Information Security Officer

The Information Security Officer (ISO) Malaysia is a key role within the Allianz Technologys global IS organization. The ISO is accountable for the information security of the environment supporting the Allianz businesses in Malaysia, including oversight of related ISMS activities, risk identification, assessment, prevention, and remediation. The ISO (Malaysia) provides advice to regional management as well as to the local Allianz Technology Malaysia Functions with respect to Information Security risk areas, included services provided by 3rd parties. In his/her function, the ISO will be instrumental in building up and integrating IS assurance capabilities and have a direct functional reporting line to the Allianz Technology Malaysia Heat of IT as well as the APAC Regional ISO.

Key Responsibilities

• Oversee the Information Security function in Malaysia and liaise with regional and central Information Security Teams.
• Oversee the implementation of and compliance with Group-wide standards, regulatory requirements and industry security standards in all Allianz Technology services and in projects.
• Lead local Information Security Steering Boards and support preparation of Information Security action plans.
• Support regional and local executive body in their regulatory Information Security-related governance requirements and their responsibility to set up sound organizational and operational structures and procedures.
• Support the implementation of Group-wide IS framework, regulatory requirements and industry security standards in all Allianz Technology services and in projects; oversee the compliance reporting process for local entities; assess and address deviations from security policies and contractual security provisions, as well as developing effective strategies to mitigate identified information security risks.
• Serve as central contact person for information security-related matters in Malaysia, including interfaces to business, partners, customers and other safeguarding functions.
• Provide information security consulting and liaison with all relevant stakeholders.
• Ensure the effective implementation of Information Security principles and procedures during the full-service life cycle of services offered by Allianz Technology, including those provided by external parties and outsourcing partners.
• Systematically assess the effectiveness of security controls in all services provided by Allianz Technology, its partners and third-party providers.
• Security Risk Management, including supporting the life cycle of security risk assessments, assessing and addressing deviations from security policies and contractual security provisions, as well as developing effective strategies to mitigate identified information security risks.
• Regularly exchange with and contribute to the regional and global Allianz Technology ISO community.
• Promote knowledge and awareness of Allianz Technology security requirements and processes.
• Contribute to defining contractual security provisions in the context of third-party management.
• Support the annual compliance reporting process for the local entity.
• Support local management in their regulatory Information Security-related governance requirements.

Key Requirements/Skills/Experience

• University degree in computer science, natural sciences etc. or equivalent professional experience.
• Long track record of experience in IT, 5 years+ experience in Information Security related fields and/and or risk management.
• Sound knowledge of IT security technology, architecture and processes and profound knowledge of information security management systems and relevant industry standards and control frameworks (in particular ISO270xx, COBIT2019); local regulatory standards
• Professional experience with supplier management (including Cloud providers), IT outsourcing and relevant control frameworks; track record in defining and monitoring contractual information security provisions.
• Proven track record in people management and/or project management in complex enterprise environments.
• Ability to cope with high workload, and being able to exercise good levels of independence, judgment and initiative.
• Proficient in English language, excellent international communication skills including the ability to prepare professional documentation for various audiences and senior management.
• Desirable certifications: CISM/ CISSP; ISO27001 Lead Implementer/Auditor

Allianz Group is one of the most trusted insurance and asset management companies in the world. Caring for our employees, their ambitions, dreams and challenges, is what makes us a unique employer. Together we can build an environment where everyone feels empowered and has the confidence to explore, to grow and to shape a better future for our customers and the world around us. We at Allianz believe in a diverse and inclusive workforce and are proud to be an equal opportunity employer. We encourage you to bring your whole self to work, no matter where you are from, what you look like, who you love or what you believe in. We therefore welcome applications regardless of ethnicity or cultural background, age, gender, nationality, religion, disability or sexual orientation. Great to have you on board. Lets care for tomorrow.

Information :

• Company : Allianz
• Position : Information Security Officer
• Location : Kuala Lumpur
• Country : MY