Risk Assessment

Posting Date:  07-Nov-2021

Kuala Lumpur, Wilayah Persekutuan, MY

Company:  United Overseas Bank (Malaysia) Bhd

About UOB

United Overseas Bank Limited (UOB) is a leading bank in Asia with a global network of more than 500 branches and offices in 19 countries and territories in Asia Pacific, Europe and North America. In Asia, we operate through our head office in Singapore and banking subsidiaries in China, Indonesia, Malaysia and Thailand, as well as branches and offices.

Our history spans more than 80 years. Over this time, we have been guided by our values — Honorable, Enterprising, United and Committed. This means we always strive to do what is right, build for the future, work as one team and pursue long-term success. It is how we work, consistently, be it towards the company, our colleagues or our customers.


Job Responsibilities



  • Manage and enhance the security governance framework (policies, standards, procedures, and guidelines)
  • Work with the Senior Management to develop plans for Security and Technology risk management and identify gaps and possible improvements to enhance the effectiveness and efficiency of the security governance framework
  • Manage follow-ups in case of violations of security policies
  • Lead and manage the design of overall security dashboard and integration of security KPIs into dashboards
  • Identify and drive key strategic initiatives to transform the way we work, enhancing security processes and comply to policies, driving an increased maturity and effectiveness of security across the whole organization.
  • Design and roll out education program for security awareness across organization, including tracking of overall effectiveness and targeted training follow-ups to enhance learning success
  • Manage the pro-active engagement and communication with the regulator on security questions, including gap analysis and tracking and managing all identified issues to closure.
  • Develop and maintain security capability reference model and promote the use of standard controls and design patterns
  • Conduct review and drive security architecture and secure design


Risk Assessment

  • Manage cyber and tech risk management from a company-wide end-2-end perspective, incl. management and assessment of security and tech risk controls
  • Manage and conduct IT security risk assessment for applications and IT infrastructure projects, against organization IT security policy & standards, and regulatory requirements.
  • Ascertain appropriate security control measures are incorporated into the application systems to mitigate identified risk exposures.
  • Manage and conduct IT security risk review on proposed conceptual solutions based on business initiatives or new technology adoption
  • Manage and conduct ad-hoc and annual Information Security due diligent assessment for key outsourcing service providers.
  • Manage and ensure all assessments conducted are properly documented and with endorsement from organization security working committee.


Job Requirements

  • A Bachelor’s Degree in Computer Science, Engineering, Information Systems or related iscipline.
  • Minimum 15 years of working experience with at least 5 years’ experience in hands-on security governance, technical security risk assessment and IS due diligent assessment, in financial industry
  • Broad understanding of the key aspects of IT which includes strategic planning, application implementation & support, IT Infrastructure, Vendor & Contract Management, Cyber Security, IT audit, IT governance, Risk management and business continuity planning.
  • Familiar with security standards and best practice; regulatory requirement such as BNM RMiT, MAS TRM, PCI-DSS and etc.
  • Industry certifications will be a plus e.g. ITIL, PMP, CRISC, CISSP, CEH, CISM and CISA.
  • Highly result oriented and can work independently while handling multiple concurrent assignments.
  • Ability to build relationship and interact effectively with internal and external parties.
  • Strong engagement skills with stakeholders i.e. business and technology will be a plus.
  • Strong analytical and critical thinking skills, able to conceptualize and frame problem statements and prioritise issues to enable a clear and effective path to resolution
  • Good communication, writing and presentation skills.
  • Ability to lead change, and to adapt quickly to changing priorities
  • Ability to exercise discretion and independent judgment in applying established techniques, procedures or standards.


Be a part of UOB Family

UOB is an equal opportunity employer. UOB does not discriminate on the basis of a candidate's age, race, gender, color, religion, sexual orientation, physical or mental disability, or other non-merit factors. All employment decisions at UOB are based on business needs, job requirements and qualifications. If you require any assistance or accommodations to be made for the recruitment process, please inform us when you submit your online application.

Apply now with CVs and make a difference.


Apply now »