07 Oktober 2018 - Level 22, Menara Celcom, No. 82, Jalan Raja Muda Abdul Aziz, 50400 Kuala Lumpur
The Information Security Senior Solutions Architect is responsible for developing the wide specific Security Solution architecture and blueprint throughout Celcom. The solutions specialists will provide SME knowledge with respect to the functionality of the solutions, design principle, dependencies, limitations, etc. This role also plays a vital part in the planning and design of Celcom’s fundamental infrastructure and processes to ensure security risks related to technology adoption are addressed and managed appropriately.
- Advice the Head of Information Security Architecture and Technology in the development of Celcom’s Information Security Solution Architecture
- Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks
- Provide complete and accurate Celcom Information Infrastructure security knowledge with emphasis on the technical integration capabilities and placement of specific Celcom Information Security products and/or technology with new and existing architecture, more specific products and solutions within the core Telecom space
- Provide an advice in relation to the convergence of networks and systems from a technical, product and process perspective
- Lead and execute complex Celcom Information security projects inclusive preparation of RFI/ RFQ and RFP, evaluations, vendor engagements and utilize project management skills to achieve the goals
- Provide Cross – Consultation with regards to product and non–product centric align with Celcom Information Infrastructure Security architecture design.
- Identify information protection goals and objectives within the scope of a strategic master plan. Contribute to the overall Celcom Information security strategy and master plans.
- Assessing the adequacy and coordinating the implementation of specific Celcom Information Security controls for new Celcom Information systems and services.
- Participate in the design, development, and implementation of appropriate Celcom Information Infrastructure security monitoring/ reporting, intrusion detection, incident response, and escalation mechanisms and procedures. To ensure that the business users/areas are provided with the required security tools, information, and support required to assess the effectiveness of their proactive measures in minimizing risks against internal and external threats
- Provide the technical leadership in the development and support of security measures required to protect the Celcom Information Infrastructure and data.
- Research industry standards and state – of – art technology developments to ensure security techniques and mechanisms in use remain current and are capable of supporting evolving business requirements.
- Bachelor degree holder (IT or related technical preferred) with Information Security knowledge
- iSO 27001 Implementer / Lead Auditor
- CISA / CISM/ CISSP (would be an advantage)
- Good understanding of Information security related standards and best practices (these include ISO 27001, NIST, PDPA, PCI-DSS, Cybercrime act, CSA, IETF,TIA, ETSI etc.)
- Good understanding of Cyber laws and Law enforcement requirements
- At least 7-10 years working experience in IT Security and or related fields.
- At least 7 years of Information Security Solutions
- Excellent communication skills – written and verbal – to deal with technical and non-technical users.
- Ability to communicate information security principles, policies, rationale and standards.
- Foster very strong technical skills with particular emphasis on Enterprise IT Security which includes but not limited to security attacks and prevention, protection concepts and technologies, and security governance.
- Close monitoring and maintenance of records to enable quick response to alerts, incidents, problems, and changes.
- Good judgment demonstrated in situations where balancing conflicting demands and taking pragmatic decisions is important
- Good understanding of security assessment methods, tools and best practices (baselines, standards & etc.)
- Understanding of Telecommunication Company Infrastructure and applications (Billing platforms, online and customer-facing platforms).
- Understanding of Information Security Principles
- Understanding of Information Security Risk Management processes
- Information Security standards and best practices (these include ISO 27001, NIST, PDPA, PCI-DSS, Cybercrime act, etc.)
As Malaysia’s leading mobile telecommunications provider, we look forward to growing together with you. We believe that our people are our greatest assets and we nurture and develop great talents like yours. Join our team to begin the journey to success with us today