Senior Information Security Compliance Analyst

Kuala Lumpur

Media.Monks

We’re Monks – global content, data, media, and tech powerhouse. Our solution is simple and singular: Disrupting the industry, driven by digital.

View all jobs at Media.Monks

Position description:

This position is intended to be involved in the implementation and improvement of administrative and technical controls of the company's Information Security Management System. This person should understand the risk assessment process to detect new threats, contribute in the action plan development and promote the progress of control implementation and evolution. The position will cover compliance activities, third parties risk assessments, management of clients requirements, internal awareness and technical controls evaluation.

 

Key accountabilities:

  • Contribute with the implementation of the global ISMS (based on ISO27001) over the region.
  • Evaluate the compliance status of processes and technology implementations and plan actions to align to the security framework. 
  • Identify risk related to information security in the technical environment, the relationships with third parties or any component of the company's context.
  • Understand about technical and administrative controls in the different areas: networking, operations, access management, SSDLC, cloud security, end-point protection, physical security, third party risk assessment, organization security and legal compliance.
  • Act as a point of contact for third parties questions regarding information security.
  • Analyze clients requirements regarding information security and evaluate their accuracy. Follow up the actions needed to comply with those requirements.
  • Identify security threats and risks over processes, conducts, technology and context which may affect the information confidentiality, integrity or availability.. 
  • Assist in the definition and construction of security measures to lower the risks identified.
  • Solve low complex issues independently with minimum supervision and escalate more complex issues to accurate staff.
  • Contribute in the development of awareness material and the process of delivery and measurement.
  • Perform routine activities to ensure compliance with security frameworks and legislation.
  • Investigate on technologies that could improve the security baseline and the compliance (e.g. DLP, end-point protection, network security, security and vulnerabilities assessment).

 

Minimum Qualifications:

  • Bachelor's degree in Computer Science, Computer or Systems Engineering or equivalent.
  • Minimum of 5 years of experience in related positions.
  • Solid knowledge of security on networking, cloud, infrastructure configuration, end-point protection and SDLC.
  • Knowledge of the standards ISO 27001/2, SOC2, NIST-800.

 

Qualities:

  • Good communication and social skills.
  • Ability to confidently present findings to those with either a technical or non-technical background.
  • Self-directed, resourceful, and a critical thinker with attention-to-detail and proactive problem-solving skills.
  • Ability to self-organize and plan activities with commitment towards results.
  • Ready to learn new contents both from others or self-learned.
  • Looking forward to self-improvement and suggesting improvements to processes or activities.

 

Preferred Qualifications:

  • +2 year of experience in Security Risk Management, Information Security, Security controls or Security/IT Audit
  • Information Security Certification (e.g. CISSP, Comptia Sec, CISM, CRISC, etc)

#LI-CX1

About Media.Monks:

Media.Monks is the purely digital operating brand of S4Capital plc that connects 8,600+ digital natives across one global team. We are united by a mission to shift industries forward and pave the path towards ambitious outcomes so our clients and our people can realize their full potential for growth. Our unified model combines solutions in media, data, social, platforms, studio, experience, brand and technology services to help our clients continuously reinvent themselves throughout increasingly rapid cycles of disruption. Our efforts to shape culture, build innovative technologies and unlock the future of growth have earned recognition from numerous esteemed panels: we maintain a constant presence on Adweek’s Fastest Growing lists (2019-22), regular recognition at Cannes Lions, inclusion in AdExchanger’s Programmatic Power Players (2020-23), the title of Webby Production Company of the Year (2021-23), a record number of FWAs, and have earned a spot on Newsweek’s Top 100 Global Most Loved Workplaces 2023. Together, these achievements solidify our experience in digital innovation, excellence in craft, and commitment to personal growth.

While we continue to grow our teams, please be mindful of fraudulent job postings and recruiting activities that may use our company name and information. Please be mindful to protect your personal information, especially your national identification number, and bank account information during a recruiting process. While Media.Monks may reach out to potential candidates via LinkedIn, we will always ask applicants to apply through our website (https://media.monks.com/careers) and will never ask for payment or bank account information during the recruitment process.

Disclaimer: 
  • Responsible for resourcing and implementing security controls for your teams processes and systems
  • Responsible that all your personnel apply information security in accordance with the established information security policy

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  5  0  0

Tags: Audits CISM CISSP Cloud Compliance CompTIA Computer Science CRISC ISMS ISO 27001 Network security NIST Risk assessment Risk management SDLC SOC 2 Vulnerabilities

Perks/benefits: Career development

Region: Asia/Pacific
Country: Malaysia

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.